mirror of git://git.gnupg.org/gnupg.git
tests: Test and document other ways to create keys.
* doc/gpg.texi: Clarify usage and expiration arguments for key generation. * tests/openpgp/quick-key-manipulation.scm: Test all variants. Signed-off-by: Justus Winter <justus@g10code.com>
This commit is contained in:
Justus Winter
parent
127e1e532d
commit
90d383f1eb
30
doc/gpg.texi
30
doc/gpg.texi
|
|
@ -644,10 +644,13 @@ For a description of these optional arguments see the command
|
|||
the default is to a create certification and signing key.
|
||||
|
||||
The @code{expire} argument can be used to specify an expiration date
|
||||
for the key. Several formats are supported; commonly the ISO
|
||||
YYYY-MM-DD format is used. The values ``never'', ``none'' can be used
|
||||
for no expiration date. Not specifying a value, or using ``-''
|
||||
results in a key expiring in a reasonable default interval.
|
||||
for the key. Several formats are supported; commonly the ISO formats
|
||||
``YYYY-MM-DD'' or ``YYYYMMDDThhmmss'' are used. To make the key
|
||||
expire in N seconds, N days, N weeks, N months, or N years use
|
||||
``seconds=N'', ``Nd'', ``Nw'', ``Nm'', or ``Ny'' respectively. Not
|
||||
specifying a value, or using ``-'' results in a key expiring in a
|
||||
reasonable default interval. The values ``never'', ``none'' can be
|
||||
used for no expiration date.
|
||||
|
||||
If this command is used with @option{--batch},
|
||||
@option{--pinentry-mode} has been set to @code{loopback}, and one of
|
||||
|
|
@ -684,15 +687,20 @@ Depending on the given @code{algo} the subkey may either be an
|
|||
encryption subkey or a signing subkey. If an algorithm is capable of
|
||||
signing and encryption and such a subkey is desired, a @code{usage}
|
||||
string must be given. This string is either ``default'' or ``-'' to
|
||||
keep the default or a comma delimited list of keywords: ``sign'' for a
|
||||
signing subkey, ``auth'' for an authentication subkey, and ``encr''
|
||||
for an encryption subkey (``encrypt'' can be used as alias for
|
||||
``encr''). The valid combinations depend on the algorithm.
|
||||
keep the default or a comma delimited list (or space delimited list)
|
||||
of keywords: ``sign'' for a signing subkey, ``auth'' for an
|
||||
authentication subkey, and ``encr'' for an encryption subkey
|
||||
(``encrypt'' can be used as alias for ``encr''). The valid
|
||||
combinations depend on the algorithm.
|
||||
|
||||
The @code{expire} argument can be used to specify an expiration date
|
||||
for the subkey. Several formats are supported; commonly the ISO
|
||||
YYYY-MM-DD format is used. The values ``never'', ``none'', or ``-''
|
||||
can be used for no expiration date.
|
||||
for the key. Several formats are supported; commonly the ISO formats
|
||||
``YYYY-MM-DD'' or ``YYYYMMDDThhmmss'' are used. To make the key
|
||||
expire in N seconds, N days, N weeks, N months, or N years use
|
||||
``seconds=N'', ``Nd'', ``Nw'', ``Nm'', or ``Ny'' respectively. Not
|
||||
specifying a value, or using ``-'' results in a key expiring in a
|
||||
reasonable default interval. The values ``never'', ``none'' can be
|
||||
used for no expiration date.
|
||||
|
||||
@item --generate-key
|
||||
@opindex generate-key
|
||||
|
|
|
|||
|
|
@ -121,6 +121,10 @@
|
|||
'(()
|
||||
(- - -)
|
||||
(default default never)
|
||||
(rsa "sign auth encr" "seconds=600") ;; GPGME uses this
|
||||
(rsa "auth,encr" "2") ;; "without a letter, days is assumed"
|
||||
(rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105"
|
||||
(rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105"
|
||||
(rsa sign "2d")
|
||||
(rsa1024 sign "2w")
|
||||
(rsa2048 encr "2m")
|
||||
|
|
@ -133,6 +137,35 @@
|
|||
#f
|
||||
(lambda (subkey)
|
||||
(assert (equal? "" (:expire subkey))))
|
||||
(lambda (subkey)
|
||||
(assert (= 1 (:alg subkey)))
|
||||
(assert (string-contains? (:cap subkey) "s"))
|
||||
(assert (string-contains? (:cap subkey) "a"))
|
||||
(assert (string-contains? (:cap subkey) "e"))
|
||||
(assert (time-matches? (+ (get-time) 600)
|
||||
(string->number (:expire subkey))
|
||||
(minutes->seconds 5))))
|
||||
(lambda (subkey)
|
||||
(assert (= 1 (:alg subkey)))
|
||||
(assert (string-contains? (:cap subkey) "a"))
|
||||
(assert (string-contains? (:cap subkey) "e"))
|
||||
(assert (time-matches? (+ (get-time) (days->seconds 2))
|
||||
(string->number (:expire subkey))
|
||||
(minutes->seconds 5))))
|
||||
(lambda (subkey)
|
||||
(assert (= 1 (:alg subkey)))
|
||||
(assert (string-contains? (:cap subkey) "s"))
|
||||
(assert (time-matches? 4260207600 ;; 2105-01-01
|
||||
(string->number (:expire subkey))
|
||||
;; This is off by 12h, but I guess it just
|
||||
;; choses the middle of the day.
|
||||
(days->seconds 1))))
|
||||
(lambda (subkey)
|
||||
(assert (= 1 (:alg subkey)))
|
||||
(assert (string-contains? (:cap subkey) "s"))
|
||||
(assert (time-matches? 4260254100 ;; UTC 2105-01-01 11:55:00
|
||||
(string->number (:expire subkey))
|
||||
(minutes->seconds 5))))
|
||||
(lambda (subkey)
|
||||
(assert (= 1 (:alg subkey)))
|
||||
(assert (string-contains? (:cap subkey) "s"))
|
||||
|
|
|
|||
Loading…
Reference in New Issue