security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-20 14:37:08 +01:00
Code Activity

g10: Create keys that expire in simple key generation mode.

Browse Source 
* g10/keygen.c (default_expiration_interval): New variable.
(generate_keypair): Use the new default.
--
Cursory discussion on gnupg-devel@ suggested two years as a good
default expiration interval.

GnuPG-bug-id: 2701
Signed-off-by: Justus Winter <justus@g10code.com>
This commit is contained in:
Justus Winter 2016-12-09 14:33:50 +01:00
parent b778d8deed
commit d568a15616
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
g10/keygen.c
View File

@ -53,6 +53,10 @@
#define DEFAULT_STD_KEY_PARAM "rsa2048/cert,sign+rsa2048/encr" #define DEFAULT_STD_KEY_PARAM "rsa2048/cert,sign+rsa2048/encr"
#define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr" #define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr"
/* When generating keys using the streamlined key generation dialog,
use this as a default expiration interval. */
const char *default_expiration_interval = "2y";
/* Flag bits used during key generation. */ /* Flag bits used during key generation. */
#define KEYGEN_FLAG_NO_PROTECTION 1 #define KEYGEN_FLAG_NO_PROTECTION 1
#define KEYGEN_FLAG_TRANSIENT_KEY 2 #define KEYGEN_FLAG_TRANSIENT_KEY 2
@ -4306,7 +4310,8 @@ generate_keypair (ctrl_t ctrl, int full, const char *fname,
} }
expire = full? ask_expire_interval (0, NULL) : 0; expire = full? ask_expire_interval (0, NULL)
: parse_expire_string (default_expiration_interval);
r = xcalloc (1, sizeof *r + 20); r = xcalloc (1, sizeof *r + 20);
r->key = pKEYEXPIRE; r->key = pKEYEXPIRE;
r->u.expire = expire; r->u.expire = expire;