Package: python3-gnupg Version: 0.4.6-1 Severity: wishlist Tags: patch upstream
For testing or other purposes, it is useful to create keys without passphrase protection, esp. in batch mode. gnupg does support this using the %no-protection control statement. https://www.gnupg.org/documentation//manuals/gnupg/Unattended-GPG-key-generation.html The attached patch adds a boolean parameter "no_protection" to gen_key_input(). If set to True, %no-protection is used. export_keys() can then export secret keys without protection, using secret=True and expect_passphrase=False.
Description: Adds support for %no-protection to generate unprotected secret keys Author: Martin <[email protected]> Origin: vendor Last-Update: 2020-09-29 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ --- a/gnupg.py +++ b/gnupg.py @@ -1462,6 +1462,7 @@ Generate --gen-key input per gpg doc/DETAILS """ parms = {} + no_protection = kwargs.pop("no_protection", False) for key, val in list(kwargs.items()): key = key.replace('_','-').title() if str(val).strip(): # skip empty strings @@ -1478,6 +1479,8 @@ out = "Key-Type: %s\n" % parms.pop('Key-Type') for key, val in list(parms.items()): out += "%s: %s\n" % (key, val) + if no_protection: + out += "%no-protection\n" out += "%commit\n" return out
