Cv25519 (tox-id) key support.

author: Joe Crayne <joe@jerkface.net> 2019-11-15 18:38:32 -0500
committer: Joe Crayne <joe@jerkface.net> 2019-11-15 18:38:32 -0500
commit: 2ee8f6b4aa5b773f8f2d9756965e7c9246b72292 (patch)
tree: 3b19eb782f91f8445839f364aee07b4e717ff26f /lib
parent: 1d0e9091bc132237d46ff130a29c7c71d9a3f284 (diff)
1 files changed, 16 insertions, 9 deletions
diff --git a/lib/Kiki.hs b/lib/Kiki.hs
index 258892f..e36e41a 100644
--- a/lib/Kiki.hs
+++ b/lib/Kiki.hs
@@ -279,13 +279,7 @@ importAndRefresh root cmn cipher = do
    let sshcpath = fromMaybe "" rootdir ++ osHomeDir ++ ".ssh/id_rsa"
        sshspath = fromMaybe "" rootdir ++ "/etc/ssh/ssh_host_rsa_key"
-        op =
+        mktorkey = ( torgen , case torgen of
-          KeyRingOperation
-          { opFiles =
-              Map.fromList $
-                [ ( HomeSec, buildStreamInfo KF_All KeyRingFile )
-                , ( HomePub, (buildStreamInfo KF_All KeyRingFile) { access = Pub } )
-                , ( torgen , case torgen of
                                FileDesc _ -> StreamInfo { typ = PEMFile
                                                         , fill = KF_Match "tor"
                                                         , spill = KF_Match "tor"
@@ -293,11 +287,19 @@ importAndRefresh root cmn cipher = do
                                                         , initializer = NoCreate
                                                         , transforms = [] }
                                _          -> strm { spill = KF_Match "tor" })
+        op =
+          KeyRingOperation
+          { opFiles =
+              Map.fromList $
+                [ ( HomeSec, buildStreamInfo KF_All KeyRingFile )
+                , ( HomePub, (buildStreamInfo KF_All KeyRingFile) { access = Pub } )
+                , mktorkey
                , ( Generate 1 (GenRSA (2048 `div` 8)), strm { spill = KF_Match "ipsec" })
                , ( ArgFile sshcpath, (peminfo 2048 "ssh-client") )
                , ( ArgFile sshspath, (peminfo 2048 "ssh-server") )
                , ( Generate 2 (GenRSA (4096 `div` 8)), strm { spill = KF_Match "encrypt" })
-                , ( Generate 3 (GenRSA (4096 `div` 8)), strm { spill = KF_Match "sign" })
+                , ( Generate 3 GenEd25519, strm { spill = KF_Match "sign" })
+                , ( Generate 4 GenCv25519, strm { spill = KF_Match "tox-id" })
                ]
          , opPassphrases = withAgent $ pwds ++ do pfd <- maybeToList passfd
                                                   return $ PassphraseSpec Nothing Nothing pfd
@@ -310,11 +312,16 @@ importAndRefresh root cmn cipher = do
                                   -- so we'll sync the keyrings at least.
                [ ( HomeSec, buildStreamInfo KF_All KeyRingFile )
                , ( HomePub, (buildStreamInfo KF_All KeyRingFile) { access = Pub } )
+                , mktorkey -- We'll also add the torkey and UID since
+                           -- otherwise this will be a strange keyring.
                ]
          , opPassphrases = withAgent $ do pfd <- maybeToList passfd
                                           return $ PassphraseSpec Nothing Nothing pfd
-          , opHome=homespec, opTransforms = []
+          , opHome=homespec
+          , opTransforms = []
          }
+    when (not bUnprivileged) $ do
+        hPutStrLn stderr "Insufficient privilege generating system service keys."
    -- Run the all-in-one operation that generates or imports all subkeys.
    KikiResult rt report <- runKeyRing (if bUnprivileged then nop else op)
    outputReport report
author	Joe Crayne <joe@jerkface.net>	2019-11-15 18:38:32 -0500
committer	Joe Crayne <joe@jerkface.net>	2019-11-15 18:38:32 -0500
commit	2ee8f6b4aa5b773f8f2d9756965e7c9246b72292 (patch)
tree	3b19eb782f91f8445839f364aee07b4e717ff26f /lib
parent	1d0e9091bc132237d46ff130a29c7c71d9a3f284 (diff)