summaryrefslogtreecommitdiff
path: root/lib/Kiki.hs
diff options
context:
space:
mode:
Diffstat (limited to 'lib/Kiki.hs')
-rw-r--r--lib/Kiki.hs10
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/Kiki.hs b/lib/Kiki.hs
index f4c4a2b..222c1bb 100644
--- a/lib/Kiki.hs
+++ b/lib/Kiki.hs
@@ -214,6 +214,7 @@ importAndRefresh root cmn cipher = do
214 let homespec = mplus (slash <$> rootdir <*> cap_homespec cmn) 214 let homespec = mplus (slash <$> rootdir <*> cap_homespec cmn)
215 (fmap (++"/root/.gnupg") rootdir) 215 (fmap (++"/root/.gnupg") rootdir)
216 passfd = cap_passfd cmn 216 passfd = cap_passfd cmn
217 pgpver = preferredPGPVersion $ minimalOp False cmn
217 (home,secring,pubring,mbwk) <- unconditionally $ getHomeDir homespec 218 (home,secring,pubring,mbwk) <- unconditionally $ getHomeDir homespec
218 osHomeDir <- if bUnprivileged then getHomeDirectory else return "/root" 219 osHomeDir <- if bUnprivileged then getHomeDirectory else return "/root"
219 220
@@ -224,13 +225,14 @@ importAndRefresh root cmn cipher = do
224 -- Since 'runKeyRing' cannot currently cope with this situation, we will 225 -- Since 'runKeyRing' cannot currently cope with this situation, we will
225 -- generate a master-key and very minimal secring.gpg file. 226 -- generate a master-key and very minimal secring.gpg file.
226 master_un <- generateKey (GenRSA $ 4096 `div` 8 ) 227 master_un <- generateKey (GenRSA $ 4096 `div` 8 )
227 <&> \k -> MappedPacket (k { is_subkey = False }) -- Set as master-key. 228 <&> \k -> MappedPacket (k { is_subkey = False -- Set as master-key.
229 , version = pgpver }) -- Set pgp packet version.
228 Map.empty -- Packet occurs in no files. 230 Map.empty -- Packet occurs in no files.
229 -- The user may desire the master key is encrypted on disk but this 231 -- The user may desire the master key is encrypted on disk but this
230 -- requires a password prompt. In order to have a decent prompt, it'd 232 -- requires a password prompt. In order to have a decent prompt, it'd
231 -- be nice if we could display the .onion hostname for the key. 233 -- be nice if we could display the .onion hostname for the key.
232 -- Therefore, we generate the tor key early. 234 -- Therefore, we generate the tor key early.
233 tor_un <- generateKey (GenRSA $ 1024 `div` 8 ) 235 tor_un <- fmap (\k -> k { version = pgpver }) $ generateKey (GenRSA $ 1024 `div` 8 )
234 -- However, we'll postpone writing the tor key to the keyring and 236 -- However, we'll postpone writing the tor key to the keyring and
235 -- instead have the later all-in-one call to runKeyRing take care of 237 -- instead have the later all-in-one call to runKeyRing take care of
236 -- it. That interface does not currently provide a way to accept 238 -- it. That interface does not currently provide a way to accept
@@ -270,7 +272,7 @@ importAndRefresh root cmn cipher = do
270 writeInputFileL ctx 272 writeInputFileL ctx
271 HomeSec 273 HomeSec
272 $ encode $ Message [master] 274 $ encode $ Message [master]
273 putStrLn "Wrote master key" 275 putStrLn $ "Wrote master key."
274 return (FileDesc read_tor, [PassphraseMemoizer transcoder]) 276 return (FileDesc read_tor, [PassphraseMemoizer transcoder])
275 er -> do 277 er -> do
276 hPutStrLn stderr ("warning: " ++ errorString er) 278 hPutStrLn stderr ("warning: " ++ errorString er)
@@ -279,7 +281,7 @@ importAndRefresh root cmn cipher = do
279 writeInputFileL ctx 281 writeInputFileL ctx
280 HomeSec 282 HomeSec
281 $ encode $ Message [packet master_un] 283 $ encode $ Message [packet master_un]
282 putStrLn "Wrote master key" 284 putStrLn $ "Wrote unencrypted master key."
283 return (FileDesc read_tor, []) 285 return (FileDesc read_tor, [])
284 286
285 -- If the public ring does not exist, then creating an empty file is 287 -- If the public ring does not exist, then creating an empty file is
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-06 09:47:40 +0000