diff options
Diffstat (limited to 'lib/Kiki.hs')
-rw-r--r-- | lib/Kiki.hs | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/Kiki.hs b/lib/Kiki.hs index f4c4a2b..222c1bb 100644 --- a/lib/Kiki.hs +++ b/lib/Kiki.hs | |||
@@ -214,6 +214,7 @@ importAndRefresh root cmn cipher = do | |||
214 | let homespec = mplus (slash <$> rootdir <*> cap_homespec cmn) | 214 | let homespec = mplus (slash <$> rootdir <*> cap_homespec cmn) |
215 | (fmap (++"/root/.gnupg") rootdir) | 215 | (fmap (++"/root/.gnupg") rootdir) |
216 | passfd = cap_passfd cmn | 216 | passfd = cap_passfd cmn |
217 | pgpver = preferredPGPVersion $ minimalOp False cmn | ||
217 | (home,secring,pubring,mbwk) <- unconditionally $ getHomeDir homespec | 218 | (home,secring,pubring,mbwk) <- unconditionally $ getHomeDir homespec |
218 | osHomeDir <- if bUnprivileged then getHomeDirectory else return "/root" | 219 | osHomeDir <- if bUnprivileged then getHomeDirectory else return "/root" |
219 | 220 | ||
@@ -224,13 +225,14 @@ importAndRefresh root cmn cipher = do | |||
224 | -- Since 'runKeyRing' cannot currently cope with this situation, we will | 225 | -- Since 'runKeyRing' cannot currently cope with this situation, we will |
225 | -- generate a master-key and very minimal secring.gpg file. | 226 | -- generate a master-key and very minimal secring.gpg file. |
226 | master_un <- generateKey (GenRSA $ 4096 `div` 8 ) | 227 | master_un <- generateKey (GenRSA $ 4096 `div` 8 ) |
227 | <&> \k -> MappedPacket (k { is_subkey = False }) -- Set as master-key. | 228 | <&> \k -> MappedPacket (k { is_subkey = False -- Set as master-key. |
229 | , version = pgpver }) -- Set pgp packet version. | ||
228 | Map.empty -- Packet occurs in no files. | 230 | Map.empty -- Packet occurs in no files. |
229 | -- The user may desire the master key is encrypted on disk but this | 231 | -- The user may desire the master key is encrypted on disk but this |
230 | -- requires a password prompt. In order to have a decent prompt, it'd | 232 | -- requires a password prompt. In order to have a decent prompt, it'd |
231 | -- be nice if we could display the .onion hostname for the key. | 233 | -- be nice if we could display the .onion hostname for the key. |
232 | -- Therefore, we generate the tor key early. | 234 | -- Therefore, we generate the tor key early. |
233 | tor_un <- generateKey (GenRSA $ 1024 `div` 8 ) | 235 | tor_un <- fmap (\k -> k { version = pgpver }) $ generateKey (GenRSA $ 1024 `div` 8 ) |
234 | -- However, we'll postpone writing the tor key to the keyring and | 236 | -- However, we'll postpone writing the tor key to the keyring and |
235 | -- instead have the later all-in-one call to runKeyRing take care of | 237 | -- instead have the later all-in-one call to runKeyRing take care of |
236 | -- it. That interface does not currently provide a way to accept | 238 | -- it. That interface does not currently provide a way to accept |
@@ -270,7 +272,7 @@ importAndRefresh root cmn cipher = do | |||
270 | writeInputFileL ctx | 272 | writeInputFileL ctx |
271 | HomeSec | 273 | HomeSec |
272 | $ encode $ Message [master] | 274 | $ encode $ Message [master] |
273 | putStrLn "Wrote master key" | 275 | putStrLn $ "Wrote master key." |
274 | return (FileDesc read_tor, [PassphraseMemoizer transcoder]) | 276 | return (FileDesc read_tor, [PassphraseMemoizer transcoder]) |
275 | er -> do | 277 | er -> do |
276 | hPutStrLn stderr ("warning: " ++ errorString er) | 278 | hPutStrLn stderr ("warning: " ++ errorString er) |
@@ -279,7 +281,7 @@ importAndRefresh root cmn cipher = do | |||
279 | writeInputFileL ctx | 281 | writeInputFileL ctx |
280 | HomeSec | 282 | HomeSec |
281 | $ encode $ Message [packet master_un] | 283 | $ encode $ Message [packet master_un] |
282 | putStrLn "Wrote master key" | 284 | putStrLn $ "Wrote unencrypted master key." |
283 | return (FileDesc read_tor, []) | 285 | return (FileDesc read_tor, []) |
284 | 286 | ||
285 | -- If the public ring does not exist, then creating an empty file is | 287 | -- If the public ring does not exist, then creating an empty file is |