@@@ proto wip

[tripe] / keys / tripe-keys.in

diff --git a/keys/tripe-keys.in b/keys/tripe-keys.in
index 62b62b6ec7aaa7b8e7691bf9302e0c01f3e0dbb6..d95a31d26f4101e5254bf9731a9d8fab2a33ee24 100644 (file)
--- a/keys/tripe-keys.in
+++ b/keys/tripe-keys.in
@@ -239,12 +239,21 @@ def conf_defaults():
                ('upload-hook', ': run upload hook'),
                ('kx', 'dh'),
                ('kx-genalg', lambda: {'dh': 'dh',
-                                      'ec': 'ec'}[conf['kx']]),
+                                      'ec': 'ec',
+                                      'x25519': 'x25519',
+                                      'x448': 'x448'}[conf['kx']]),
                ('kx-param-genalg', lambda: {'dh': 'dh-param',
-                                            'ec': 'ec-param'}[conf['kx']]),
+                                            'ec': 'ec-param',
+                                            'x25519': 'empty',
+                                            'x448': 'empty'}[conf['kx']]),
                ('kx-param', lambda: {'dh': '-LS -b3072 -B256',
-                                     'ec': '-Cnist-p256'}[conf['kx']]),
-               ('kx-attrs', 'serialization=constlen'),
+                                     'ec': '-Cnist-p256',
+                                     'x25519': '',
+                                     'x448': ''}[conf['kx']]),
+               ('kx-attrs', lambda: {'dh': 'serialization=constlen',
+                                     'ec': 'serialization=constlen',
+                                     'x25519': '',
+                                     'x448': ''}[conf['kx']]),
                ('kx-expire', 'now + 1 year'),
                ('kx-warn-days', '28'),
                ('bulk', 'iiv'),
@@ -259,7 +268,10 @@ def conf_defaults():
                                  or '%s-hmac/%d' %
                                       (conf['hash'],
                                        C.gchashes[conf['hash']].hashsz * 4)),
-               ('sig', lambda: {'dh': 'dsa', 'ec': 'ecdsa'}[conf['kx']]),
+               ('sig', lambda: {'dh': 'dsa',
+                                'ec': 'ecdsa',
+                                'x25519': 'ed25519',
+                                'x448': 'ed448'}[conf['kx']]),
                ('sig-fresh', 'always'),
                ('sig-genalg', lambda: {'kcdsa': 'dh',
                                        'dsa': 'dsa',
@@ -471,8 +483,8 @@ def cmd_update(args):
     OS.mkdir('tmp')
     OS.chdir('tmp')
     seq = int(conf['master-sequence'])
-    run('curl -s -o tripe-keys.tar.gz ${repos-url}')
-    run('curl -s -o tripe-keys.sig %s' % seqsubst('sig-url', seq))
+    run('curl -sL -o tripe-keys.tar.gz ${repos-url}')
+    run('curl -sL -o tripe-keys.sig %s' % seqsubst('sig-url', seq))
     run('tar xfz tripe-keys.tar.gz')
 
     ## Verify the signature