('conf-file', '${base-dir}tripe-keys.conf'),
('upload-hook', ': run upload hook'),
('kx', 'dh'),
+ ('kx-genalg', lambda: {'dh': 'dh',
+ 'ec': 'ec'}[conf['kx']]),
+ ('kx-param-genalg', lambda: {'dh': 'dh-param',
+ 'ec': 'ec-param'}[conf['kx']]),
('kx-param', lambda: {'dh': '-LS -b3072 -B256',
'ec': '-Cnist-p256'}[conf['kx']]),
('kx-expire', 'now + 1 year'),
def cmd_setup(args):
OS.mkdir('repos')
run('''key -krepos/param add
- -a${kx}-param !${kx-param}
+ -a${kx-param-genalg} !${kx-param}
-eforever -tparam tripe-param
kx-group=${kx} cipher=${cipher} hash=${hash} mac=${mac} mgf=${mgf}''')
cmd_newmaster(args)
keyring_pub = 'peer-%s.pub' % tag
zap('keyring'); zap(keyring_pub)
run('key -kkeyring merge repos/param')
- run('key -kkeyring add -a${kx} -pparam -e${kx-expire} -t%s tripe' %
+ run('key -kkeyring add -a${kx-genalg} -pparam -e${kx-expire} -t%s tripe' %
tag)
run('key -kkeyring extract -f-secret %s %s' % (keyring_pub, tag))