X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/786989941b7b4504f0234c4a318f929802e981ad..fc916a0942e6ef8f63aefb96119d0e4fd7c7efbb:/keys/tripe-keys.in

diff --git a/keys/tripe-keys.in b/keys/tripe-keys.in
index 6da6eb4a..531e7492 100644
--- a/keys/tripe-keys.in
+++ b/keys/tripe-keys.in
@@ -129,12 +129,14 @@ def conf_defaults():
                ('sig-file', '${base-dir}${sig-base}'),
                ('repos-file', '${base-dir}${repos-base}'),
                ('conf-file', '${base-dir}tripe-keys.conf'),
+               ('upload-hook', ': run upload hook'),
                ('kx', 'dh'),
                ('kx-param', lambda: {'dh': '-LS -b2048 -B256',
                                      'ec': '-Cnist-p256'}[conf['kx']]),
                ('kx-expire', 'now + 1 year'),
                ('cipher', 'blowfish-cbc'),
                ('hash', 'sha256'),
+               ('master-keygen-flags', '-l'),
                ('mgf', '${hash}-mgf'),
                ('mac', lambda: '%s-hmac/%d' %
                          (conf['hash'],
@@ -182,9 +184,9 @@ Key management utility for TrIPE.
 
 Options supported:
 
--h, --help		Show this help message.
--v, --version		Show the version number.
--u, --usage		Show pointlessly short usage string.
+-h, --help              Show this help message.
+-v, --version           Show the version number.
+-u, --usage             Show pointlessly short usage string.
 
 Subcommands available:
 """
@@ -197,7 +199,7 @@ Subcommands available:
 def master_keys():
   if not OS.path.exists('master'):
     return
-  for k in C.KeyFile('master'):
+  for k in C.KeyFile('master').itervalues():
     if (k.type != 'tripe-keys-master' or
         k.expiredp or
         not k.tag.startswith('master-')):
@@ -218,7 +220,7 @@ def cmd_newmaster(args):
   seq = max_master_sequence() + 1
   run('''key -kmaster add
     -a${sig-genalg} !${sig-param}
-    -e${sig-expire} -l -tmaster-%d tripe-keys-master
+    -e${sig-expire} !${master-keygen-flags} -tmaster-%d tripe-keys-master
     sig=${sig} hash=${sig-hash}''' % seq)
   run('key -kmaster extract -f-secret repos/master.pub')
 
@@ -279,7 +281,8 @@ def cmd_upload(args):
       OS.rename(new, base)
   finally:
     OS.chdir(cwd)
-    rmtree('tmp')    
+    rmtree('tmp')
+  run('sh -c ${upload-hook}')
 
 def cmd_update(args):
   cwd = OS.getcwd()
@@ -343,7 +346,7 @@ def cmd_clean(args):
 ### Main driver
 
 class UsageError (Exception): pass
-  
+
 commands = {'help': (cmd_help, 0, 1, ''),
             'newmaster': (cmd_newmaster, 0, 0, ''),
             'setup': (cmd_setup, 0, 0, ''),