1 files changed, 14 insertions, 4 deletions

diff --git a/guix/scripts/archive.scm b/guix/scripts/archive.scm
index 0ab7686585..c900fcecb9 100644
--- a/guix/scripts/archive.scm
+++ b/guix/scripts/archive.scm
@@ -87,6 +87,13 @@ Export/import one or more packages from/to the store.\n"))
   (newline)
   (show-bug-report-information))
 
+(define %key-generation-parameters
+  ;; Default key generation parameters.  We prefer Ed25519, but it was
+  ;; introduced in libgcrypt 1.6.0.
+  (if (version>? (gcrypt-version) "1.6.0")
+      "(genkey (ecdsa (curve Ed25519) (flags rfc6979)))"
+      "(genkey (rsa (nbits 4:4096)))"))
+
 (define %options
   ;; Specifications of the command-line options.
   (cons* (option '(#\h "help") #f #f
@@ -110,13 +117,16 @@ Export/import one or more packages from/to the store.\n"))
                  (lambda (opt name arg result)
                    (catch 'gcry-error
                      (lambda ()
+                       ;; XXX: Curve25519 was actually introduced in
+                       ;; libgcrypt 1.6.0.
                        (let ((params
                               (string->canonical-sexp
-                               (or arg "(genkey (rsa (nbits 4:4096)))"))))
+                               (or arg %key-generation-parameters))))
                          (alist-cons 'generate-key params result)))
-                     (lambda args
-                       (leave (_ "invalid key generation parameters: ~s~%")
-                              arg)))))
+                     (lambda (key err)
+                       (leave (_ "invalid key generation parameters: ~a: ~a~%")
+                              (error-source err)
+                              (error-string err))))))
          (option '("authorize") #f #f
                  (lambda (opt name arg result)
                    (alist-cons 'authorize #t result)))