From 1fda6840a892e55b579dfeb8f4590b5cd2874662 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Thu, 20 Mar 2014 22:33:52 +0100 Subject: pk-crypto: Don't use Ed25519 when libgcrypt is older than 1.6.0. * guix/pk-crypto.scm (gcrypt-version): New procedure. * guix/scripts/archive.scm (%key-generation-parameters): New variable. (%options) : Use it. * tests/pk-crypto.scm ("sign + verify, Ed25519"): Skip if using gcrypt < 1.6.0. --- guix/scripts/archive.scm | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'guix/scripts') diff --git a/guix/scripts/archive.scm b/guix/scripts/archive.scm index 0e67321026..c900fcecb9 100644 --- a/guix/scripts/archive.scm +++ b/guix/scripts/archive.scm @@ -87,6 +87,13 @@ (define (show-help) (newline) (show-bug-report-information)) +(define %key-generation-parameters + ;; Default key generation parameters. We prefer Ed25519, but it was + ;; introduced in libgcrypt 1.6.0. + (if (version>? (gcrypt-version) "1.6.0") + "(genkey (ecdsa (curve Ed25519) (flags rfc6979)))" + "(genkey (rsa (nbits 4:4096)))")) + (define %options ;; Specifications of the command-line options. (cons* (option '(#\h "help") #f #f @@ -114,8 +121,7 @@ (define %options ;; libgcrypt 1.6.0. (let ((params (string->canonical-sexp - (or arg "\ - (genkey (ecdsa (curve Ed25519) (flags rfc6979)))")))) + (or arg %key-generation-parameters)))) (alist-cons 'generate-key params result))) (lambda (key err) (leave (_ "invalid key generation parameters: ~a: ~a~%") -- cgit v1.2.3