Use curve 25519 for gpg keys

2017-06-14 16:03:19 +01:00 · 2017-06-14 16:03:19 +01:00 · 4d8592f7ab
parent 402b459eed
commit 4d8592f7ab
3 changed files with 4 additions and 11 deletions
--- a/src/freedombone-adduser
+++ b/src/freedombone-adduser
@ -136,10 +136,8 @@ chmod 700 /home/$ADD_USERNAME/.gnupg
 chmod 600 /home/$ADD_USERNAME/.gnupg/*

 # Generate a GPG key
-echo 'Key-Type: 1' > /home/$ADD_USERNAME/gpg-genkey.conf
-echo 'Key-Length: 4096' >> /home/$ADD_USERNAME/gpg-genkey.conf
+echo 'Key-Type: 9' > /home/$ADD_USERNAME/gpg-genkey.conf
 echo 'Subkey-Type: 1' >> /home/$ADD_USERNAME/gpg-genkey.conf
-echo 'Subkey-Length: 4096' >> /home/$ADD_USERNAME/gpg-genkey.conf
 echo "Name-Real:  $ADD_USERNAME" >> /home/$ADD_USERNAME/gpg-genkey.conf
 echo "Name-Email: $ADD_USERNAME@$HOSTNAME" >> /home/$ADD_USERNAME/gpg-genkey.conf
 echo 'Expire-Date: 0' >> /home/$ADD_USERNAME/gpg-genkey.conf
--- a/src/freedombone-base-email
+++ b/src/freedombone-base-email
@ -1506,10 +1506,9 @@ function create_gpg_subkey {

    # Generate a GPG subkey
    # Here a 2048bit length is used to be compatible with yubikey
-    echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf
+    echo 'Key-Type: 9' > /home/$MY_USERNAME/gpg-genkey.conf
    echo "Key-Grip: $KEYGRIP" > /home/$MY_USERNAME/gpg-genkey.conf
    echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf
-    echo 'Subkey-Length: 2048' >> /home/$MY_USERNAME/gpg-genkey.conf
    echo "subkey-Usage: $GPG_KEY_USAGE" > /home/$MY_USERNAME/gpg-genkey.conf
    echo "Name-Real:  $MY_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf
    echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf
@ -1624,10 +1623,8 @@ function configure_gpg {
        fi
    else
        # Generate a GPG key
-        echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf
-        echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
+        echo 'Key-Type: 9' > /home/$MY_USERNAME/gpg-genkey.conf
        echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf
-        echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
        echo "Name-Real:  $MY_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf
        echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf
        echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
--- a/src/freedombone-utils-backup
+++ b/src/freedombone-utils-backup
@ -65,10 +65,8 @@ function configure_backup_key {
    # Generate a GPG key for backups
    BACKUP_KEY_EXISTS=$(gpg_key_exists "$MY_USERNAME" "$MY_NAME (backup key)")
    if [[ $BACKUP_KEY_EXISTS == "no" ]]; then
-        echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf
-        echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
+        echo 'Key-Type: 9' > /home/$MY_USERNAME/gpg-genkey.conf
        echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf
-        echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
        echo "Name-Real:  $MY_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf
        echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf
        echo "Name-Comment: backup key" >> /home/$MY_USERNAME/gpg-genkey.conf