From d5f4982a9add40b1a20539b6421dbaf51da10306 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=B6ren=20Tempel?= Date: Sat, 21 Dec 2019 15:12:04 +0100 Subject: [PATCH] abuild-keygen: make size of private key configurable Previously, a key size of 2048 bits was hardcoded. While this is still the default, it can now be changed. Additionally, the default key size might be changed to 4096 in the future. --- abuild-keygen.in | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/abuild-keygen.in b/abuild-keygen.in index b474309..b34d0fc 100644 --- a/abuild-keygen.in +++ b/abuild-keygen.in @@ -50,7 +50,7 @@ do_keygen() { # generate the private key in a subshell with stricter umask ( umask 0007 - openssl genrsa -out "$privkey" 2048 + openssl genrsa -out "$privkey" "$numbits" ) openssl rsa -in "$privkey" -pubout -out "$pubkey" @@ -92,12 +92,14 @@ usage() { $program $program_version - generate signing keys Usage: $program [-a|--append] [-i|--install] [-n] Options: - -a, --append Set PACKAGER_PRIVKEY= in - $ABUILD_USERCONF - -i, --install Install public key into /etc/apk/keys using sudo - -n Non-interactive. Use defaults + -a, --append Set PACKAGER_PRIVKEY= in + $ABUILD_USERCONF + + -i, --install Install public key into /etc/apk/keys using sudo + -n Non-interactive. Use defaults + -b, --numbits [BITS] The size of the private key to generate in bits. -q, --quiet - -h, --help Show this help + -h, --help Show this help __EOF__ } @@ -105,9 +107,10 @@ usage() { append_config= install_pubkey= non_interactive= +numbits=2048 quiet= -args=$(getopt -o ainqh --long append,install,quiet,help -n "$program" -- "$@") +args=$(getopt -o ab:inqh --long append,numbits:,install,quiet,help -n "$program" -- "$@") if [ $? -ne 0 ]; then usage exit 2 @@ -118,6 +121,7 @@ while true; do -a|--append) append_config=1;; -i|--install) install_pubkey=1;; -n) non_interactive=1;; + -b|--numbits) numbits="$2"; shift 1;; -q|--quiet) quiet=1;; # suppresses msg -h|--help) usage; exit;; --) shift; break;;