From b6eee531bb546683387fb471b754f24bc40580d0 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Sun, 1 Mar 2015 16:40:02 +0100
Subject: Support encrypted offline master keys with a new --keygen flag

When --keygen is provided, we prompt for a passphrase when we make a
new master key; if it is nonempty, we store the secret key in a new
crypto_pwbox.

Also, if --keygen is provided and there *is* an encrypted master key,
we load it and prompt for a passphrase unconditionally.

We make a new signing key unconditionally when --keygen is provided.
We never overwrite a master key.
---
 src/or/main.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src/or/main.c')

diff --git a/src/or/main.c b/src/or/main.c
index bbee8e0fb9..d9ef88b36f 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -3162,6 +3162,9 @@ tor_main(int argc, char *argv[])
 #endif
     result = do_main_loop();
     break;
+  case CMD_KEYGEN:
+    result = load_ed_keys(get_options(), time(NULL));
+    break;
   case CMD_LIST_FINGERPRINT:
     result = do_list_fingerprint();
     break;
-- 
cgit v1.2.3-54-g00ecf