+
+ def generateKey(tag: String, label: String, ic: Eyecandy) {
+ checkIdent(tag);
+ if (label.exists { _ == '/' })
+ throw new IllegalArgumentException(s"invalid label string `$label'");
+ if ((keysdir/label).isdir_!)
+ throw new IllegalArgumentException(s"key `$label' already exists");
+
+ cleanup(ic);
+ checkState(Live);
+ val conf = config;
+ clearTmp();
+
+ val now = datefmt synchronized { datefmt.format(new Date) };
+ val kr = tmpdir/"keyring";
+ val pub = tmpdir/s"peer-$tag.pub";
+ val param = livereposdir/"param";
+
+ keysdir.mkdirNew_!();
+
+ ic.operation("fetching key-generation parameters") { _ =>
+ runCommand("key", "-k", kr.getPath, "merge", param.getPath);
+ }
+ ic.operation("generating new key") { _ =>
+ runCommand("key", "-k", kr.getPath, "add",
+ "-a", conf("kx-genalg"), "-p", "param",
+ "-e", conf("kx-expire"), "-t", tag, "tripe");
+ }
+ ic.operation("extracting public key") { _ =>
+ runCommand("key", "-k", kr.getPath, "extract",
+ "-f", "-secret", pub.getPath, tag);
+ }
+ ic.operation("writing metadata") { _ =>
+ tmpdir/"meta" withWriter { w =>
+ w.write(s"tag = $tag\n");
+ w.write(s"time = $now\n");
+ }
+ }
+ ic.operation("installing new key") { _ =>
+ tmpdir.rename_!(keysdir/label);
+ }
+ }
+
+ def key(label: String): PrivateKey = new PrivateKey(this, keysdir/label);
+ def keyLabels: Seq[String] = (keysdir.files_! map { _.getName }).toStream;
+ def keys: Seq[PrivateKey] = keyLabels map { k => key(k) };