[distorted-keys] / keys.keeper-cards

#! /bin/sh
###
### Issue cards containing a bunch of keeper secrets
###
### (c) 2011 Mark Wooding
###

###----- Licensing notice ---------------------------------------------------
###
### This file is part of the distorted.org.uk key management suite.
###
### distorted-keys is free software; you can redistribute it and/or modify
### it under the terms of the GNU General Public License as published by
### the Free Software Foundation; either version 2 of the License, or
### (at your option) any later version.
###
### distorted-keys is distributed in the hope that it will be useful,
### but WITHOUT ANY WARRANTY; without even the implied warranty of
### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
### GNU General Public License for more details.
###
### You should have received a copy of the GNU General Public License
### along with distorted-keys; if not, write to the Free Software Foundation,
### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

set -e
case "${KEYSLIB+t}" in t) ;; *) echo >&2 "$0: KEYSLIB unset"; exit 1 ;; esac
. "$KEYSLIB"/keyfunc.sh

defhelp <<HELP
KEEPER [INDICES ...]
Typeset cards for a set of keeper secrets.

This program writes a PostScript file to standard output which will contain
key nubs from the keeper set KEEPER, specifically the keys with the given
INDICES.  Elements of the list are either simple integers or ranges
[LOW]-[HIGH]; if LOW is omitted, it means 0, and if HIGH is omitted, it means
the highest possible index.  If no INDICES are given then all secret keys are
written.

The public keys are found in $KEYS/keeper/KEEPER/I.pub;
key nubs are read from the safe place where \`keys new-keeper' left
them.
HELP

## Parse the command line.
case $# in 0) usage_err ;; esac
keeper=$1; shift
checkword "keeper set label" "$keeper"

## Find out about the set.
if [ ! -f $KEYS/keeper/$keeper/meta ]; then
  echo >&2 "$quis: unknown keeper set \`$keeper'"
  exit 1
fi
read n hunoz <$KEYS/keeper/$keeper/meta

## Check that nubs are available for the keeper set.
reqsafe
if [ ! -d $SAFE/keys.keeper/$keeper/ ]; then
  echo >&2 "$quis: no nubs available for keeper set \`$keeper'"
  exit 1
fi
cd $SAFE/keys.keeper/$keeper/

## Build a colon-separated list of the indices we actually want.
want=:
case $# in 0) set 0- ;; esac
for range in "$@"; do
  case "$range" in
    *[!-0-9]* | *[!0-9]*-* | *-*[!0-9]*)
      echo >&2 "$quis: bad index range \`$range'"
      exit 1
      ;;
    *-*)
      low=${range%-*} high=${range#*-}
      ;;
    *)
      low=$range high=$range
      ;;
  esac
  case "$low" in ?*) ;; *) low=0 ;; esac
  case "$high" in ?*) ;; *) high=$(( $n - 1 )) ;; esac
  if [ 0 -gt $low -o $low -gt $high -o $high -ge $n ]; then
    echo >&2 "$quis: invalid index range \`$range'"
    exit 1
  fi
  i=$(( $low + 0 ))
  while [ $i -le $high ]; do
    case $want in *:"$i":*) ;; *) want=$want$i: ;; esac
    i=$(( $i + 1 ))
  done
done

## Start working on the output file.  This will contain deep secrets, so
## don't leave stuff easily readable.
mktmp
umask 077
exec 3>$tmp/$keeper.tex
cat >&3 <<'EOF'
\documentclass[a4paper, landscape, 12pt]{article}
\usepackage[utf8]{inputenc}
\usepackage[T1]{fontenc}
EOF
if kpsewhich mdwfonts.sty >/dev/null; then
  cat >&3 <<'EOF'
\usepackage[palatino, helvetica, courier, maths = cmr]{mdwfonts}
EOF
fi
cat >&3 <<'EOF'
\usepackage{graphicx}

%% Report errors with enough context that we can debug them.
\errorcontextlines=999

%% Basic layout for the cards.  We use the paragraph filling machinery, but
%% don't actually need most of the trimmings.
\parindent=0pt
\parfillskip=0pt
\pagestyle{empty}

%% Page layout: try to use most of the page.  The document class will already
%% have set up the paper size, but we do the rest here.
\hoffset=-1in \voffset=-1in
\oddsidemargin=20mm
\textwidth=\paperwidth \advance\textwidth by -2\oddsidemargin
\topmargin=20mm
\headheight=0pt \headsep=0pt
\textheight=\paperheight \advance\textheight by -2\topmargin
\AtBeginDocument{\special{papersize=\the\paperwidth,\the\paperheight}}

%% Parameters for the cards and guide rules.
\newdimen\cardwd \cardwd=82mm
\newdimen\cardht \cardht=49mm
\newdimen\guidelen \guidelen=10mm
\newdimen\rulewd \rulewd=0.6pt

%% Typesetting the secret as text.  The macro \snarf TOKEN T0 T1 ... T7
%% gathers T0 T1 ... T7 into a single argument and passes them to TOKEN, as
%% long as T0 is not \relax.  We use this to process the secret text in a
%% continuation-passing style.
\def\snarf#1#2{%
  \ifx#2\relax\let\next\empty%
  \else\def\next{\snarfdo#1#2}%
  \fi%
  \next%
}
\def\snarfdo#1#2#3#4#5#6#7#8#9{#1{#2#3#4#5#6#7#8#9}}

%% Print the left and right halves of the line, with a separator.  Use boxes
%% for the lines so that TeX will work out the width of the enclosing vbox
%% for us.  The basic usage is \line TEXT \relax ... \relax, with eight
%% \relax tokens: this is enough to complete both \snarf calls.
\def\line{\snarf\lineleft}
\def\lineleft#1{\hbox\bgroup#1 \snarf\lineright}
\def\lineright#1{#1\egroup\line}

%% Typeset a card containing a secret.  Usage is \card{INDEX}{SECRET}.
\def\card#1#2{%
  %%
  %% Make sure we're setting a paragraph.
  \leavevmode%
  %%
  %% Initial material: a stretchy space on the left.
  \hbox{}\nobreak\hfil%
  %%
  %% An alignment for the guide markers surrounding the actual card.
  \vbox{\halign{&##\cr%
    %%
    %% Top left guides.
    \vrule width \guidelen height \rulewd depth 0pt%
    \vrule width \rulewd depth 0pt height \guidelen%
    &%
    %%
    %% Top centre gap.
    \hfil%
    &%
    %%
    %% Top right guides.
    \vrule width \rulewd depth 0pt height \guidelen%
    \vrule width \guidelen height \rulewd depth 0pt%
    \cr%
    %%
    %% Left gap.
    &%
    %%
    %% The actual card.
    \vbox to \cardht{%
      %%
      %% We actually do more or less sensible typesetting.  TeX will set the
      %% box width from the hsize, and we should leave a small margin all
      %% around.
      \parfillskip=0pt plus 1fil%
      \leftskip=1em \rightskip=1em%
      \hsize=\cardwd%
      %%
      %% The heading.
      \hrule height 0pt \prevdepth = 0pt%
      \medskip%
      {\large\bfseries\textsf{\keeper} secret #1/\total}%
      %%
      %% The QR-code and the text of the secret.
      \vfil%
      $%
      \vcenter{\hbox{\includegraphics[scale = 2.4]{#1.eps}}}%
      \hfil%
      \vcenter{\ttfamily%
	\line#2%
	\relax\relax\relax\relax\relax\relax\relax\relax%
      }%
      $%
      %%
      %% And we're done.
      \vfil%
    }%
    &%
    %%
    %% Right gap.
    \cr%
    %%
    %% Bottom left guides.
    \vrule width \guidelen depth \rulewd height 0pt%
    \vrule width \rulewd depth \guidelen height 0pt%
    &%
    %% Bottom centre gap.
    \hfil%
    &%
    %% Bottom right guides.
    \vrule width \rulewd depth \guidelen height 0pt%
    \vrule width \guidelen depth \rulewd height 0pt%
    \cr%
    %%
    %% Leave a small vertical space at the bottom to separate lines of cards.
    \strut \cr%
  }}%
  %%
  %% End material: a stretchy space to match the one at the start, and then
  %% allow a break.
  \nobreak\hfil\hbox{}%
  \penalty0%
}
EOF

## Write the basic configuration stuff.
cat >&3 <<EOF

%% General configuration for the cards.
\def\keeper{$keeper}
\def\total{$n}
EOF

## Start the document body.
cat >&3 <<'EOF'

%% The actual content.
\begin{document}
EOF

## Work through the requested indices.
i=0
while [ $i -lt $n ]; do
  case $want in
    *:"$i":*)
      read secret <$i
      tr -d '\n' <$i | qrencode -m0 -s1 -o$tmp/$i.png
      convert $tmp/$i.png $tmp/$i.eps
      cat >&3 <<EOF
\card{$i}{$secret}
EOF
  esac
  i=$(( $i + 1 ))
done

## Wrap up and build the document.
cat >&3 <<'EOF'
\end{document}
EOF
exec 3>&-
if ! (cd $tmp
    exec </dev/null >tex.out 2>&1
    latex $keeper.tex && dvips -o$keeper.ps $keeper.dvi); then
  echo >&2 "$quis: document formatting failed"
  sed >&2 's/^/| /' $tmp/tex.out
  exit 1
fi
cat $tmp/$keeper.ps

###----- That's all, folks --------------------------------------------------
Commit	Line	Data
53263601 MW	1	#! /bin/sh
	2	###
	3	### Issue cards containing a bunch of keeper secrets
	4	###
	5	### (c) 2011 Mark Wooding
	6	###
	7
	8	###----- Licensing notice ---------------------------------------------------
	9	###
599c8f75 MW	10	### This file is part of the distorted.org.uk key management suite.
	11	###
	12	### distorted-keys is free software; you can redistribute it and/or modify
53263601 MW	13	### it under the terms of the GNU General Public License as published by
	14	### the Free Software Foundation; either version 2 of the License, or
	15	### (at your option) any later version.
	16	###
599c8f75	17	### distorted-keys is distributed in the hope that it will be useful,
53263601 MW	18	### but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	### GNU General Public License for more details.
	21	###
	22	### You should have received a copy of the GNU General Public License
599c8f75	23	### along with distorted-keys; if not, write to the Free Software Foundation,
53263601 MW	24	### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	25
	26	set -e
	27	case "${KEYSLIB+t}" in t) ;; *) echo >&2 "$0: KEYSLIB unset"; exit 1 ;; esac
	28	. "$KEYSLIB"/keyfunc.sh
	29
	30	defhelp <<HELP
	31	KEEPER [INDICES ...]
	32	Typeset cards for a set of keeper secrets.
	33
d516ebd0 MW	34	This program writes a PostScript file to standard output which will contain
	35	key nubs from the keeper set KEEPER, specifically the keys with the given
	36	INDICES. Elements of the list are either simple integers or ranges
	37	[LOW]-[HIGH]; if LOW is omitted, it means 0, and if HIGH is omitted, it means
	38	the highest possible index. If no INDICES are given then all secret keys are
	39	written.
53263601 MW	40
53263601 MW	41	The public keys are found in $KEYS/keeper/KEEPER/I.pub;
d516ebd0 MW	42	key nubs are read from the safe place where \`keys new-keeper' left
d516ebd0 MW	43	them.
53263601	44	HELP
53263601 MW	45
53263601 MW	46	## Parse the command line.
c47f2aba	47	case $# in 0) usage_err ;; esac
53263601 MW	48	keeper=$1; shift
53263601 MW	49	checkword "keeper set label" "$keeper"
d516ebd0 MW	50
	51	## Find out about the set.
	52	if [ ! -f $KEYS/keeper/$keeper/meta ]; then
	53	echo >&2 "$quis: unknown keeper set \`$keeper'"
	54	exit 1
	55	fi
53263601 MW	56	read n hunoz <$KEYS/keeper/$keeper/meta
53263601 MW	57
d516ebd0 MW	58	## Check that nubs are available for the keeper set.
	59	reqsafe
	60	if [ ! -d $SAFE/keys.keeper/$keeper/ ]; then
	61	echo >&2 "$quis: no nubs available for keeper set \`$keeper'"
	62	exit 1
	63	fi
	64	cd $SAFE/keys.keeper/$keeper/
	65
53263601 MW	66	## Build a colon-separated list of the indices we actually want.
	67	want=:
	68	case $# in 0) set 0- ;; esac
	69	for range in "$@"; do
	70	case "$range" in
	71	[!-0-9] \| [!0-9]-* \| -[!0-9]*)
	72	echo >&2 "$quis: bad index range \`$range'"
	73	exit 1
	74	;;
	75	-)
	76	low=${range%-} high=${range#-}
	77	;;
	78	*)
	79	low=$range high=$range
	80	;;
	81	esac
	82	case "$low" in ?) ;; ) low=0 ;; esac
c47f2aba	83	case "$high" in ?) ;; ) high=$(( $n - 1 )) ;; esac
53263601 MW	84	if [ 0 -gt $low -o $low -gt $high -o $high -ge $n ]; then
	85	echo >&2 "$quis: invalid index range \`$range'"
	86	exit 1
	87	fi
c47f2aba	88	i=$(( $low + 0 ))
53263601 MW	89	while [ $i -le $high ]; do
53263601 MW	90	case $want in :"$i":) ;; *) want=$want$i: ;; esac
c47f2aba	91	i=$(( $i + 1 ))
53263601 MW	92	done
	93	done
	94
	95	## Start working on the output file. This will contain deep secrets, so
	96	## don't leave stuff easily readable.
c47f2aba	97	mktmp
53263601 MW	98	umask 077
	99	exec 3>$tmp/$keeper.tex
	100	cat >&3 <<'EOF'
	101	\documentclass[a4paper, landscape, 12pt]{article}
	102	\usepackage[utf8]{inputenc}
	103	\usepackage[T1]{fontenc}
edbd96c2 MW	104	EOF
	105	if kpsewhich mdwfonts.sty >/dev/null; then
	106	cat >&3 <<'EOF'
53263601	107	\usepackage[palatino, helvetica, courier, maths = cmr]{mdwfonts}
edbd96c2 MW	108	EOF
	109	fi
	110	cat >&3 <<'EOF'
53263601 MW	111	\usepackage{graphicx}
	112
	113	%% Report errors with enough context that we can debug them.
	114	\errorcontextlines=999
	115
	116	%% Basic layout for the cards. We use the paragraph filling machinery, but
	117	%% don't actually need most of the trimmings.
	118	\parindent=0pt
	119	\parfillskip=0pt
	120	\pagestyle{empty}
	121
	122	%% Page layout: try to use most of the page. The document class will already
	123	%% have set up the paper size, but we do the rest here.
	124	\hoffset=-1in \voffset=-1in
	125	\oddsidemargin=20mm
	126	\textwidth=\paperwidth \advance\textwidth by -2\oddsidemargin
	127	\topmargin=20mm
	128	\headheight=0pt \headsep=0pt
	129	\textheight=\paperheight \advance\textheight by -2\topmargin
	130	\AtBeginDocument{\special{papersize=\the\paperwidth,\the\paperheight}}
	131
	132	%% Parameters for the cards and guide rules.
	133	\newdimen\cardwd \cardwd=82mm
	134	\newdimen\cardht \cardht=49mm
	135	\newdimen\guidelen \guidelen=10mm
	136	\newdimen\rulewd \rulewd=0.6pt
	137
	138	%% Typesetting the secret as text. The macro \snarf TOKEN T0 T1 ... T7
	139	%% gathers T0 T1 ... T7 into a single argument and passes them to TOKEN, as
	140	%% long as T0 is not \relax. We use this to process the secret text in a
	141	%% continuation-passing style.
	142	\def\snarf#1#2{%
	143	\ifx#2\relax\let\next\empty%
	144	\else\def\next{\snarfdo#1#2}%
	145	\fi%
	146	\next%
	147	}
	148	\def\snarfdo#1#2#3#4#5#6#7#8#9{#1{#2#3#4#5#6#7#8#9}}
	149
	150	%% Print the left and right halves of the line, with a separator. Use boxes
	151	%% for the lines so that TeX will work out the width of the enclosing vbox
	152	%% for us. The basic usage is \line TEXT \relax ... \relax, with eight
	153	%% \relax tokens: this is enough to complete both \snarf calls.
	154	\def\line{\snarf\lineleft}
	155	\def\lineleft#1{\hbox\bgroup#1 \snarf\lineright}
	156	\def\lineright#1{#1\egroup\line}
	157
	158	%% Typeset a card containing a secret. Usage is \card{INDEX}{SECRET}.
	159	\def\card#1#2{%
	160	%%
	161	%% Make sure we're setting a paragraph.
	162	\leavevmode%
	163	%%
	164	%% Initial material: a stretchy space on the left.
	165	\hbox{}\nobreak\hfil%
	166	%%
	167	%% An alignment for the guide markers surrounding the actual card.
	168	\vbox{\halign{&##\cr%
	169	%%
	170	%% Top left guides.
	171	\vrule width \guidelen height \rulewd depth 0pt%
	172	\vrule width \rulewd depth 0pt height \guidelen%
	173	&%
	174	%%
175	%% Top centre gap.
176	\hfil%
177	&%
178	%%
179	%% Top right guides.
180	\vrule width \rulewd depth 0pt height \guidelen%
181	\vrule width \guidelen height \rulewd depth 0pt%
182	\cr%
183	%%
184	%% Left gap.
185	&%
186	%%
187	%% The actual card.
188	\vbox to \cardht{%
189	%%
190	%% We actually do more or less sensible typesetting. TeX will set the
191	%% box width from the hsize, and we should leave a small margin all
192	%% around.
193	\parfillskip=0pt plus 1fil%
194	\leftskip=1em \rightskip=1em%
195	\hsize=\cardwd%
196	%%
197	%% The heading.
198	\hrule height 0pt \prevdepth = 0pt%
199	\medskip%
200	{\large\bfseries\textsf{\keeper} secret #1/\total}%
201	%%
202	%% The QR-code and the text of the secret.
203	\vfil%
204	$%
205	\vcenter{\hbox{\includegraphics[scale = 2.4]{#1.eps}}}%
206	\hfil%
207	\vcenter{\ttfamily%
208	\line#2%
209	\relax\relax\relax\relax\relax\relax\relax\relax%
210	}%
211	$%
212	%%
213	%% And we're done.
214	\vfil%
215	}%
216	&%
217	%%
218	%% Right gap.
219	\cr%
220	%%
221	%% Bottom left guides.
222	\vrule width \guidelen depth \rulewd height 0pt%
223	\vrule width \rulewd depth \guidelen height 0pt%
224	&%
225	%% Bottom centre gap.
226	\hfil%
227	&%
228	%% Bottom right guides.
229	\vrule width \rulewd depth \guidelen height 0pt%
230	\vrule width \guidelen depth \rulewd height 0pt%
231	\cr%
232	%%
233	%% Leave a small vertical space at the bottom to separate lines of cards.
234	\strut \cr%
235	}}%
236	%%
237	%% End material: a stretchy space to match the one at the start, and then
238	%% allow a break.
239	\nobreak\hfil\hbox{}%
240	\penalty0%
241	}
242	EOF
243
244	## Write the basic configuration stuff.
245	cat >&3 <<EOF
246
247	%% General configuration for the cards.
248	\def\keeper{$keeper}
249	\def\total{$n}
250	EOF
251
252	## Start the document body.
253	cat >&3 <<'EOF'
254
255	%% The actual content.
256	\begin{document}
257	EOF
258
259	## Work through the requested indices.
260	i=0
261	while [ $i -lt $n ]; do
262	case $want in
263	:"$i":)
d516ebd0 MW	264	read secret <$i
d516ebd0 MW	265	tr -d '\n' <$i \| qrencode -m0 -s1 -o$tmp/$i.png
53263601 MW	266	convert $tmp/$i.png $tmp/$i.eps
	267	cat >&3 <<EOF
	268	\card{$i}{$secret}
	269	EOF
	270	esac
c47f2aba	271	i=$(( $i + 1 ))
53263601 MW	272	done
	273
	274	## Wrap up and build the document.
	275	cat >&3 <<'EOF'
	276	\end{document}
	277	EOF
	278	exec 3>&-
	279	if ! (cd $tmp
	280	exec </dev/null >tex.out 2>&1
	281	latex $keeper.tex && dvips -o$keeper.ps $keeper.dvi); then
	282	echo >&2 "$quis: document formatting failed"
	283	sed >&2 's/^/\| /' $tmp/tex.out
	284	exit 1
	285	fi
d516ebd0	286	cat $tmp/$keeper.ps
53263601 MW	287
53263601 MW	288	###----- That's all, folks --------------------------------------------------