[distorted-keys] / keyfunc.sh.in

### -*-sh-*-
###
### Common key management functions.
###
### (c) 2011 Mark Wooding
###

###----- Licensing notice ---------------------------------------------------
###
### This file is part of the distorted.org.uk key management suite.
###
### distorted-keys is free software; you can redistribute it and/or modify
### it under the terms of the GNU General Public License as published by
### the Free Software Foundation; either version 2 of the License, or
### (at your option) any later version.
###
### distorted-keys is distributed in the hope that it will be useful,
### but WITHOUT ANY WARRANTY; without even the implied warranty of
### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
### GNU General Public License for more details.
###
### You should have received a copy of the GNU General Public License
### along with distorted-keys; if not, write to the Free Software Foundation,
### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

quis=${0##*/}

###--------------------------------------------------------------------------
### Configuration variables.

## Automatically configured pathnames.
PACKAGE="@PACKAGE@" VERSION="@VERSION@"
bindir="@bindir@"

## Read user configuration.
if [ -f $ETC/keys.conf ]; then . $ETC/keys.conf; fi

## Maybe turn on debugging.
case "${KEYS_DEBUG+t}" in t) set -x ;; esac

## Fake up caller credentials if not called via userv.
case "${USERV_USER+t}" in
  t) ;;
  *) USERV_USER=${LOGNAME-${USER-$(id -un)}} USERV_UID=$(id -u) ;;
esac
case "${USERV_GROUP+t}" in
  t) ;;
  *) USERV_GROUP=$(id -Gn) USERV_GID=$(id -gn) ;;
esac

###--------------------------------------------------------------------------
### Cleanup handling.

cleanups=""
cleanup () { cleanups=${cleanups+$cleanups }$1; }
runcleanups () { for i in $cleanups; do $i; done; }
trap 'rc=$?; runcleanups; exit $rc' EXIT
trap 'trap "" EXIT; runcleanups; exit 127' INT TERM

###--------------------------------------------------------------------------
### Utility functions.

reqsafe () {
  ## Fail unless a safe directory is set.

  err="$quis: (CONFIGURATION ERROR)"
  case ${SAFE+t} in
    t) ;;
    *) echo >&2 "$err: no SAFE directory"; exit 1 ;;
  esac
  if [ ! -d "$SAFE" ]; then
    echo >&2 "$err: SAFE path \`$SAFE' isn't a directory"
    exit 1
  fi
  case "$SAFE" in
    [!/]* | *[][[:space:]*?]*)
      echo >&2 "$err: SAFE path \`$SAFE' contains bad characters"
      exit 1
      ;;
  esac
  ls -ld "$SAFE" | {
    me=$(id -un)
    read perm _ user stuff
    case "$perm:$user" in
      d???------:"$me") ;;
      *)
	echo >&2 "$err: SAFE path \`$SAFE' has bad owner or permissions"
	exit 1
	;;
    esac
  }
}

## Temporary directory.
unset tmp
rmtmp () { case ${tmp+t} in t) cd /; rm -rf $tmp ;; esac; }
cleanup rmtmp
mktmp () {
  ## Make a temporary directory and store its name in `tmp'.

  case "${tmp+t}" in t) return ;; esac
  reqsafe
  tmp="$SAFE/keys.tmp.$$"
  rm -rf "$tmp"
  mkdir -m700 "$tmp"
}

reqtmp () {
  ## Fail unless a temporary directory is set.

  case ${tmp+t} in
    t) ;;
    *) echo >&2 "$quis (INTERNAL): no tmp directory set"; exit 127 ;;
  esac
}

parse_keylabel () {
  key=$1
  ## Parse the key label string KEY.  Set `kdir' to the base path to use for
  ## the key's storage, and `kowner' to the key owner's name.

  case "$key" in
    *:*) kowner=${key%%:*} klabel=${key#*:} ;;
    *) kowner=$USERV_USER klabel=$key ;;
  esac
  checkword "key owner name" "$kowner"
  checklabel "key" "$klabel"
  kdir=$KEYS/store/$kowner/$klabel
  knub=$KEYS/nub/$kowner/$klabel
}

runas () {
  user=$1 service=$2; shift 2
  ## If the current (effective) user is not USER then reinvoke via `userv',
  ## as the specified service, with the remaining arguments.

  case $(id -un) in
    "$user") ;;
    *) exec userv "$user" "$service" "$@" ;;
  esac
}

###--------------------------------------------------------------------------
### Input validation functions.

nl="
"
check () {
  ckwhat=$1 ckpat=$2 thing=$3
  ## Verify that THING matches the (anchored, basic) regular expression
  ## CKPAT.  Since matching newlines is hard to do portably, also check that
  ## THING doesn't contain any.  If the checks fail, report an error and
  ## exit.

  validp=t
  case "$thing" in
    *"$nl"*) validp=nil ;;
    *) if ! expr >/dev/null "Q$thing" : "Q$ckpat\$"; then validp=nil; fi ;;
  esac
  case $validp in
    nil) echo >&2 "$quis: bad $ckwhat \`$thing'"; exit 1 ;;
  esac
}

## Regular expressions for validating input.
R_IDENTCHARS="A-Za-z0-9_"
R_GOODPUNCT="!%@+="
R_WORDCHARS="-$R_IDENTCHARS$R_GOODPUNCT"
R_IDENT="[$R_IDENTCHARS][$R_IDENTCHARS]*"
R_WORD="[$R_WORDCHARS][$R_WORDCHARS]*"
R_ACLCHARS="][$R_IDENTCHARS$R_GOODPUNCT*?:.#"
R_WORDSEQ="[$R_WORDCHARS[:space:]][$R_WORDCHARS[:space:]]*"
R_ACL="[$R_ACLCHARS[:space:]-][$R_ACLCHARS[:space:]-]*"
R_NUMERIC='\(\([1-9][0-9]*\)\{0,1\}0\{0,1\}\)'
R_LABEL="\($R_WORD\(/$R_WORD\)*\)"
R_LINE=".*"

## Various validation functions.
checknumber () { check "$1" "$R_NUMERIC" "$2"; }
checkident () { check "$1" "$R_IDENT" "$2"; }
checkword () { check "$1" "$R_WORD" "$2"; }
checklabel () { check "$1 label" "$R_LABEL" "$2"; }

###--------------------------------------------------------------------------
### Key storage and properties.

getsysprofile () {
  profile=$1
  ## Write the named system PROFILE to standard output.

  $bindir/extract-profile "$profile" $ETC/profile.d/
}

setprops () {
  what=$1 prefix=$2; shift 2
  ## Set variables based on the NAME=VALUE assignments in the arguments.  The
  ## value for property NAME is stored in the shell variable PREFIX_NAME.

  for assg in "$@"; do
    goodp=t
    case "$assg" in
      *\=*) name=${assg%%=*} value=${assg#*=} ;;
      *) goodp=nil ;;
    esac
    case "$goodp,$name" in t,*[!0-9A-Za-z_]*=*) goodp=nil ;; esac
    case "$goodp" in
      nil) echo >&2 "$quis: bad $what assignment \`$assg'"; exit 1 ;;
    esac
    eval "$prefix$name=\$value"
  done
}

checkprops () {
  whatprop=$1 prefix=$2; shift 2
  ## Check that property variables are set in accordance with the remaining
  ## TABLE arguments.  Each row of TABLE has the form
  ##
  ##	NAME OMIT PAT
  ##
  ## A table row is satisfied if there is a variable PREFIXNAME whose value
  ## matces the (basic) regular expression PAT, or if the variable is unset
  ## and OMIT is `t'.

  for table in "$@"; do
    case "$table" in ?*) ;; *) continue ;; esac
    while read -r name omit pat; do
      eval foundp=\${$prefix$name+t}
      case "$foundp,$omit" in
	,t) continue ;;
	,nil)
	  echo >&2 "$quis: missing $whatprop \`$name' required"
	  exit 1
	  ;;
      esac
      eval value=\$$prefix$name
      check "value for $whatprop \`$name'" "$pat" "$value"
    done <<EOF
$table
EOF
  done
}

defprops () {
  name=$1
  ## Define a properties table NAME.

  table=$(cat)
  eval $name=\$table
}

defprops g_props <<EOF
type			nil	$R_IDENT
recovery		t	$R_WORDSEQ
random			t	$R_WORD
nub_hash		t	$R_WORD
nubid_hash		t	$R_WORD
nub_random_bytes	t	$R_NUMERIC
acl_encrypt		t	$R_ACL
acl_decrypt		t	$R_ACL
acl_sign		t	$R_ACL
acl_verify		t	$R_ACL
acl_info		t	$R_ACL
EOF

readprops () {
  file=$1
  ## Read a profile from a file.  This doesn't check the form of the
  ## filename, so it's not suitable for unchecked input.  Properties are set
  ## using `setprops' with prefix `kprop_'.

  ## Parse the settings from the file.
  exec 3<"$file"
  while read line; do
    case "$line" in "" | \#*) continue ;; esac
    setprops "property" kprop_ "$line"
  done <&3
  exec 3>&-
  checkprops "property" kprop_ "$g_props"

  ## Fetch the key-type handling library.
  if [ ! -f $KEYSLIB/ktype.$kprop_type ]; then
    echo >&2 "$quis: unknown key type \`$kprop_type'"
    exit 1
  fi
  . $KEYSLIB/ktype.$kprop_type
  checkprops "property" kprop_ "$k_props"
}

readmeta () {
  kdir=$1
  ## Read key metadata from KDIR.

  { read profile; } <"$kdir"/meta
}

makenub () {
  ## Generate a key nub in the default way, and write it to standard output.
  ## The properties `random', `nub_random_bytes' and `nub_hash' are referred
  ## to.

  dd 2>/dev/null \
    if=/dev/${kprop_random-random} bs=1 count=${kprop_nub_random_bytes-64} |
  openssl dgst -${kprop_nub_hash-sha256} -binary |
  openssl base64
}

nubid () {
  ## Compute a hash of the key nub in stdin, and write it to stdout in hex.
  ## The property `nubid_hash' is used.

  ## Stupid dance because the output incompatibly grew a filename, in order
  ## to demonstrate the same idiocy as GNU mumblesum.
  set _ $({ echo "distorted-keys nubid"; cat -; } |
    openssl dgst -${kprop_nubid_hash-sha256})
  echo $2
}

subst () {
  what=$1 templ=$2 prefix=$3 pat=$4
  ## Substitute option values into the template TEMPL.  Each occurrence of
  ## %{VAR} is replaced by the value of the variable PREFIXVAR.  Finally, an
  ## error is reported unless the final value matches the regular expression
  ## PAT.

  out=""
  rest=$templ
  while :; do

    ## If there are no more markers to substitute, then finish.
    case "$rest" in *"%{"*"}"*) ;; *) out=$out$rest; break ;; esac

    ## Split the template into three parts.
    left=${rest%%\%\{*} right=${rest#*\%\{}
    var=${right%%\}*} rest=${right#*\}}
    case "$var" in
      *-*) default=${var#*-} var=${var%%-*} defaultp=t ;;
      *) defaultp=nil ;;
    esac

    ## Find the variable value.
    checkident "template variable name" "$var"
    eval foundp=\${$prefix$var+t}
    case $foundp,$defaultp in
      t,*) eval value=\$$prefix$var ;;
      ,t) value=$default ;;
      *)
	echo >&2 "$quis: option \`$var' unset, used in template \`$templ'"
	exit 1
	;;
    esac

    ## Do the substitution.
    out=$out$left$value
  done

  ## Check the final result.
  check "$what" "$pat" "$out"

  ## Done.
  echo "$out"
}

read_profile () {
  owner=$1 profile=$2
  ## Read property settings from a profile.  The PROFILE name has the form
  ## [USER:]LABEL; USER defaults to OWNER.  Properties are set using
  ## `setprops' with prefix `kprop_'.

  reqtmp
  case "$profile" in
    :*)
      label=${profile#:} uservp=nil
      ;;
    *)
      user=$kowner label=$profile uservp=t
      ;;
    *:*)
      user=${profile%%:*} label=${profile#*:} uservp=t
      ;;
  esac
  checkword "profile label" "$label"

  ## Fetch the profile settings from the user.
  reqtmp
  case $uservp in
    t)
      checkword "profile user" "$user"
      userv "$user" cryptop-profile "$label" >$tmp/profile </dev/null
      ;;
    nil)
      $bindir/extract-profile "$label" $ETC/profile.d/ >$tmp/profile
      ;;
  esac

  ## Read the file.
  readprops $tmp/profile
}

###--------------------------------------------------------------------------
### General crypto operations.

c_genkey () {
  profile=$1 kdir=$2 knub=$3 hook=$4; shift 4
  ## Generate a key, and associate it with the named PROFILE (which is
  ## assumed already to have been read!); store the main data in KDIR, and
  ## the nub separately in the file KNUB; run HOOK after generation, passing
  ## it the working key directory and nub file.  Remaining arguments are
  ## options to the key type.

  ## Set options and check them.
  setprops "option" kopt_ "$@"
  checkprops "option" kopt_ "$k_genopts"

  ## Create directory structure and start writing metadata.
  rm -rf "$kdir.new"
  mkdir -m755 -p "$kdir.new"
  case "$knub" in */*) mkdir -m700 -p "${knub%/*}" ;; esac
  cat >"$kdir.new/meta" <<EOF
$profile
EOF

  ## Generate the key.
  umask=$(umask); umask 077; >"$knub.new"; umask $umask
  k_generate "$kdir.new" "$knub.new"
  $hook "$kdir.new" "$knub.new"

  ## Hash the nub.
  nubid <"$knub.new" >"$kdir.new/nubid"

  ## Juggle everything into place.  Doing this atomically is very difficult,
  ## and requires more machinery than I can really justify here.  If
  ## something goes wrong halfway, it should always be possible to fix it,
  ## either by backing out (if $kdir.new still exists) or pressing on
  ## forwards (if not).
  rm -rf "$kdir.old"
  if [ -e "$kdir" ]; then mv "$kdir" "$kdir.old"; fi
  mv "$kdir.new" "$kdir"
  mv "$knub.new" "$knub"
  rm -rf "$kdir.old"
}

c_encrypt () { k_encrypt "$@"; }
c_decrypt () {
  if k_decrypt "$@" >$tmp/plain; then cat $tmp/plain
  else return $?
  fi
}
c_sign () { k_sign "$@"; }
c_verify () { k_verify "$@"; }

## Stub implementations.
notsupp () { op=$1; echo >&2 "$quis: operation \`$op' not supported"; }
k_info () { :; }
k_encrypt () { notsupp encrypt; }
k_decrypt () { notsupp decrypt; }
k_sign () { notsupp sign; }
k_verify () { notsupp verify; }

prepare () {
  key=$1 op=$2
  ## Prepare for a crypto operation OP, using the KEY.  This validates the
  ## key label, reads the profile, and checks the access-control list.  If OP
  ## is `-' then allow the operation unconditionally.

  ## Find the key properties.
  parse_keylabel "$key"
  if [ ! -d $kdir ]; then echo >&2 "$quis: unknown key \`$key'"; exit 1; fi
  readmeta $kdir
  read_profile $kowner "$profile"

  ## Check whether we're allowed to do this thing.  This is annoyingly
  ## fiddly.
  case $op in -) return ;; esac
  eval acl=\${kprop_acl_$op-!owner}
  verdict=forbid
  while :; do

    ## Remove leading whitespace.
    while :; do
      case "$acl" in
	[[:space:]]*) acl=${acl#?} ;;
	*) break ;;
      esac
    done

    ## If there's nothing left, leave.
    case "$acl" in ?*) ;; *) break ;; esac

    ## Split off the leading word.
    case "$acl" in
      *[[:space:]]*) word=${acl%%[[:space:]]*} acl=${acl#*[[:space:]]} ;;
      *) word=$acl acl="" ;;
    esac

    ## See what sense it has if it matches.
    case "$word" in
      -*) sense=forbid rest=${word#-} ;;
      *) sense=allow rest=$word ;;
    esac

    ## See whether the calling user matches.
    case "$rest" in
      !owner) pat=$kowner list=$USERV_USER ;;
      !*) echo >&2 "$quis: unknown ACL token \`$word'" ;;
      %*) pat=${rest#%} list="$USERV_GROUP $USERV_GID" ;;
      *) pat=$rest list="$USERV_USER $USERV_UID" ;;
    esac
    matchp=nil
    for i in $list; do case "$i" in $pat) matchp=t; break ;; esac; done
    case $matchp in t) verdict=$sense; break ;; esac
  done

  case $verdict in
    forbid) echo >&2 "$quis: $op access to key \`$key' forbidden"; exit 1 ;;
  esac
}

###--------------------------------------------------------------------------
### Crypto operations for infrastructure purposes.

c_sysprofile () {
  profile=$1
  ## Select the profile in FILE for future crypto operations.

  unset $(set | sed -n '/^kprop_/s/=.*$//p')
  reqtmp
  getsysprofile "$profile" >$tmp/profile
  readprops $tmp/profile
}

c_gensyskey () {
  profile=$1 kdir=$2 knub=$3; shift 3
  ## Generate a system key using PROFILE; store the data in KDIR and the nub
  ## in KNUB.  Remaining arguments are options.

  c_sysprofile "$profile"
  c_genkey "$profile" "$kdir" "$knub" : "$@"
}

c_sysprepare () {
  kdir=$1
  readmeta "$kdir"
  c_sysprofile "$profile"
}

c_sysop () {
  op=$1 kdir=$2; shift 1
  c_sysprepare "$kdir"
  c_$op "$@"
}

c_sysencrypt () { c_sysop encrypt "$1" /dev/null; }
c_sysdecrypt () { c_sysop decrypt "$1" "$2"; }
c_syssign () { c_sysop sign "$1" "$2"; }
c_sysverify () { c_sysop verify "$1" /dev/null; }

###--------------------------------------------------------------------------
### Recovery operations.

stash () {
  recov=$1 label=$2
  ## Stash a copy of stdin encrypted under the recovery key RECOV, with a
  ## given LABEL.
  checkword "recovery key label" "$recov"
  checklabel "secret" "$label"

  rdir=$KEYS/recov/$recov/current
  if [ ! -d $rdir/store ]; then
    echo >&2 "$quis: unknown recovery key \`$recov'"
    exit 1
  fi
  case $label in */*) mkdir -m755 -p $rdir/${label%/*} ;; esac
  (c_sysencrypt $rdir/store >$rdir/$label.new)
  mv $rdir/$label.new $rdir/$label.recov
}

recover () {
  recov=$1 label=$2
  ## Recover a stashed secret, protected by RECOV and stored as LABEL, and
  ## write it to stdout.
  checkword "recovery key label" "$recov"
  checklabel "secret" "$label"

  rdir=$KEYS/recov/$recov/current
  if [ ! -f $rdir/$label.recov ]; then
    echo >&2 "$quis: no blob for \`$label' under recovery key \`$recov'"
    exit 1
  fi
  reqsafe
  nub=$SAFE/keys.reveal/$recov.current/nub
  if [ ! -f $nub ]; then
    echo >&2 "$quis: current recovery key \`$recov' not revealed"
    exit 1;
  fi
  mktmp
  c_sysdecrypt $rdir/store $nub <$rdir/$label.recov
}

###--------------------------------------------------------------------------
### Help text.

defhelp () {
  read umsg
  usage="usage: $quis${umsg+ }$umsg"
  help=$(cat)
  case "$KEYS_HELP" in t) help; exit ;; esac
}

help () { showhelp; }
showhelp () {
  cat <<EOF
$usage

$help
EOF
}

usage_err () { echo >&2 "$usage"; exit 1; }

###--------------------------------------------------------------------------
### Subcommand handling.

version () {
  echo "$PACKAGE version $VERSION"
}

cmd_help () {
  rc=0
  version
  case $# in
    0)
      cat <<EOF

$usage

Options:
  -h		Show this help text.
  -v		Show the program version number.

Commands installed:
EOF
      cd "$KEYSLIB"
      for i in $prefix.*; do
	if [ ! -x "$i" ]; then continue; fi
	sed -n "/<<HELP/{n;s/^/	${i#$prefix.} /;p;q;}" "$i"
      done
      ;;
    *)
      for i in "$@"; do
	echo
	if [ ! -x "$KEYSLIB/$prefix.$i" ]; then
	  echo >&2 "$quis: unrecognized command \`$i'"
	  rc=1
	  continue
	elif ! KEYS_HELP=t "$KEYSLIB/$prefix.$i"; then
	  rc=1
	fi
      done
      ;;
  esac
  return $rc
}

dispatch () {
  case $# in 0) echo >&2 "$usage"; exit 1 ;; esac
  cmd=$1; shift
  case "$cmd" in help) cmd_help "$@"; exit ;; esac
  if [ ! -x "$KEYSLIB/$prefix.$cmd" ]; then
    echo >&2 "$quis: unrecognized command \`$cmd'"
    exit 1
  fi

  unset KEYS_HELP
  exec "$KEYSLIB/$prefix.$cmd" "$@"
}

###----- That's all, folks --------------------------------------------------
Commit	Line	Data
53263601 MW	1	### --sh--
	2	###
	3	### Common key management functions.
	4	###
	5	### (c) 2011 Mark Wooding
	6	###
	7
	8	###----- Licensing notice ---------------------------------------------------
	9	###
599c8f75 MW	10	### This file is part of the distorted.org.uk key management suite.
	11	###
	12	### distorted-keys is free software; you can redistribute it and/or modify
53263601 MW	13	### it under the terms of the GNU General Public License as published by
	14	### the Free Software Foundation; either version 2 of the License, or
	15	### (at your option) any later version.
	16	###
599c8f75	17	### distorted-keys is distributed in the hope that it will be useful,
53263601 MW	18	### but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	### GNU General Public License for more details.
	21	###
	22	### You should have received a copy of the GNU General Public License
599c8f75	23	### along with distorted-keys; if not, write to the Free Software Foundation,
53263601 MW	24	### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	25
	26	quis=${0##*/}
	27
	28	###--------------------------------------------------------------------------
	29	### Configuration variables.
	30
e787e19c	31	## Automatically configured pathnames.
53263601	32	PACKAGE="@PACKAGE@" VERSION="@VERSION@"
53263601 MW	33	bindir="@bindir@"
53263601 MW	34
e787e19c	35	## Read user configuration.
c47f2aba	36	if [ -f $ETC/keys.conf ]; then . $ETC/keys.conf; fi
599c8f75	37
e787e19c	38	## Maybe turn on debugging.
599c8f75 MW	39	case "${KEYS_DEBUG+t}" in t) set -x ;; esac
599c8f75 MW	40
ec208149 MW	41	## Fake up caller credentials if not called via userv.
	42	case "${USERV_USER+t}" in
	43	t) ;;
	44	*) USERV_USER=${LOGNAME-${USER-$(id -un)}} USERV_UID=$(id -u) ;;
	45	esac
	46	case "${USERV_GROUP+t}" in
	47	t) ;;
	48	*) USERV_GROUP=$(id -Gn) USERV_GID=$(id -gn) ;;
	49	esac
	50
53263601 MW	51	###--------------------------------------------------------------------------
	52	### Cleanup handling.
	53
	54	cleanups=""
c47f2aba MW	55	cleanup () { cleanups=${cleanups+$cleanups }$1; }
	56	runcleanups () { for i in $cleanups; do $i; done; }
	57	trap 'rc=$?; runcleanups; exit $rc' EXIT
	58	trap 'trap "" EXIT; runcleanups; exit 127' INT TERM
53263601 MW	59
	60	###--------------------------------------------------------------------------
	61	### Utility functions.
	62
c47f2aba MW	63	reqsafe () {
	64	## Fail unless a safe directory is set.
	65
	66	err="$quis: (CONFIGURATION ERROR)"
	67	case ${SAFE+t} in
	68	t) ;;
	69	*) echo >&2 "$err: no SAFE directory"; exit 1 ;;
	70	esac
	71	if [ ! -d "$SAFE" ]; then
	72	echo >&2 "$err: SAFE path \`$SAFE' isn't a directory"
	73	exit 1
	74	fi
	75	case "$SAFE" in
	76	[!/]* \| [][[:space:]?]*)
	77	echo >&2 "$err: SAFE path \`$SAFE' contains bad characters"
	78	exit 1
	79	;;
	80	esac
	81	ls -ld "$SAFE" \| {
	82	me=$(id -un)
	83	read perm _ user stuff
	84	case "$perm:$user" in
	85	d???------:"$me") ;;
	86	*)
	87	echo >&2 "$err: SAFE path \`$SAFE' has bad owner or permissions"
	88	exit 1
	89	;;
	90	esac
	91	}
	92	}
	93
53263601 MW	94	## Temporary directory.
53263601 MW	95	unset tmp
c47f2aba MW	96	rmtmp () { case ${tmp+t} in t) cd /; rm -rf $tmp ;; esac; }
c47f2aba MW	97	cleanup rmtmp
53263601	98	mktmp () {
c47f2aba	99	## Make a temporary directory and store its name in `tmp'.
53263601	100
c47f2aba MW	101	case "${tmp+t}" in t) return ;; esac
	102	reqsafe
	103	tmp="$SAFE/keys.tmp.$$"
53263601 MW	104	rm -rf "$tmp"
53263601 MW	105	mkdir -m700 "$tmp"
53263601 MW	106	}
53263601 MW	107
c47f2aba MW	108	reqtmp () {
c47f2aba MW	109	## Fail unless a temporary directory is set.
53263601	110
c47f2aba MW	111	case ${tmp+t} in
	112	t) ;;
	113	*) echo >&2 "$quis (INTERNAL): no tmp directory set"; exit 127 ;;
53263601 MW	114	esac
	115	}
	116
c47f2aba MW	117	parse_keylabel () {
	118	key=$1
	119	## Parse the key label string KEY. Set `kdir' to the base path to use for
	120	## the key's storage, and `kowner' to the key owner's name.
	121
	122	case "$key" in
	123	:) kowner=${key%%:} klabel=${key#:} ;;
	124	*) kowner=$USERV_USER klabel=$key ;;
53263601	125	esac
c47f2aba MW	126	checkword "key owner name" "$kowner"
	127	checklabel "key" "$klabel"
	128	kdir=$KEYS/store/$kowner/$klabel
	129	knub=$KEYS/nub/$kowner/$klabel
53263601 MW	130	}
53263601 MW	131
4c8c4065 MW	132	runas () {
	133	user=$1 service=$2; shift 2
	134	## If the current (effective) user is not USER then reinvoke via `userv',
	135	## as the specified service, with the remaining arguments.
	136
	137	case $(id -un) in
	138	"$user") ;;
	139	*) exec userv "$user" "$service" "$@" ;;
	140	esac
	141	}
	142
c47f2aba MW	143	###--------------------------------------------------------------------------
	144	### Input validation functions.
	145
	146	nl="
	147	"
	148	check () {
	149	ckwhat=$1 ckpat=$2 thing=$3
	150	## Verify that THING matches the (anchored, basic) regular expression
	151	## CKPAT. Since matching newlines is hard to do portably, also check that
	152	## THING doesn't contain any. If the checks fail, report an error and
	153	## exit.
	154
	155	validp=t
599c8f75	156	case "$thing" in
c47f2aba	157	"$nl") validp=nil ;;
11c7b588	158	*) if ! expr >/dev/null "Q$thing" : "Q$ckpat\$"; then validp=nil; fi ;;
c47f2aba MW	159	esac
	160	case $validp in
	161	nil) echo >&2 "$quis: bad $ckwhat \`$thing'"; exit 1 ;;
599c8f75 MW	162	esac
	163	}
	164
c47f2aba MW	165	## Regular expressions for validating input.
c47f2aba MW	166	R_IDENTCHARS="A-Za-z0-9_"
09c56d3e MW	167	R_GOODPUNCT="!%@+="
09c56d3e MW	168	R_WORDCHARS="-$R_IDENTCHARS$R_GOODPUNCT"
c47f2aba MW	169	R_IDENT="[$R_IDENTCHARS][$R_IDENTCHARS]*"
c47f2aba MW	170	R_WORD="[$R_WORDCHARS][$R_WORDCHARS]*"
09c56d3e	171	R_ACLCHARS="][$R_IDENTCHARS$R_GOODPUNCT*?:.#"
c47f2aba	172	R_WORDSEQ="[$R_WORDCHARS[:space:]][$R_WORDCHARS[:space:]]*"
09c56d3e	173	R_ACL="[$R_ACLCHARS[:space:]-][$R_ACLCHARS[:space:]-]*"
c47f2aba MW	174	R_NUMERIC='\(\([1-9][0-9]*\)\{0,1\}0\{0,1\}\)'
	175	R_LABEL="\($R_WORD\(/$R_WORD\)*\)"
	176	R_LINE=".*"
	177
	178	## Various validation functions.
	179	checknumber () { check "$1" "$R_NUMERIC" "$2"; }
	180	checkident () { check "$1" "$R_IDENT" "$2"; }
	181	checkword () { check "$1" "$R_WORD" "$2"; }
	182	checklabel () { check "$1 label" "$R_LABEL" "$2"; }
	183
53263601	184	###--------------------------------------------------------------------------
c47f2aba MW	185	### Key storage and properties.
	186
	187	getsysprofile () {
	188	profile=$1
	189	## Write the named system PROFILE to standard output.
	190
b65e1f93	191	$bindir/extract-profile "$profile" $ETC/profile.d/
c47f2aba MW	192	}
	193
	194	setprops () {
	195	what=$1 prefix=$2; shift 2
	196	## Set variables based on the NAME=VALUE assignments in the arguments. The
	197	## value for property NAME is stored in the shell variable PREFIX_NAME.
	198
	199	for assg in "$@"; do
	200	goodp=t
	201	case "$assg" in
	202	\=) name=${assg%%=} value=${assg#=} ;;
	203	*) goodp=nil ;;
	204	esac
	205	case "$goodp,$name" in t,[!0-9A-Za-z_]=*) goodp=nil ;; esac
	206	case "$goodp" in
	207	nil) echo >&2 "$quis: bad $what assignment \`$assg'"; exit 1 ;;
	208	esac
	209	eval "$prefix$name=\$value"
	210	done
	211	}
53263601	212
c47f2aba MW	213	checkprops () {
	214	whatprop=$1 prefix=$2; shift 2
	215	## Check that property variables are set in accordance with the remaining
	216	## TABLE arguments. Each row of TABLE has the form
53263601	217	##
c47f2aba MW	218	## NAME OMIT PAT
	219	##
	220	## A table row is satisfied if there is a variable PREFIXNAME whose value
	221	## matces the (basic) regular expression PAT, or if the variable is unset
	222	## and OMIT is `t'.
	223
	224	for table in "$@"; do
	225	case "$table" in ?) ;; ) continue ;; esac
	226	while read -r name omit pat; do
	227	eval foundp=\${$prefix$name+t}
	228	case "$foundp,$omit" in
	229	,t) continue ;;
	230	,nil)
	231	echo >&2 "$quis: missing $whatprop \`$name' required"
	232	exit 1
	233	;;
	234	esac
	235	eval value=\$$prefix$name
	236	check "value for $whatprop \`$name'" "$pat" "$value"
	237	done <<EOF
	238	$table
	239	EOF
	240	done
	241	}
53263601	242
c47f2aba MW	243	defprops () {
	244	name=$1
	245	## Define a properties table NAME.
	246
	247	table=$(cat)
	248	eval $name=\$table
	249	}
	250
	251	defprops g_props <<EOF
	252	type nil $R_IDENT
	253	recovery t $R_WORDSEQ
	254	random t $R_WORD
2a877b7f MW	255	nub_hash t $R_WORD
	256	nubid_hash t $R_WORD
	257	nub_random_bytes t $R_NUMERIC
09c56d3e MW	258	acl_encrypt t $R_ACL
	259	acl_decrypt t $R_ACL
	260	acl_sign t $R_ACL
	261	acl_verify t $R_ACL
	262	acl_info t $R_ACL
c47f2aba MW	263	EOF
	264
	265	readprops () {
	266	file=$1
	267	## Read a profile from a file. This doesn't check the form of the
	268	## filename, so it's not suitable for unchecked input. Properties are set
	269	## using `setprops' with prefix `kprop_'.
	270
	271	## Parse the settings from the file.
	272	exec 3<"$file"
	273	while read line; do
	274	case "$line" in "" \| \#*) continue ;; esac
	275	setprops "property" kprop_ "$line"
	276	done <&3
	277	exec 3>&-
	278	checkprops "property" kprop_ "$g_props"
	279
	280	## Fetch the key-type handling library.
	281	if [ ! -f $KEYSLIB/ktype.$kprop_type ]; then
	282	echo >&2 "$quis: unknown key type \`$kprop_type'"
	283	exit 1
	284	fi
	285	. $KEYSLIB/ktype.$kprop_type
	286	checkprops "property" kprop_ "$k_props"
	287	}
	288
	289	readmeta () {
	290	kdir=$1
	291	## Read key metadata from KDIR.
	292
	293	{ read profile; } <"$kdir"/meta
	294	}
	295
	296	makenub () {
	297	## Generate a key nub in the default way, and write it to standard output.
2a877b7f MW	298	## The properties `random', `nub_random_bytes' and `nub_hash' are referred
2a877b7f MW	299	## to.
c47f2aba MW	300
c47f2aba MW	301	dd 2>/dev/null \
2a877b7f MW	302	if=/dev/${kprop_random-random} bs=1 count=${kprop_nub_random_bytes-64} \|
2a877b7f MW	303	openssl dgst -${kprop_nub_hash-sha256} -binary \|
c47f2aba MW	304	openssl base64
	305	}
	306
	307	nubid () {
	308	## Compute a hash of the key nub in stdin, and write it to stdout in hex.
2a877b7f	309	## The property `nubid_hash' is used.
c47f2aba	310
21a21fff MW	311	## Stupid dance because the output incompatibly grew a filename, in order
	312	## to demonstrate the same idiocy as GNU mumblesum.
	313	set _ $({ echo "distorted-keys nubid"; cat -; } \|
	314	openssl dgst -${kprop_nubid_hash-sha256})
	315	echo $2
c47f2aba MW	316	}
	317
	318	subst () {
	319	what=$1 templ=$2 prefix=$3 pat=$4
	320	## Substitute option values into the template TEMPL. Each occurrence of
	321	## %{VAR} is replaced by the value of the variable PREFIXVAR. Finally, an
	322	## error is reported unless the final value matches the regular expression
	323	## PAT.
	324
	325	out=""
	326	rest=$templ
	327	while :; do
	328
	329	## If there are no more markers to substitute, then finish.
	330	case "$rest" in "%{""}") ;; ) out=$out$rest; break ;; esac
	331
	332	## Split the template into three parts.
	333	left=${rest%%\%\{} right=${rest#\%\{}
	334	var=${right%%\}} rest=${right#\}}
	335	case "$var" in
	336	-) default=${var#-} var=${var%%-} defaultp=t ;;
	337	*) defaultp=nil ;;
	338	esac
	339
	340	## Find the variable value.
	341	checkident "template variable name" "$var"
	342	eval foundp=\${$prefix$var+t}
	343	case $foundp,$defaultp in
	344	t,*) eval value=\$$prefix$var ;;
	345	,t) value=$default ;;
	346	*)
	347	echo >&2 "$quis: option \`$var' unset, used in template \`$templ'"
	348	exit 1
	349	;;
	350	esac
	351
	352	## Do the substitution.
	353	out=$out$left$value
	354	done
	355
	356	## Check the final result.
	357	check "$what" "$pat" "$out"
	358
	359	## Done.
	360	echo "$out"
	361	}
	362
	363	read_profile () {
e9cf7079	364	owner=$1 profile=$2
c47f2aba	365	## Read property settings from a profile. The PROFILE name has the form
e9cf7079 MW	366	## [USER:]LABEL; USER defaults to OWNER. Properties are set using
e9cf7079 MW	367	## `setprops' with prefix `kprop_'.
c47f2aba MW	368
	369	reqtmp
	370	case "$profile" in
	371	:*)
	372	label=${profile#:} uservp=nil
	373	;;
53263601	374	*)
e9cf7079	375	user=$kowner label=$profile uservp=t
c47f2aba MW	376	;;
	377	:)
	378	user=${profile%%:} label=${profile#:} uservp=t
	379	;;
	380	esac
	381	checkword "profile label" "$label"
	382
	383	## Fetch the profile settings from the user.
	384	reqtmp
	385	case $uservp in
	386	t)
	387	checkword "profile user" "$user"
21a21fff	388	userv "$user" cryptop-profile "$label" >$tmp/profile </dev/null
c47f2aba MW	389	;;
c47f2aba MW	390	nil)
b65e1f93	391	$bindir/extract-profile "$label" $ETC/profile.d/ >$tmp/profile
53263601 MW	392	;;
	393	esac
	394
c47f2aba MW	395	## Read the file.
c47f2aba MW	396	readprops $tmp/profile
53263601 MW	397	}
53263601 MW	398
c47f2aba MW	399	###--------------------------------------------------------------------------
	400	### General crypto operations.
	401
	402	c_genkey () {
	403	profile=$1 kdir=$2 knub=$3 hook=$4; shift 4
	404	## Generate a key, and associate it with the named PROFILE (which is
	405	## assumed already to have been read!); store the main data in KDIR, and
	406	## the nub separately in the file KNUB; run HOOK after generation, passing
	407	## it the working key directory and nub file. Remaining arguments are
	408	## options to the key type.
	409
	410	## Set options and check them.
	411	setprops "option" kopt_ "$@"
	412	checkprops "option" kopt_ "$k_genopts"
	413
	414	## Create directory structure and start writing metadata.
	415	rm -rf "$kdir.new"
	416	mkdir -m755 -p "$kdir.new"
	417	case "$knub" in /) mkdir -m700 -p "${knub%/*}" ;; esac
	418	cat >"$kdir.new/meta" <<EOF
	419	$profile
	420	EOF
53263601	421
c47f2aba MW	422	## Generate the key.
	423	umask=$(umask); umask 077; >"$knub.new"; umask $umask
	424	k_generate "$kdir.new" "$knub.new"
	425	$hook "$kdir.new" "$knub.new"
	426
	427	## Hash the nub.
	428	nubid <"$knub.new" >"$kdir.new/nubid"
	429
	430	## Juggle everything into place. Doing this atomically is very difficult,
	431	## and requires more machinery than I can really justify here. If
	432	## something goes wrong halfway, it should always be possible to fix it,
	433	## either by backing out (if $kdir.new still exists) or pressing on
	434	## forwards (if not).
	435	rm -rf "$kdir.old"
	436	if [ -e "$kdir" ]; then mv "$kdir" "$kdir.old"; fi
	437	mv "$kdir.new" "$kdir"
	438	mv "$knub.new" "$knub"
	439	rm -rf "$kdir.old"
53263601 MW	440	}
53263601 MW	441
c47f2aba MW	442	c_encrypt () { k_encrypt "$@"; }
	443	c_decrypt () {
	444	if k_decrypt "$@" >$tmp/plain; then cat $tmp/plain
	445	else return $?
	446	fi
	447	}
	448	c_sign () { k_sign "$@"; }
	449	c_verify () { k_verify "$@"; }
	450
	451	## Stub implementations.
	452	notsupp () { op=$1; echo >&2 "$quis: operation \`$op' not supported"; }
	453	k_info () { :; }
	454	k_encrypt () { notsupp encrypt; }
	455	k_decrypt () { notsupp decrypt; }
	456	k_sign () { notsupp sign; }
	457	k_verify () { notsupp verify; }
	458
	459	prepare () {
	460	key=$1 op=$2
	461	## Prepare for a crypto operation OP, using the KEY. This validates the
5cff41ea MW	462	## key label, reads the profile, and checks the access-control list. If OP
5cff41ea MW	463	## is `-' then allow the operation unconditionally.
c47f2aba MW	464
	465	## Find the key properties.
	466	parse_keylabel "$key"
	467	if [ ! -d $kdir ]; then echo >&2 "$quis: unknown key \`$key'"; exit 1; fi
	468	readmeta $kdir
e9cf7079	469	read_profile $kowner "$profile"
c47f2aba MW	470
	471	## Check whether we're allowed to do this thing. This is annoyingly
	472	## fiddly.
5cff41ea	473	case $op in -) return ;; esac
c47f2aba MW	474	eval acl=\${kprop_acl_$op-!owner}
	475	verdict=forbid
	476	while :; do
	477
	478	## Remove leading whitespace.
	479	while :; do
	480	case "$acl" in
	481	[[:space:]]*) acl=${acl#?} ;;
	482	*) break ;;
	483	esac
	484	done
	485
	486	## If there's nothing left, leave.
	487	case "$acl" in ?) ;; ) break ;; esac
	488
	489	## Split off the leading word.
	490	case "$acl" in
	491	[[:space:]]) word=${acl%%[[:space:]]} acl=${acl#[[:space:]]} ;;
	492	*) word=$acl acl="" ;;
	493	esac
	494
	495	## See what sense it has if it matches.
	496	case "$word" in
	497	-*) sense=forbid rest=${word#-} ;;
	498	*) sense=allow rest=$word ;;
	499	esac
	500
	501	## See whether the calling user matches.
	502	case "$rest" in
	503	!owner) pat=$kowner list=$USERV_USER ;;
	504	!*) echo >&2 "$quis: unknown ACL token \`$word'" ;;
	505	%*) pat=${rest#%} list="$USERV_GROUP $USERV_GID" ;;
	506	*) pat=$rest list="$USERV_USER $USERV_UID" ;;
	507	esac
	508	matchp=nil
	509	for i in $list; do case "$i" in $pat) matchp=t; break ;; esac; done
	510	case $matchp in t) verdict=$sense; break ;; esac
	511	done
	512
	513	case $verdict in
68023101	514	forbid) echo >&2 "$quis: $op access to key \`$key' forbidden"; exit 1 ;;
c47f2aba	515	esac
53263601 MW	516	}
53263601 MW	517
c47f2aba MW	518	###--------------------------------------------------------------------------
	519	### Crypto operations for infrastructure purposes.
	520
	521	c_sysprofile () {
	522	profile=$1
	523	## Select the profile in FILE for future crypto operations.
53263601	524
c47f2aba MW	525	unset $(set \| sed -n '/^kprop_/s/=.*$//p')
	526	reqtmp
	527	getsysprofile "$profile" >$tmp/profile
	528	readprops $tmp/profile
53263601 MW	529	}
53263601 MW	530
c47f2aba MW	531	c_gensyskey () {
	532	profile=$1 kdir=$2 knub=$3; shift 3
	533	## Generate a system key using PROFILE; store the data in KDIR and the nub
	534	## in KNUB. Remaining arguments are options.
53263601	535
c47f2aba MW	536	c_sysprofile "$profile"
c47f2aba MW	537	c_genkey "$profile" "$kdir" "$knub" : "$@"
53263601 MW	538	}
53263601 MW	539
c47f2aba MW	540	c_sysprepare () {
	541	kdir=$1
	542	readmeta "$kdir"
	543	c_sysprofile "$profile"
	544	}
599c8f75	545
c47f2aba MW	546	c_sysop () {
	547	op=$1 kdir=$2; shift 1
	548	c_sysprepare "$kdir"
	549	c_$op "$@"
599c8f75 MW	550	}
599c8f75 MW	551
c47f2aba MW	552	c_sysencrypt () { c_sysop encrypt "$1" /dev/null; }
	553	c_sysdecrypt () { c_sysop decrypt "$1" "$2"; }
	554	c_syssign () { c_sysop sign "$1" "$2"; }
	555	c_sysverify () { c_sysop verify "$1" /dev/null; }
	556
	557	###--------------------------------------------------------------------------
	558	### Recovery operations.
	559
	560	stash () {
	561	recov=$1 label=$2
	562	## Stash a copy of stdin encrypted under the recovery key RECOV, with a
	563	## given LABEL.
	564	checkword "recovery key label" "$recov"
	565	checklabel "secret" "$label"
	566
	567	rdir=$KEYS/recov/$recov/current
	568	if [ ! -d $rdir/store ]; then
	569	echo >&2 "$quis: unknown recovery key \`$recov'"
	570	exit 1
	571	fi
	572	case $label in /) mkdir -m755 -p $rdir/${label%/*} ;; esac
	573	(c_sysencrypt $rdir/store >$rdir/$label.new)
	574	mv $rdir/$label.new $rdir/$label.recov
	575	}
599c8f75	576
c47f2aba MW	577	recover () {
	578	recov=$1 label=$2
	579	## Recover a stashed secret, protected by RECOV and stored as LABEL, and
	580	## write it to stdout.
	581	checkword "recovery key label" "$recov"
	582	checklabel "secret" "$label"
	583
	584	rdir=$KEYS/recov/$recov/current
	585	if [ ! -f $rdir/$label.recov ]; then
	586	echo >&2 "$quis: no blob for \`$label' under recovery key \`$recov'"
	587	exit 1
	588	fi
	589	reqsafe
	590	nub=$SAFE/keys.reveal/$recov.current/nub
	591	if [ ! -f $nub ]; then
	592	echo >&2 "$quis: current recovery key \`$recov' not revealed"
	593	exit 1;
	594	fi
	595	mktmp
	596	c_sysdecrypt $rdir/store $nub <$rdir/$label.recov
599c8f75 MW	597	}
599c8f75 MW	598
53263601 MW	599	###--------------------------------------------------------------------------
	600	### Help text.
	601
c47f2aba MW	602	defhelp () {
	603	read umsg
	604	usage="usage: $quis${umsg+ }$umsg"
	605	help=$(cat)
	606	case "$KEYS_HELP" in t) help; exit ;; esac
53263601 MW	607	}
53263601 MW	608
53263601 MW	609	help () { showhelp; }
	610	showhelp () {
	611	cat <<EOF
	612	$usage
	613
	614	$help
	615	EOF
	616	}
	617
c47f2aba MW	618	usage_err () { echo >&2 "$usage"; exit 1; }
	619
	620	###--------------------------------------------------------------------------
	621	### Subcommand handling.
	622
	623	version () {
	624	echo "$PACKAGE version $VERSION"
	625	}
	626
	627	cmd_help () {
	628	rc=0
	629	version
	630	case $# in
	631	0)
	632	cat <<EOF
	633
	634	$usage
	635
	636	Options:
	637	-h Show this help text.
	638	-v Show the program version number.
	639
	640	Commands installed:
	641	EOF
	642	cd "$KEYSLIB"
	643	for i in $prefix.*; do
	644	if [ ! -x "$i" ]; then continue; fi
	645	sed -n "/<<HELP/{n;s/^/ ${i#$prefix.} /;p;q;}" "$i"
	646	done
	647	;;
	648	*)
	649	for i in "$@"; do
	650	echo
	651	if [ ! -x "$KEYSLIB/$prefix.$i" ]; then
	652	echo >&2 "$quis: unrecognized command \`$i'"
	653	rc=1
	654	continue
	655	elif ! KEYS_HELP=t "$KEYSLIB/$prefix.$i"; then
	656	rc=1
	657	fi
	658	done
	659	;;
	660	esac
	661	return $rc
	662	}
	663
	664	dispatch () {
	665	case $# in 0) echo >&2 "$usage"; exit 1 ;; esac
	666	cmd=$1; shift
	667	case "$cmd" in help) cmd_help "$@"; exit ;; esac
	668	if [ ! -x "$KEYSLIB/$prefix.$cmd" ]; then
	669	echo >&2 "$quis: unrecognized command \`$cmd'"
	670	exit 1
	671	fi
	672
	673	unset KEYS_HELP
	674	exec "$KEYSLIB/$prefix.$cmd" "$@"
	675	}
	676
53263601	677	###----- That's all, folks --------------------------------------------------