[distorted-keys] / keys.reveal

#! /bin/sh
###
### Reveal shares of a secret distributed among keepers
###
### (c) 2011 Mark Wooding
###

###----- Licensing notice ---------------------------------------------------
###
### This file is part of the distorted.org.uk key management suite.
###
### distorted-keys is free software; you can redistribute it and/or modify
### it under the terms of the GNU General Public License as published by
### the Free Software Foundation; either version 2 of the License, or
### (at your option) any later version.
###
### distorted-keys is distributed in the hope that it will be useful,
### but WITHOUT ANY WARRANTY; without even the implied warranty of
### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
### GNU General Public License for more details.
###
### You should have received a copy of the GNU General Public License
### along with distorted-keys; if not, write to the Free Software Foundation,
### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

set -e
case "${KEYSLIB+t}" in t) ;; *) echo >&2 "$0: KEYSLIB unset"; exit 1 ;; esac
. "$KEYSLIB"/keyfunc.sh

defhelp <<HELP
RECOV KEEPER
Reveal a share of a recovery key distributed among keepers.

If enough shares have been revealed, reconstruct the recovery private key.
The keeper nub is read from stdin.
HELP

## Parse the command line.
case $# in 2) ;; *) usage_err ;; esac
recov=$1 keeper=$2; shift 2
checklabel "recovery key" "$recov"
case "$recov" in
  */*) ;;
  *) recov=$recov/current ;;
esac
checkword "keeper set label" "$keeper"

## Check that this is a sensible thing to do.
if [ ! -f $KEYS/keeper/$keeper/meta ]; then
  echo >&2 "$quis: unknown keeper set \`$keeper'"
  exit 1
fi
if [ ! -d $KEYS/recov/$recov ]; then
  echo >&2 "$quis: unknown recovery key \`$recov'"
  exit 1
fi
if [ ! -f $KEYS/recov/$recov/$keeper.param ]; then
  echo >&2 "$quis: recovery key \`$recov' not kept by keeper set \`$keeper'"
  exit 1
fi

## Grab the key, because we'll need to read it several times.
mktmp
cat >$tmp/secret

## Read the threshold from the recovery metadata.
read param <$KEYS/recov/$recov/$keeper.param
case "$param" in
  shamir-params:*) ;;
  *)
    echo >&2 "$quis: secret sharing parameter file damaged (wrong header)"
    exit 1
    ;;
esac
t=";${param#*:}"
case "$t" in
  *";t="*) ;;
  *)
    echo >&2 "$quis: secret sharing parameter file damaged (missing t)"
    exit 1
    ;;
esac
t=${t#*;t=}
t=${t%%;*}

## Find out which keeper index it corresponds to.
read n hunoz <$KEYS/keeper/$keeper/meta
i=0
foundp=nil
while [ $i -lt $n ]; do
  c_sysprepare $KEYS/keeper/$keeper/$i
  nubbin=$(nubid <$tmp/secret)
  nubid=$(cat $KEYS/keeper/$keeper/$i/nubid)
  case "$nubbin" in "$nubid") foundp=t; break ;; esac
  i=$(( $i + 1 ))
done
case $foundp in
  nil) echo >&2 "$quis: nub doesn't match keeper \`$keeper'"; exit 1 ;;
esac

## Establish the recovery staging area.  See whether we've done enough
## already.
reqsafe
tag=$(echo $recov | tr / .)
mkdir -p -m700 $SAFE/keys.reveal
reveal=$SAFE/keys.reveal/$tag
if [ ! -d $reveal ]; then mkdir -m700 $reveal; fi
cd $reveal
if [ -f nub ]; then
  echo >&2 "$quis: recovery key \`$recov' already revealed"
  exit 1
fi

## Decrypt the share.
umask 077
if [ -f $keeper.$i.share ]; then
  echo >&2 "$quis: share $i already revealed"
else
  c_sysdecrypt $KEYS/keeper/$keeper/$i $tmp/secret \
    <$KEYS/recov/$recov/$keeper.$i.share \
    >$keeper.$i.new
  mv $keeper.$i.new $keeper.$i.share
fi

## See if there's enough for a recovery.
n=0
for j in $keeper.*.share; do if [ -f "$j" ]; then n=$(( $n + 1 )); fi; done
if [ $n -lt $t ]; then
  echo >&2 "$quis: share $i revealed; $(( $t - $n )) more required"
else
  cat $KEYS/recov/$recov/$keeper.param $keeper.*.share >$keeper.shares
  $bindir/shamir recover <$keeper.shares >nub.new
  c_sysprepare $KEYS/recov/$recov/store
  nubbin=$(nubid <nub.new)
  nubid=$(cat $KEYS/recov/$recov/store/nubid)
  case "$nubbin" in
    "$nubid") ;;
    *)
      echo >&2 "$quis: recovered nub doesn't match stored hash"
      exit 1
      ;;
  esac
  mv nub.new nub
  rm -f $keeper.*
  echo >&2 "$quis: recovery key \`$recov' revealed"
fi

###----- That's all, folks --------------------------------------------------
Commit	Line	Data
53263601 MW	1	#! /bin/sh
	2	###
	3	### Reveal shares of a secret distributed among keepers
	4	###
	5	### (c) 2011 Mark Wooding
	6	###
	7
	8	###----- Licensing notice ---------------------------------------------------
	9	###
599c8f75 MW	10	### This file is part of the distorted.org.uk key management suite.
	11	###
	12	### distorted-keys is free software; you can redistribute it and/or modify
53263601 MW	13	### it under the terms of the GNU General Public License as published by
	14	### the Free Software Foundation; either version 2 of the License, or
	15	### (at your option) any later version.
	16	###
599c8f75	17	### distorted-keys is distributed in the hope that it will be useful,
53263601 MW	18	### but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	### GNU General Public License for more details.
	21	###
	22	### You should have received a copy of the GNU General Public License
599c8f75	23	### along with distorted-keys; if not, write to the Free Software Foundation,
53263601 MW	24	### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	25
	26	set -e
	27	case "${KEYSLIB+t}" in t) ;; *) echo >&2 "$0: KEYSLIB unset"; exit 1 ;; esac
	28	. "$KEYSLIB"/keyfunc.sh
	29
	30	defhelp <<HELP
d516ebd0	31	RECOV KEEPER
53263601 MW	32	Reveal a share of a recovery key distributed among keepers.
	33
	34	If enough shares have been revealed, reconstruct the recovery private key.
d516ebd0	35	The keeper nub is read from stdin.
53263601	36	HELP
53263601 MW	37
53263601 MW	38	## Parse the command line.
d516ebd0	39	case $# in 2) ;; *) usage_err ;; esac
53263601	40	recov=$1 keeper=$2; shift 2
599c8f75	41	checklabel "recovery key" "$recov"
53263601	42	case "$recov" in
599c8f75 MW	43	/) ;;
599c8f75 MW	44	*) recov=$recov/current ;;
53263601 MW	45	esac
	46	checkword "keeper set label" "$keeper"
	47
c47f2aba MW	48	## Check that this is a sensible thing to do.
	49	if [ ! -f $KEYS/keeper/$keeper/meta ]; then
	50	echo >&2 "$quis: unknown keeper set \`$keeper'"
	51	exit 1
	52	fi
	53	if [ ! -d $KEYS/recov/$recov ]; then
	54	echo >&2 "$quis: unknown recovery key \`$recov'"
	55	exit 1
	56	fi
	57	if [ ! -f $KEYS/recov/$recov/$keeper.param ]; then
	58	echo >&2 "$quis: recovery key \`$recov' not kept by keeper set \`$keeper'"
	59	exit 1
	60	fi
	61
53263601	62	## Grab the key, because we'll need to read it several times.
c47f2aba	63	mktmp
d516ebd0	64	cat >$tmp/secret
53263601 MW	65
	66	## Read the threshold from the recovery metadata.
	67	read param <$KEYS/recov/$recov/$keeper.param
	68	case "$param" in
	69	shamir-params:*) ;;
	70	*)
	71	echo >&2 "$quis: secret sharing parameter file damaged (wrong header)"
	72	exit 1
	73	;;
	74	esac
	75	t=";${param#*:}"
	76	case "$t" in
	77	";t=") ;;
	78	*)
	79	echo >&2 "$quis: secret sharing parameter file damaged (missing t)"
	80	exit 1
	81	;;
	82	esac
	83	t=${t#*;t=}
	84	t=${t%%;*}
	85
	86	## Find out which keeper index it corresponds to.
	87	read n hunoz <$KEYS/keeper/$keeper/meta
	88	i=0
	89	foundp=nil
	90	while [ $i -lt $n ]; do
c47f2aba MW	91	c_sysprepare $KEYS/keeper/$keeper/$i
	92	nubbin=$(nubid <$tmp/secret)
	93	nubid=$(cat $KEYS/keeper/$keeper/$i/nubid)
	94	case "$nubbin" in "$nubid") foundp=t; break ;; esac
	95	i=$(( $i + 1 ))
53263601 MW	96	done
53263601 MW	97	case $foundp in
c47f2aba	98	nil) echo >&2 "$quis: nub doesn't match keeper \`$keeper'"; exit 1 ;;
53263601 MW	99	esac
	100
	101	## Establish the recovery staging area. See whether we've done enough
	102	## already.
c47f2aba	103	reqsafe
53263601	104	tag=$(echo $recov \| tr / .)
c47f2aba MW	105	mkdir -p -m700 $SAFE/keys.reveal
c47f2aba MW	106	reveal=$SAFE/keys.reveal/$tag
599c8f75 MW	107	if [ ! -d $reveal ]; then mkdir -m700 $reveal; fi
599c8f75 MW	108	cd $reveal
c47f2aba MW	109	if [ -f nub ]; then
c47f2aba MW	110	echo >&2 "$quis: recovery key \`$recov' already revealed"
53263601 MW	111	exit 1
	112	fi
	113
	114	## Decrypt the share.
599c8f75	115	umask 077
c47f2aba MW	116	if [ -f $keeper.$i.share ]; then
	117	echo >&2 "$quis: share $i already revealed"
	118	else
	119	c_sysdecrypt $KEYS/keeper/$keeper/$i $tmp/secret \
	120	<$KEYS/recov/$recov/$keeper.$i.share \
	121	>$keeper.$i.new
	122	mv $keeper.$i.new $keeper.$i.share
	123	fi
53263601 MW	124
	125	## See if there's enough for a recovery.
	126	n=0
c47f2aba	127	for j in $keeper.*.share; do if [ -f "$j" ]; then n=$(( $n + 1 )); fi; done
53263601	128	if [ $n -lt $t ]; then
c47f2aba	129	echo >&2 "$quis: share $i revealed; $(( $t - $n )) more required"
53263601	130	else
c47f2aba	131	cat $KEYS/recov/$recov/$keeper.param $keeper.*.share >$keeper.shares
5c30c6e6	132	$bindir/shamir recover <$keeper.shares >nub.new
c47f2aba MW	133	c_sysprepare $KEYS/recov/$recov/store
	134	nubbin=$(nubid <nub.new)
	135	nubid=$(cat $KEYS/recov/$recov/store/nubid)
	136	case "$nubbin" in
	137	"$nubid") ;;
53263601	138	*)
c47f2aba	139	echo >&2 "$quis: recovered nub doesn't match stored hash"
53263601 MW	140	exit 1
	141	;;
	142	esac
c47f2aba MW	143	mv nub.new nub
	144	rm -f $keeper.*
	145	echo >&2 "$quis: recovery key \`$recov' revealed"
53263601 MW	146	fi
	147
	148	###----- That's all, folks --------------------------------------------------