[distorted-keys] / pubkeyop.in

#! /bin/sh
###
### Front-end for public-key operations
###
### (c) 2012 Mark Wooding
###

###----- Licensing notice ---------------------------------------------------
###
### This file is part of the distorted.org.uk key management suite.
###
### distorted-keys is free software; you can redistribute it and/or modify
### it under the terms of the GNU General Public License as published by
### the Free Software Foundation; either version 2 of the License, or
### (at your option) any later version.
###
### distorted-keys is distributed in the hope that it will be useful,
### but WITHOUT ANY WARRANTY; without even the implied warranty of
### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
### GNU General Public License for more details.
###
### You should have received a copy of the GNU General Public License
### along with distorted-keys; if not, write to the Free Software Foundation,
### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

set -e
: ${ETC=@pkgconfdir@}
: ${KEYS=@pkgstatedir@}
: ${KEYSLIB=@pkglibdir@}
export ETC KEYS KEYSLIB

. "$KEYSLIB"/keyfunc.sh

usage="COMMAND [ARGUMENTS ...]"

###--------------------------------------------------------------------------
### Common utilities.

unpack () {
  key=$1
  ## Unpack the KEY and set up to use it as a public key for future
  ## operations.

  mktmp
  exec 3<"$key"

  ## Read the properties.
  endp=nil
  while read line; do
    case "$line" in ENDPROP) endp=t; break ;; esac
    setprops "property" kprop_ "$line"
  done <&3
  case $endp in
    nil) echo >&2 "$quis: invalid public key (no ENDPROP line)"; exit 1 ;;
  esac
  checkprops "property" kprop_ "$g_props"

  ## Fetch the type-handling library.
  if [ ! -f $KEYSLIB/ktype.$kprop_type ]; then
    echo >&2 "$quis: unknown key type \`$kprop_type'"
    exit 1
  fi
  . $KEYSLIB/ktype.$kprop_type
  checkprops "property" kprop_ "$k_props"

  ## Write the rest of the public key somewhere convenient.
  mkdir $tmp/pubkey
  cat <&3 >$tmp/pubkey/pub
  k_import $tmp/pubkey
  exec 3>&-
}

###--------------------------------------------------------------------------
### Commands.

defcmd encrypt [-o CIPHERTEXT] KEY [MESSAGE] <<EOF
Encrypt the MESSAGE (default stdin) using the public key KEY.  Write the
ciphertext to CIPHERTEXT (default stdout).
EOF
cmd_encrypt () {
  unset out
  while getopts "o:" opt; do
    case $opt in
      o) out=$OPTARG ;;
      *) usage_err ;;
    esac
  done
  shift $(( $OPTIND - 1 ))
  case $# in
    1) ;;
    2) msg=$2; exec <"$msg" ;;
    *) usage_err ;;
  esac
  key=$1
  unpack "$key"
  case ${out+t} in
    t) c_encrypt $tmp/pubkey - >"$out.new"; mv "$out.new" "$out" ;;
    *) c_encrypt $tmp/pubkey - ;;
  esac
}

defcmd verify KEY SIGNATURE [MESSAGE] <<EOF
Verify a SIGNATURE (literal, not a filename) against a MESSAGE (default
stdin) using the public KEY.
EOF
cmd_verify () {
  case $# in
    2) ;;
    3) msg=$3; exec <"$msg" ;;
    *) usage_err ;;
  esac
  key=$1 sig=$2
  unpack "$key"
  c_verify $tmp/pubkey - "$sig"
}

###--------------------------------------------------------------------------
### Main program.

while getopts "hv" opt; do
  case "$opt" in
    h) do_help; exit ;;
    v) version; exit ;;
    *) usage_err ;;
  esac
done
shift $(( $OPTIND - 1 ))

case $# in 0) usage_err ;; esac

dispatch "$@"

###----- That's all, folks --------------------------------------------------
Commit	Line	Data
b8691d14 MW	1	#! /bin/sh
	2	###
	3	### Front-end for public-key operations
	4	###
	5	### (c) 2012 Mark Wooding
	6	###
	7
	8	###----- Licensing notice ---------------------------------------------------
	9	###
	10	### This file is part of the distorted.org.uk key management suite.
	11	###
	12	### distorted-keys is free software; you can redistribute it and/or modify
	13	### it under the terms of the GNU General Public License as published by
	14	### the Free Software Foundation; either version 2 of the License, or
	15	### (at your option) any later version.
	16	###
	17	### distorted-keys is distributed in the hope that it will be useful,
	18	### but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	### GNU General Public License for more details.
	21	###
	22	### You should have received a copy of the GNU General Public License
	23	### along with distorted-keys; if not, write to the Free Software Foundation,
	24	### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	25
	26	set -e
	27	: ${ETC=@pkgconfdir@}
	28	: ${KEYS=@pkgstatedir@}
	29	: ${KEYSLIB=@pkglibdir@}
	30	export ETC KEYS KEYSLIB
	31
	32	. "$KEYSLIB"/keyfunc.sh
	33
	34	usage="COMMAND [ARGUMENTS ...]"
	35
	36	###--------------------------------------------------------------------------
	37	### Common utilities.
	38
	39	unpack () {
	40	key=$1
	41	## Unpack the KEY and set up to use it as a public key for future
	42	## operations.
	43
	44	mktmp
	45	exec 3<"$key"
	46
	47	## Read the properties.
	48	endp=nil
	49	while read line; do
	50	case "$line" in ENDPROP) endp=t; break ;; esac
	51	setprops "property" kprop_ "$line"
	52	done <&3
	53	case $endp in
	54	nil) echo >&2 "$quis: invalid public key (no ENDPROP line)"; exit 1 ;;
	55	esac
	56	checkprops "property" kprop_ "$g_props"
	57
	58	## Fetch the type-handling library.
	59	if [ ! -f $KEYSLIB/ktype.$kprop_type ]; then
	60	echo >&2 "$quis: unknown key type \`$kprop_type'"
	61	exit 1
	62	fi
	63	. $KEYSLIB/ktype.$kprop_type
	64	checkprops "property" kprop_ "$k_props"
65
66	## Write the rest of the public key somewhere convenient.
67	mkdir $tmp/pubkey
68	cat <&3 >$tmp/pubkey/pub
69	k_import $tmp/pubkey
70	exec 3>&-
71	}
72
73	###--------------------------------------------------------------------------
74	### Commands.
75
76	defcmd encrypt [-o CIPHERTEXT] KEY [MESSAGE] <<EOF
77	Encrypt the MESSAGE (default stdin) using the public key KEY. Write the
78	ciphertext to CIPHERTEXT (default stdout).
79	EOF
80	cmd_encrypt () {
81	unset out
82	while getopts "o:" opt; do
83	case $opt in
84	o) out=$OPTARG ;;
85	*) usage_err ;;
86	esac
87	done
88	shift $(( $OPTIND - 1 ))
89	case $# in
90	1) ;;
91	2) msg=$2; exec <"$msg" ;;
92	*) usage_err ;;
93	esac
94	key=$1
95	unpack "$key"
96	case ${out+t} in
97	t) c_encrypt $tmp/pubkey - >"$out.new"; mv "$out.new" "$out" ;;
98	*) c_encrypt $tmp/pubkey - ;;
99	esac
100	}
101
102	defcmd verify KEY SIGNATURE [MESSAGE] <<EOF
103	Verify a SIGNATURE (literal, not a filename) against a MESSAGE (default
104	stdin) using the public KEY.
105	EOF
106	cmd_verify () {
107	case $# in
108	2) ;;
109	3) msg=$3; exec <"$msg" ;;
110	*) usage_err ;;
111	esac
112	key=$1 sig=$2
113	unpack "$key"
114	c_verify $tmp/pubkey - "$sig"
115	}
116
117	###--------------------------------------------------------------------------
118	### Main program.
119
120	while getopts "hv" opt; do
121	case "$opt" in
122	h) do_help; exit ;;
123	v) version; exit ;;
124	*) usage_err ;;
125	esac
126	done
127	shift $(( $OPTIND - 1 ))
128
129	case $# in 0) usage_err ;; esac
130
131	dispatch "$@"
132
133	###----- That's all, folks --------------------------------------------------