3 ### Recover a secret stashed earlier
5 ### (c) 2011 Mark Wooding
8 ###----- Licensing notice ---------------------------------------------------
10 ### This file is part of the distorted.org.uk key management suite.
12 ### distorted-keys is free software; you can redistribute it and/or modify
13 ### it under the terms of the GNU General Public License as published by
14 ### the Free Software Foundation; either version 2 of the License, or
15 ### (at your option) any later version.
17 ### distorted-keys is distributed in the hope that it will be useful,
18 ### but WITHOUT ANY WARRANTY; without even the implied warranty of
19 ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 ### GNU General Public License for more details.
22 ### You should have received a copy of the GNU General Public License
23 ### along with distorted-keys; if not, write to the Free Software Foundation,
24 ### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
27 case "${KEYSLIB+t}" in t) ;; *) echo >&2 "$0: KEYSLIB unset"; exit 1 ;; esac
28 . "$KEYSLIB"/keyfunc.sh
32 Recover the secret LABEL using recovery key RECOV.
34 The recovery key must be revealed. The secret is written to stdout.
38 ## Parse the command line.
39 case $# in 2) ;; *) echo >&2 "$usage"; exit 1 ;; esac
41 checklabel "recovery key label" "$recov"
42 checklabel "secret" "$label"
45 blob=$KEYS/recov/$recov/current/$label.recov
46 if [ ! -f $blob ]; then
47 echo >&2 "$quis: no recovery blob for secret \`$label'"
50 mem=$(userv root claim-mem-dir </dev/null)
51 reveal=$mem/keys.reveal/$recov.current/secret
52 if [ ! -f $reveal ]; then
53 echo >&2 "$quis: current $recov key not revealed"
56 tmp=$(mktmp); cleanup rmtmp
57 ec_decrypt $reveal -i$blob
59 ###----- That's all, folks --------------------------------------------------