. "$KEYSLIB"/keyfunc.sh
defhelp <<HELP
-RECOV KEEPER
+[-i INST] RECOV KEEPER
Reveal a share of a recovery key distributed among keepers.
If enough shares have been revealed, reconstruct the recovery private key.
HELP
## Parse the command line.
+inst=current
+while getopts "i:" opt; do
+ case "$opt" in
+ i) inst=$OPTARG ;;
+ *) usage_err ;;
+ esac
+done
+shift $(( $OPTIND - 1 ))
case $# in 2) ;; *) usage_err ;; esac
recov=$1 keeper=$2; shift 2
-checklabel "recovery key" "$recov"
-case "$recov" in
- */*) ;;
- *) recov=$recov/current ;;
-esac
+checkword "recovery instance" "$inst"
+checkword "recovery key" "$recov"
checkword "keeper set label" "$keeper"
## Check that this is a sensible thing to do.
-if [ ! -f $KEYS/keeper/$keeper/meta ]; then
+keepdir=$KEYS/keeper/$keeper
+if [ ! -f $keepdir/meta ]; then
echo >&2 "$quis: unknown keeper set \`$keeper'"
exit 1
fi
-if [ ! -d $KEYS/recov/$recov ]; then
+if [ ! -h $KEYS/recov/$recov/current ]; then
echo >&2 "$quis: unknown recovery key \`$recov'"
exit 1
fi
-if [ ! -f $KEYS/recov/$recov/$keeper.param ]; then
+rdir=$KEYS/recov/$recov/$inst
+if [ ! -f $rdir/$keeper.param ]; then
echo >&2 "$quis: recovery key \`$recov' not kept by keeper set \`$keeper'"
exit 1
fi
cat >$tmp/secret
## Read the threshold from the recovery metadata.
-t=$(sharethresh $KEYS/recov/$recov/$keeper.param)
+t=$(sharethresh $rdir/$keeper.param)
## Find out which keeper index it corresponds to.
-read n hunoz <$KEYS/keeper/$keeper/meta
+read n hunoz <$keepdir/meta
i=0
-foundp=nil
+foundnubp=nil
while [ $i -lt $n ]; do
- c_sysprepare $KEYS/keeper/$keeper/$i
+ c_sysprepare $keepdir/$i
nubbin=$(nubid <$tmp/secret)
- nubid=$(cat $KEYS/keeper/$keeper/$i/nubid)
- case "$nubbin" in "$nubid") foundp=t; break ;; esac
+ nubid=$(cat $keepdir/$i/nubid)
+ case "$nubbin" in "$nubid") foundnubp=t; break ;; esac
i=$(( $i + 1 ))
done
-case $foundp in
+case $foundnubp in
nil) echo >&2 "$quis: nub doesn't match keeper \`$keeper'"; exit 1 ;;
esac
## Establish the recovery staging area. See whether we've done enough
## already.
reqsafe
-tag=$(echo $recov | tr / .)
+tag=$recov.$inst
mkdir -p -m700 $SAFE/keys.reveal
reveal=$SAFE/keys.reveal/$tag
if [ ! -d $reveal ]; then mkdir -m700 $reveal; fi
cd $reveal
if [ -f nub ]; then
- echo >&2 "$quis: recovery key \`$recov' already revealed"
+ echo >&2 "$quis: recovery key \`$recov/$inst' already revealed"
exit 1
fi
if [ -f $keeper.$i.share ]; then
echo >&2 "$quis: share $i already revealed"
else
- c_sysdecrypt $KEYS/keeper/$keeper/$i $tmp/secret \
- <$KEYS/recov/$recov/$keeper.$i.share \
+ c_sysdecrypt $keepdir/$i $tmp/secret \
+ <$rdir/$keeper.$i.share \
>$keeper.$i.new
mv $keeper.$i.new $keeper.$i.share
fi
if [ $n -lt $t ]; then
echo >&2 "$quis: share $i revealed; $(( $t - $n )) more required"
else
- cat $KEYS/recov/$recov/$keeper.param $keeper.*.share >$keeper.shares
+ cat $rdir/$keeper.param $keeper.*.share >$keeper.shares
$bindir/shamir recover <$keeper.shares >nub.new
- c_sysprepare $KEYS/recov/$recov/store
+ c_sysprepare $rdir/store
nubbin=$(nubid <nub.new)
- nubid=$(cat $KEYS/recov/$recov/store/nubid)
+ nubid=$(cat $rdir/store/nubid)
case "$nubbin" in
"$nubid") ;;
*)
esac
mv nub.new nub
rm -f $keeper.*
- echo >&2 "$quis: recovery key \`$recov' revealed"
+ echo >&2 "$quis: recovery key \`$recov/$inst' revealed"
fi
###----- That's all, folks --------------------------------------------------