###----- Licensing notice ---------------------------------------------------
###
-### This program is free software; you can redistribute it and/or modify
+### This file is part of the distorted.org.uk key management suite.
+###
+### distorted-keys is free software; you can redistribute it and/or modify
### it under the terms of the GNU General Public License as published by
### the Free Software Foundation; either version 2 of the License, or
### (at your option) any later version.
###
-### This program is distributed in the hope that it will be useful,
+### distorted-keys is distributed in the hope that it will be useful,
### but WITHOUT ANY WARRANTY; without even the implied warranty of
### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
### GNU General Public License for more details.
###
### You should have received a copy of the GNU General Public License
-### along with this program; if not, write to the Free Software Foundation,
+### along with distorted-keys; if not, write to the Free Software Foundation,
### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
set -e
*) echo >&2 "$usage"; exit 1 ;;
esac
recov=$1 keeper=$2; shift 2
+checklabel "recovery key" "$recov"
case "$recov" in
- *[!-0-9a-zA-Z_!%@+=/]* | */ | /* | \
- *[!-0-9a-zA-Z_!%@+=]*/* | */*[!-0-9a-zA-Z_!%@+=]*)
- echo >&2 "$quis: bad recovery key label \`$recov'"
- exit 1
- ;;
- */*)
- ;;
- *)
- recov=$recov/current
+ */*) ;;
+ *) recov=$recov/current ;;
esac
checkword "keeper set label" "$keeper"
## Grab the key, because we'll need to read it several times.
tmp=$(mktmp); cleanup rmtmp
-secret=$(cat "$@")
+secret=$(cat -- "$@")
pub=$(ec_public /dev/stdin <<EOF
$secret
EOF
read n hunoz <$KEYS/keeper/$keeper/meta
i=0
foundp=nil
+: "$pub"
while [ $i -lt $n ]; do
read cand <$KEYS/keeper/$keeper/$i.pub
+ : "$cand"
case "$pub" in "$cand") foundp=t; break ;; esac
i=$(( i + 1 ))
done
## Establish the recovery staging area. See whether we've done enough
## already.
-mem=$(userv root claim-mem-dir)
+mem=$(userv root claim-mem-dir </dev/null)
tag=$(echo $recov | tr / .)
-if [ -d $mem/keys.reveal.$tag ]; then
+mkdir -p -m700 $mem/keys.reveal
+reveal=$mem/keys.reveal/$tag
+if [ ! -d $reveal ]; then mkdir -m700 $reveal; fi
+cd $reveal
+if [ -f secret ]; then
echo >&2 "$quis: secret $recov already revealed"
exit 1
fi
-reveal=$mem/keys.reveal.$tag.$keeper
-if [ ! -d $reveal ]; then mkdir -m700 $reveal; fi
-cd $reveal
-if [ -f share.$i ]; then
+if [ -f $keeper.$i ]; then
echo >&2 "$quis: share $i already revealed"
exit 1
fi
## Decrypt the share.
+umask 077
ec_decrypt /dev/stdin \
-i$KEYS/recov/$recov/$keeper.$i.share \
- -oshare.$i.new <<EOF
+ -o$keeper.$i.new <<EOF
$secret
EOF
-mv share.$i.new share.$i
+mv $keeper.$i.new $keeper.$i
## See if there's enough for a recovery.
n=0
-for j in share.*; do if [ -f "$j" ]; then n=$(( n + 1 )); fi; done
+for j in $keeper.*; do if [ -f "$j" ]; then n=$(( n + 1 )); fi; done
if [ $n -lt $t ]; then
echo >&2 "$quis: share $i revealed; $(( t - n )) more required"
else
- cat $KEYS/recov/$recov/$keeper.param share.* | shamir recover >secret
- pubx=$(ec_public secret)
+ cat $KEYS/recov/$recov/$keeper.param $keeper.* >$keeper.shares
+ shamir recover <$keeper.shares >secret.new
+ pubx=$(ec_public secret.new)
puby=$(cat $KEYS/recov/$recov/pub)
case "$pubx" in
"$puby") ;;
exit 1
;;
esac
- cd ..
- mv keys.reveal.$tag.$keeper keys.reveal.$tag
+ mv secret.new secret
echo >&2 "$quis: secret $recov revealed"
fi