Remove `--force' from keys.new-keeper; introduce explicit delete command.

[distorted-keys] / keyfunc.sh.in

diff --git a/keyfunc.sh.in b/keyfunc.sh.in
index dda8a2eea0327f41ceb9c758faca6afb57308991..6cba169629c18ad1761cfdc833a95622aa1787e2 100644 (file)
--- a/keyfunc.sh.in
+++ b/keyfunc.sh.in
@@ -322,6 +322,7 @@ nubid () {
   ## to demonstrate the same idiocy as GNU mumblesum.
   set _ $({ echo "distorted-keys nubid"; cat -; } |
     openssl dgst -${kprop_nubid_hash-sha256})
   ## to demonstrate the same idiocy as GNU mumblesum.
   set _ $({ echo "distorted-keys nubid"; cat -; } |
     openssl dgst -${kprop_nubid_hash-sha256})

+  if [ $# -gt 2 ]; then shift; fi

   echo $2
 }
 
   echo $2
 }
 


@@ -611,21 +612,23 @@ stash () {
 }
 
 recover () {
 }
 
 recover () {

-  recov=$1 label=$2
+  recov=$1 inst=$2 label=$3

   ## Recover a stashed secret, protected by RECOV and stored as LABEL, and
   ## write it to stdout.
   checkword "recovery key label" "$recov"
   ## Recover a stashed secret, protected by RECOV and stored as LABEL, and
   ## write it to stdout.
   checkword "recovery key label" "$recov"

+  checkword "recovery instance" "$inst"

   checklabel "secret" "$label"
 
   checklabel "secret" "$label"
 

-  rdir=$KEYS/recov/$recov/current
+  rdir=$KEYS/recov/$recov/$inst

   if [ ! -f $rdir/$label.recov ]; then
   if [ ! -f $rdir/$label.recov ]; then

-    echo >&2 "$quis: no blob for \`$label' under recovery key \`$recov'"
+    echo >&2 "$quis: no blob for \`$label' under recovery key \`$recov/$inst'"

     exit 1
   fi
   reqsafe
     exit 1
   fi
   reqsafe

-  nub=$SAFE/keys.reveal/$recov.current/nub
+  tag=$recov.$inst
+  nub=$SAFE/keys.reveal/$tag/nub

   if [ ! -f $nub ]; then
   if [ ! -f $nub ]; then

-    echo >&2 "$quis: current recovery key \`$recov' not revealed"
+    echo >&2 "$quis: current recovery key \`$recov/$inst' not revealed"

     exit 1;
   fi
   mktmp
     exit 1;
   fi
   mktmp