X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/distorted-keys/blobdiff_plain/2235222bb9739a1e6713b49290906c5b4cf08f04..ae0eb8989b3100de7b410f0cbffbee48495b9591:/keys.list-keepers

diff --git a/keys.list-keepers b/keys.list-keepers
index 399d765..297c83e 100755
--- a/keys.list-keepers
+++ b/keys.list-keepers
@@ -34,53 +34,91 @@ HELP
 
 case $# in 0) ;; *) usage_err ;; esac
 
+## Collect information about available recovery keys.
 if [ -d $KEYS/recov ]; then
   cd $KEYS/recov
+
+  ## No keeper sets encountered yet.
   kk=:
-  for r in $(find . -type l -name current -print); do
-    r=${r#./}; r=${r%/current}
-    if ! expr >/dev/null "Q$r" : "Q$R_LABEL"; then continue; fi
-    set _ $(echo $r | md5sum); rh=$2
-    eval rcur_$rh=$(readlink $r/current) r_$rh=\$r
+
+  ## Iterate over recovery keys.
+  for r in *; do
+    if [ ! -d $r ]; then continue; fi
+
+    ## Now work through the instances of this recovery key.
     for ri in $r/*; do
+
+      ## Get the instance number.
       i=${ri##*/}
       case "$i" in *[!0-9]*) continue ;; esac
+
+      ## Read the keeper sharing parameters.
       for kp in $ri/*.param; do
+
+	## Find the keeper name.
 	k=${kp##*/}; k=${k%.param}
+
+	## Add this keeper to the list if we haven't already, and clear the
+	## list of associated recovery keys.
 	case $kk in *:$k:*) ;; *) kk=$kk$k:; unset rr_$k ;; esac
-	eval t_$k_$rh_$i='$(sharethresh $kp)'
-	eval "rr_$k=\${rr_$k+\$rr_$k }$rh/$i"
+
+	## Associate this recovery key instance with the keeper set, and
+	## store information about the sharing.
+	eval t_$k_$r_$i='$(sharethresh $kp)'
+	eval "rr_$k=\${rr_$k+\$rr_$k }$r/$i"
       done
     done
   done
 fi
 
+## Now work through the keeper sets.
 if [ ! -d $KEYS/keeper ]; then
   echo >&2 "$quis: no keepers"
 else
   cd $KEYS/keeper
+
+  ## Iterate over the keeper sets.
+  firstp=t
   for k in *; do
+
+    ## Make sure that this really looks like a keeper set.
     checkword "keeper set label" "$k"
     if [ ! -r $k/meta ]; then continue; fi
+
+    ## Read the keeper metadata, and print basic stuff about it.
     read n hunoz <$k/meta
     readmeta $k/0
+    case $firstp in t) firstp=nil ;; nil) echo ;; esac
     echo "$k profile=$profile n=$n"
+
+    ## Print the sharing information, including the keeper nubids.
     echo "  share"
     i=0; while [ $i -lt $n ]; do
       nubid=$(cat $k/$i/nubid)
       echo "	$i nubid=$nubid"
       i=$(( $i + 1 ))
     done
+
+    ## Print the associated recovery keys.
     echo "  recov"
     eval rr=\$rr_$k
     for ri in $rr; do
-      rh=${ri%/*} i=${ri##*/}
-      eval r=\$r_$rh
-      eval t=\$t_$k_$rh_$i
+
+      ## Pick out the hash and instance number, and extract the rest of the
+      ## data from this recovery key.
+      r=${ri%/*} i=${ri##*/}
+      eval t=\$t_$k_$r_$i
+
+      ## Start assembling an information line.
       info="$r/$i t=$t"
-      set $(echo $r/$i | tr / .) revealed
-      eval rcur=\$rcur_$rh
-      case $rcur in $i) set "$@" $(echo $r/current | tr / .) current ;; esac
+
+      ## Determine the revelation status of the recovery key.  There are
+      ## maybe things to check: the revelation of the key by explicit
+      ## instance, or, if applicable, as the current instance.  Build in the
+      ## positional parameters a sequence of DIR WHAT pairs to process.
+      set $r.$i revealed
+      eval rcur=\$rcur_$r
+      case $rcur in $i) set "$@" $r.current current ;; esac
       while [ $# -gt 0 ]; do
 	rd=$SAFE/keys.reveal/$1 attr=$2; shift 2
 	if [ ! -d $rd ]; then
@@ -96,6 +134,8 @@ else
 	  info="$info $attr=$ss"
 	fi
       done
+
+      ## Print this information.
       echo "	$info"
     done
   done