X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/distorted-keys/blobdiff_plain/53263601059e92d94b931e5444a0b53f7ea7027f..599c8f754492a6555503fedb8a2662ec229fb8e8:/reveal

diff --git a/reveal b/reveal
index d409e3b..8f8e347 100755
--- a/reveal
+++ b/reveal
@@ -7,18 +7,20 @@
 
 ###----- Licensing notice ---------------------------------------------------
 ###
-### This program is free software; you can redistribute it and/or modify
+### This file is part of the distorted.org.uk key management suite.
+###
+### distorted-keys is free software; you can redistribute it and/or modify
 ### it under the terms of the GNU General Public License as published by
 ### the Free Software Foundation; either version 2 of the License, or
 ### (at your option) any later version.
 ###
-### This program is distributed in the hope that it will be useful,
+### distorted-keys is distributed in the hope that it will be useful,
 ### but WITHOUT ANY WARRANTY; without even the implied warranty of
 ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 ### GNU General Public License for more details.
 ###
 ### You should have received a copy of the GNU General Public License
-### along with this program; if not, write to the Free Software Foundation,
+### along with distorted-keys; if not, write to the Free Software Foundation,
 ### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 
 set -e
@@ -41,22 +43,16 @@ case $# in
   *) echo >&2 "$usage"; exit 1 ;;
 esac
 recov=$1 keeper=$2; shift 2
+checklabel "recovery key" "$recov"
 case "$recov" in
-  *[!-0-9a-zA-Z_!%@+=/]* | */ | /* | \
-    *[!-0-9a-zA-Z_!%@+=]*/* | */*[!-0-9a-zA-Z_!%@+=]*)
-    echo >&2 "$quis: bad recovery key label \`$recov'"
-    exit 1
-    ;;
-  */*)
-    ;;
-  *)
-    recov=$recov/current
+  */*) ;;
+  *) recov=$recov/current ;;
 esac
 checkword "keeper set label" "$keeper"
 
 ## Grab the key, because we'll need to read it several times.
 tmp=$(mktmp); cleanup rmtmp
-secret=$(cat "$@")
+secret=$(cat -- "$@")
 pub=$(ec_public /dev/stdin <<EOF
 $secret
 EOF
@@ -86,8 +82,10 @@ t=${t%%;*}
 read n hunoz <$KEYS/keeper/$keeper/meta
 i=0
 foundp=nil
+: "$pub"
 while [ $i -lt $n ]; do
   read cand <$KEYS/keeper/$keeper/$i.pub
+  : "$cand"
   case "$pub" in "$cand") foundp=t; break ;; esac
   i=$(( i + 1 ))
 done
@@ -97,36 +95,39 @@ esac
 
 ## Establish the recovery staging area.  See whether we've done enough
 ## already.
-mem=$(userv root claim-mem-dir)
+mem=$(userv root claim-mem-dir </dev/null)
 tag=$(echo $recov | tr / .)
-if [ -d $mem/keys.reveal.$tag ]; then
+mkdir -p -m700 $mem/keys.reveal
+reveal=$mem/keys.reveal/$tag
+if [ ! -d $reveal ]; then mkdir -m700 $reveal; fi
+cd $reveal
+if [ -f secret ]; then
   echo >&2 "$quis: secret $recov already revealed"
   exit 1
 fi
-reveal=$mem/keys.reveal.$tag.$keeper
-if [ ! -d $reveal ]; then mkdir -m700 $reveal; fi
-cd $reveal
-if [ -f share.$i ]; then
+if [ -f $keeper.$i ]; then
   echo >&2 "$quis: share $i already revealed"
   exit 1
 fi
 
 ## Decrypt the share.
+umask 077
 ec_decrypt /dev/stdin \
   -i$KEYS/recov/$recov/$keeper.$i.share \
-  -oshare.$i.new <<EOF
+  -o$keeper.$i.new <<EOF
 $secret
 EOF
-mv share.$i.new share.$i
+mv $keeper.$i.new $keeper.$i
 
 ## See if there's enough for a recovery.
 n=0
-for j in share.*; do if [ -f "$j" ]; then n=$(( n + 1 )); fi; done
+for j in $keeper.*; do if [ -f "$j" ]; then n=$(( n + 1 )); fi; done
 if [ $n -lt $t ]; then
   echo >&2 "$quis: share $i revealed; $(( t - n )) more required"
 else
-  cat $KEYS/recov/$recov/$keeper.param share.* | shamir recover >secret
-  pubx=$(ec_public secret)
+  cat $KEYS/recov/$recov/$keeper.param $keeper.* >$keeper.shares
+  shamir recover <$keeper.shares >secret.new
+  pubx=$(ec_public secret.new)
   puby=$(cat $KEYS/recov/$recov/pub)
   case "$pubx" in
     "$puby") ;;
@@ -135,8 +136,7 @@ else
       exit 1
       ;;
   esac
-  cd ..
-  mv keys.reveal.$tag.$keeper keys.reveal.$tag
+  mv secret.new secret
   echo >&2 "$quis: secret $recov revealed"
 fi