chiark - git - mdw - distorted-keys/log

Mark Wooding [Mon, 26 Dec 2011 04:19:01 +0000]

cryptop.list: New tool for listing keys.

Surprisingly nice output format.

Mark Wooding [Mon, 26 Dec 2011 04:18:33 +0000]

keyfunc.sh.in, cryptop.{genkey,recover}: Care over key ownership.

Interpret profiles relative to the key owner, not the caller! Only allow
the key owner to recover a key.

commit | commitdiff | tree

Mark Wooding [Mon, 26 Dec 2011 00:03:53 +0000]

keys.archive: New program to capture and sign an archive.

Doesn't include the key nubs.

commit | commitdiff | tree

Mark Wooding [Mon, 26 Dec 2011 00:03:18 +0000]

distorted-keys.userv: Add userv configuration snippet.

Needs a configured user name, and sbindir.

commit | commitdiff | tree

Mark Wooding [Mon, 26 Dec 2011 00:00:43 +0000]

Makefile.am: Move cryptop stuff after keys stuff.

Makes more sense this way.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:55:59 +0000]

extract-profile.in: Allow empty sections.

Create a section as soon as we see a section header; we no longer need
the more complicated lazy creation code.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:51:36 +0000]

cryptop.in, keyfunc.sh.in: Move userv variable setup into keyfunc.sh.

We'll need these set up in a later program.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:47:22 +0000]

cryptop.public: Don't check an ACL.

It's not worthwhile: public keys will be clearly visible in an archive
copy.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:46:39 +0000]

keyfunc.sh.in (prepare): Indicate that an ACL check isn't necessary.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:43:10 +0000]

keyfunc.sh.in: Add come commentary to the configuration section.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:49:44 +0000]

keys.new-recov, keys.reveal, keyfunc.sh.in: Don't put @bindir@ on the PATH.

Call `shamir' using an explicit pathname instead.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:32:48 +0000]

keyfunc.sh.in: Rename the nub computation properties.

These names are more consistent with the longer names used elsewhere.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:58:43 +0000]

extract-profile.in: Property name fixup wasn't applied to ${...} tokens.

Move it into the common replacement code.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:43:50 +0000]

keyfunc.sh.in (prepare): Exit nonzero if ACL check fails.

Just a missing return code.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:54:23 +0000]

cryptop.verify: Use the correct operations.

Stupid copy-and-paste error.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:41:43 +0000]

keyfunc.sh.in, extract-profile.in: Put profile name before the filenames.

This is the way it was originally, but that version wasn't checked in.
I had some crazy idea that this ordering made interfacing to userv
easier, but it doesn't.

commit | commitdiff | tree

Mark Wooding [Sun, 25 Dec 2011 23:30:26 +0000]

cryptop.*, extract-profile.in: Set execute bits.

commit | commitdiff | tree

Mark Wooding [Sat, 24 Dec 2011 02:29:11 +0000]

Multiple key types, key profiles, and user key storage.

  * Introduce multiple key types (currently GnuPG and Seccure, but maybe
    more later, e.g., OpenSSL).

  * Parameters are provided via time-varying profiles.

  * Profiles can be chosen for keeper and recovery keys.

  * Allow users to generate and use keys.

commit | commitdiff | tree

Mark Wooding [Sat, 17 Dec 2011 00:15:00 +0000]

more progress. recovery seems to be working now.

commit | commitdiff | tree

Mark Wooding [Tue, 13 Dec 2011 01:05:10 +0000]