Commit | Line | Data |
---|---|---|
53263601 MW |
1 | #! /bin/sh |
2 | ### | |
3 | ### Issue cards containing a bunch of keeper secrets | |
4 | ### | |
5 | ### (c) 2011 Mark Wooding | |
6 | ### | |
7 | ||
8 | ###----- Licensing notice --------------------------------------------------- | |
9 | ### | |
599c8f75 MW |
10 | ### This file is part of the distorted.org.uk key management suite. |
11 | ### | |
12 | ### distorted-keys is free software; you can redistribute it and/or modify | |
53263601 MW |
13 | ### it under the terms of the GNU General Public License as published by |
14 | ### the Free Software Foundation; either version 2 of the License, or | |
15 | ### (at your option) any later version. | |
16 | ### | |
599c8f75 | 17 | ### distorted-keys is distributed in the hope that it will be useful, |
53263601 MW |
18 | ### but WITHOUT ANY WARRANTY; without even the implied warranty of |
19 | ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
20 | ### GNU General Public License for more details. | |
21 | ### | |
22 | ### You should have received a copy of the GNU General Public License | |
599c8f75 | 23 | ### along with distorted-keys; if not, write to the Free Software Foundation, |
53263601 MW |
24 | ### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
25 | ||
26 | set -e | |
27 | case "${KEYSLIB+t}" in t) ;; *) echo >&2 "$0: KEYSLIB unset"; exit 1 ;; esac | |
28 | . "$KEYSLIB"/keyfunc.sh | |
29 | ||
30 | defhelp <<HELP | |
ac1aec3a | 31 | [-pt] KEEPER [INDICES ...] |
53263601 MW |
32 | Typeset cards for a set of keeper secrets. |
33 | ||
ac1aec3a MW |
34 | This program creates a set of printable cards containing key nubs from the |
35 | keeper set KEEPER, specifically the keys with the given INDICES. Elements of | |
36 | the list are either simple integers or ranges [LOW]-[HIGH]; if LOW is | |
37 | omitted, it means 0, and if HIGH is omitted, it means the highest possible | |
38 | index. If no INDICES are given then all secret keys are written. | |
53263601 MW |
39 | |
40 | The public keys are found in $KEYS/keeper/KEEPER/I.pub; | |
d516ebd0 MW |
41 | key nubs are read from the safe place where \`keys new-keeper' left |
42 | them. | |
ac1aec3a MW |
43 | |
44 | If the \`-p' option is given, then the output is a PostScript file which | |
45 | can be printed immediately. If the \`-t' option is given, then the output | |
46 | is a \`tar' archive containing a TeX source file and images, which must | |
47 | be processed using \`latex' and \`dvips'. The default is \`-t'. | |
53263601 | 48 | HELP |
53263601 | 49 | |
ac1aec3a MW |
50 | ## Read options. |
51 | mode=tar | |
52 | while getopts "pt" opt; do | |
53 | case "$opt" in | |
54 | p) mode=ps ;; | |
55 | t) mode=tar ;; | |
56 | *) usage_err ;; | |
57 | esac | |
58 | done | |
59 | shift $(( $OPTIND - 1 )) | |
60 | ||
53263601 | 61 | ## Parse the command line. |
c47f2aba | 62 | case $# in 0) usage_err ;; esac |
53263601 MW |
63 | keeper=$1; shift |
64 | checkword "keeper set label" "$keeper" | |
d516ebd0 MW |
65 | |
66 | ## Find out about the set. | |
67 | if [ ! -f $KEYS/keeper/$keeper/meta ]; then | |
68 | echo >&2 "$quis: unknown keeper set \`$keeper'" | |
69 | exit 1 | |
70 | fi | |
53263601 MW |
71 | read n hunoz <$KEYS/keeper/$keeper/meta |
72 | ||
d516ebd0 MW |
73 | ## Check that nubs are available for the keeper set. |
74 | reqsafe | |
75 | if [ ! -d $SAFE/keys.keeper/$keeper/ ]; then | |
76 | echo >&2 "$quis: no nubs available for keeper set \`$keeper'" | |
77 | exit 1 | |
78 | fi | |
79 | cd $SAFE/keys.keeper/$keeper/ | |
80 | ||
53263601 MW |
81 | ## Build a colon-separated list of the indices we actually want. |
82 | want=: | |
83 | case $# in 0) set 0- ;; esac | |
84 | for range in "$@"; do | |
85 | case "$range" in | |
86 | *[!-0-9]* | *[!0-9]*-* | *-*[!0-9]*) | |
87 | echo >&2 "$quis: bad index range \`$range'" | |
88 | exit 1 | |
89 | ;; | |
90 | *-*) | |
91 | low=${range%-*} high=${range#*-} | |
92 | ;; | |
93 | *) | |
94 | low=$range high=$range | |
95 | ;; | |
96 | esac | |
97 | case "$low" in ?*) ;; *) low=0 ;; esac | |
c47f2aba | 98 | case "$high" in ?*) ;; *) high=$(( $n - 1 )) ;; esac |
53263601 MW |
99 | if [ 0 -gt $low -o $low -gt $high -o $high -ge $n ]; then |
100 | echo >&2 "$quis: invalid index range \`$range'" | |
101 | exit 1 | |
102 | fi | |
c47f2aba | 103 | i=$(( $low + 0 )) |
53263601 MW |
104 | while [ $i -le $high ]; do |
105 | case $want in *:"$i":*) ;; *) want=$want$i: ;; esac | |
c47f2aba | 106 | i=$(( $i + 1 )) |
53263601 MW |
107 | done |
108 | done | |
109 | ||
110 | ## Start working on the output file. This will contain deep secrets, so | |
111 | ## don't leave stuff easily readable. | |
c47f2aba | 112 | mktmp |
53263601 MW |
113 | umask 077 |
114 | exec 3>$tmp/$keeper.tex | |
ac1aec3a | 115 | cat >&3 $ETC/keeper-cards.tex |
53263601 MW |
116 | |
117 | ## Write the basic configuration stuff. | |
118 | cat >&3 <<EOF | |
119 | ||
120 | %% General configuration for the cards. | |
121 | \def\keeper{$keeper} | |
122 | \def\total{$n} | |
123 | EOF | |
124 | ||
125 | ## Start the document body. | |
126 | cat >&3 <<'EOF' | |
127 | ||
128 | %% The actual content. | |
129 | \begin{document} | |
130 | EOF | |
131 | ||
132 | ## Work through the requested indices. | |
133 | i=0 | |
134 | while [ $i -lt $n ]; do | |
135 | case $want in | |
136 | *:"$i":*) | |
d516ebd0 MW |
137 | read secret <$i |
138 | tr -d '\n' <$i | qrencode -m0 -s1 -o$tmp/$i.png | |
53263601 MW |
139 | convert $tmp/$i.png $tmp/$i.eps |
140 | cat >&3 <<EOF | |
141 | \card{$i}{$secret} | |
142 | EOF | |
143 | esac | |
c47f2aba | 144 | i=$(( $i + 1 )) |
53263601 MW |
145 | done |
146 | ||
147 | ## Wrap up and build the document. | |
148 | cat >&3 <<'EOF' | |
149 | \end{document} | |
150 | EOF | |
151 | exec 3>&- | |
ac1aec3a MW |
152 | |
153 | case $mode in | |
154 | ps) | |
155 | if ! (cd $tmp | |
156 | exec </dev/null >tex.out 2>&1 | |
157 | latex $keeper.tex && dvips -o$keeper.ps $keeper.dvi); then | |
158 | echo >&2 "$quis: document formatting failed" | |
159 | sed >&2 's/^/| /' $tmp/tex.out | |
160 | exit 1 | |
161 | fi | |
162 | cat $tmp/$keeper.ps | |
163 | ;; | |
164 | tar) | |
165 | (cd $tmp; tar cf - $keeper.tex *.eps) | |
166 | ;; | |
167 | esac | |
53263601 MW |
168 | |
169 | ###----- That's all, folks -------------------------------------------------- |