validp=t
case "$thing" in
- *"$nl"*) validp=nil ;;
- *) if ! expr >/dev/null "Q$thing" : "Q$ckpat\$"; then validp=nil; fi ;;
+ *"$nl"*)
+ validp=nil
+ ;;
+ *)
+ if ! expr >/dev/null "Q$thing" : "\(Q$ckpat\)\$"; then
+ validp=nil
+ fi
+ ;;
esac
case $validp in
nil) echo >&2 "$quis: bad $ckwhat \`$thing'"; exit 1 ;;
## to demonstrate the same idiocy as GNU mumblesum.
set _ $({ echo "distorted-keys nubid"; cat -; } |
openssl dgst -${kprop_nubid_hash-sha256})
+ if [ $# -gt 2 ]; then shift; fi
echo $2
}
## Stub implementations.
notsupp () { op=$1; echo >&2 "$quis: operation \`$op' not supported"; }
k_info () { :; }
+k_import () { :; }
k_encrypt () { notsupp encrypt; }
k_decrypt () { notsupp decrypt; }
k_sign () { notsupp sign; }
}
recover () {
- recov=$1 label=$2
+ recov=$1 inst=$2 label=$3
## Recover a stashed secret, protected by RECOV and stored as LABEL, and
## write it to stdout.
checkword "recovery key label" "$recov"
+ checkword "recovery instance" "$inst"
checklabel "secret" "$label"
- rdir=$KEYS/recov/$recov/current
+ rdir=$KEYS/recov/$recov/$inst
if [ ! -f $rdir/$label.recov ]; then
- echo >&2 "$quis: no blob for \`$label' under recovery key \`$recov'"
+ echo >&2 "$quis: recovery key \`$recov/$inst' has no blob for \`$label'"
exit 1
fi
reqsafe
- nub=$SAFE/keys.reveal/$recov.current/nub
+ tag=$recov.$inst
+ nub=$SAFE/keys.reveal/$tag/nub
if [ ! -f $nub ]; then
- echo >&2 "$quis: current recovery key \`$recov' not revealed"
+ echo >&2 "$quis: recovery key \`$recov/$inst' not revealed"
exit 1;
fi
mktmp
### Subcommand handling.
version () {
- echo "$PACKAGE version $VERSION"
+ echo "$quis, $PACKAGE version $VERSION"
}
unset cmdargs
EOF
case $foundp in
t)
+ usage; echo
eval help=\$help_$cmdname; echo "$help"
;;
nil)