###--------------------------------------------------------------------------
### Configuration variables.
+## Automatically configured pathnames.
PACKAGE="@PACKAGE@" VERSION="@VERSION@"
bindir="@bindir@"
-case ":$PATH:" in *:"$bindir":*) ;; *) PATH=$bindir:$PATH ;; esac
-
+## Read user configuration.
if [ -f $ETC/keys.conf ]; then . $ETC/keys.conf; fi
+## Maybe turn on debugging.
case "${KEYS_DEBUG+t}" in t) set -x ;; esac
+## Fake up caller credentials if not called via userv.
+case "${USERV_USER+t}" in
+ t) ;;
+ *) USERV_USER=${LOGNAME-${USER-$(id -un)}} USERV_UID=$(id -u) ;;
+esac
+case "${USERV_GROUP+t}" in
+ t) ;;
+ *) USERV_GROUP=$(id -Gn) USERV_GID=$(id -gn) ;;
+esac
+
###--------------------------------------------------------------------------
### Cleanup handling.
validp=t
case "$thing" in
*"$nl"*) validp=nil ;;
- *) if ! expr >/dev/null "$thing" : "$ckpat\$"; then validp=nil; fi ;;
+ *) if ! expr >/dev/null "Q$thing" : "Q$ckpat\$"; then validp=nil; fi ;;
esac
case $validp in
nil) echo >&2 "$quis: bad $ckwhat \`$thing'"; exit 1 ;;
## Regular expressions for validating input.
R_IDENTCHARS="A-Za-z0-9_"
-R_WORDCHARS="-$R_IDENTCHARS!%@+="
+R_GOODPUNCT="!%@+="
+R_WORDCHARS="-$R_IDENTCHARS$R_GOODPUNCT"
R_IDENT="[$R_IDENTCHARS][$R_IDENTCHARS]*"
R_WORD="[$R_WORDCHARS][$R_WORDCHARS]*"
+R_ACLCHARS="][$R_IDENTCHARS$R_GOODPUNCT*?:.#"
R_WORDSEQ="[$R_WORDCHARS[:space:]][$R_WORDCHARS[:space:]]*"
+R_ACL="[$R_ACLCHARS[:space:]-][$R_ACLCHARS[:space:]-]*"
R_NUMERIC='\(\([1-9][0-9]*\)\{0,1\}0\{0,1\}\)'
R_LABEL="\($R_WORD\(/$R_WORD\)*\)"
R_LINE=".*"
type nil $R_IDENT
recovery t $R_WORDSEQ
random t $R_WORD
-nubhash t $R_WORD
-nubidhash t $R_WORD
-nubsz t $R_NUMERIC
+nub_hash t $R_WORD
+nubid_hash t $R_WORD
+nub_random_bytes t $R_NUMERIC
+acl_encrypt t $R_ACL
+acl_decrypt t $R_ACL
+acl_sign t $R_ACL
+acl_verify t $R_ACL
+acl_info t $R_ACL
EOF
readprops () {
makenub () {
## Generate a key nub in the default way, and write it to standard output.
- ## The properties `random', `nubsz' and `nubhash' are referred to.
+ ## The properties `random', `nub_random_bytes' and `nub_hash' are referred
+ ## to.
dd 2>/dev/null \
- if=/dev/${kprop_random-random} bs=1 count=${kprop_nubsz-512} |
- openssl dgst -${kprop_nubhash-sha384} -binary |
+ if=/dev/${kprop_random-random} bs=1 count=${kprop_nub_random_bytes-64} |
+ openssl dgst -${kprop_nub_hash-sha256} -binary |
openssl base64
}
nubid () {
## Compute a hash of the key nub in stdin, and write it to stdout in hex.
- ## The property `nubidhash' is used.
+ ## The property `nubid_hash' is used.
{ echo "distorted-keys nubid"; cat -; } |
- openssl dgst -${kprop_nubidhash-sha256}
+ openssl dgst -${kprop_nubid_hash-sha256}
}
subst () {
}
read_profile () {
- profile=$1
+ owner=$1 profile=$2
## Read property settings from a profile. The PROFILE name has the form
- ## [USER:]LABEL. Properties are set using `setprops' with prefix `kprop_'.
+ ## [USER:]LABEL; USER defaults to OWNER. Properties are set using
+ ## `setprops' with prefix `kprop_'.
reqtmp
case "$profile" in
label=${profile#:} uservp=nil
;;
*)
- user=$USERV_USER label=$profile uservp=t
+ user=$kowner label=$profile uservp=t
;;
*:*)
user=${profile%%:*} label=${profile#*:} uservp=t
prepare () {
key=$1 op=$2
## Prepare for a crypto operation OP, using the KEY. This validates the
- ## key label, reads the profile, and checks the access-control list.
+ ## key label, reads the profile, and checks the access-control list. If OP
+ ## is `-' then allow the operation unconditionally.
## Find the key properties.
parse_keylabel "$key"
if [ ! -d $kdir ]; then echo >&2 "$quis: unknown key \`$key'"; exit 1; fi
readmeta $kdir
- read_profile "$profile"
+ read_profile $kowner "$profile"
## Check whether we're allowed to do this thing. This is annoyingly
## fiddly.
+ case $op in -) return ;; esac
eval acl=\${kprop_acl_$op-!owner}
verdict=forbid
while :; do
done
case $verdict in
- forbid) echo >&2 "$quis: $op access to key \`$key' forbidden"; exit ;;
+ forbid) echo >&2 "$quis: $op access to key \`$key' forbidden"; exit 1 ;;
esac
}