@@@ keys.retire-recov

[distorted-keys] / cryptop.recover

diff --git a/cryptop.recover b/cryptop.recover
index f661569..f1fc9db 100755 (executable)
--- a/cryptop.recover
+++ b/cryptop.recover
@@ -28,21 +28,34 @@ case "${KEYSLIB+t}" in t) ;; *) echo >&2 "$0: KEYSLIB unset"; exit 1 ;; esac
 . "$KEYSLIB"/keyfunc.sh
 
 defhelp <<HELP
-KEY RECOV
+[-i INST] KEY RECOV
 Recover the named user KEY using a blob protected using the recovery key
 RECOV; it is an error if RECOV is not currently revealed.
 HELP
 
+inst=current
+while getopts "i:" opt; do
+  case "$opt" in
+    i) inst=$OPTARG ;;
+    *) usage_err ;;
+  esac
+done
+shift $(( $OPTIND - 1 ))
 case $# in 2) ;; *) usage_err ;; esac
 key=$1 recov=$2
 parse_keylabel "$key"
 if [ ! -d $kdir ]; then echo >&2 "$quis: unknown key \`$key'"; exit 1; fi
+checkword "recovery instance" "$inst"
 checkword "recovery key label" "$recov"
+case $kowner in
+  $USERV_USER) ;;
+  *) echo >&2 "$quis: you're not the owner of key \`$key'"; exit 1 ;;
+esac
 
 mktmp
 nubid=$(cat $kdir/nubid)
 readmeta $kdir
-read_profile "$profile"
+read_profile $kowner "$profile"
 if [ -f $knub ]; then
   nubbin=$(nubid <$knub)
   case "$nubbin" in
@@ -54,11 +67,12 @@ if [ -f $knub ]; then
 fi
 
 umask 077
-recover $recov $kowner/$klabel >$knub.new
+recover $recov $inst $kowner/$klabel >$knub.new
 nubbin=$(nubid <$knub.new)
 case "$nubbin" in
   "$nubid") ;;
   *)
+    rm -f $knub.new
     echo >&2 "$quis: recovery produced incorrect nub"
     exit 1
     ;;