~mdw / distorted-keys / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
New key type `reop'.
[distorted-keys] / profile.d / 01reop
diff --git a/profile.d/01reop b/profile.d/01reop
new file mode 100644 (file)
index 0000000..ab02190
--- /dev/null
+++ b/profile.d/01reop
@@ -0,0 +1,59 @@
+;;; -*-conf-*-
+;;;
+;;; Default configuration for REOP keys
+;;;
+;;; (c) 2015 Mark Wooding
+;;;
+
+;;;----- Licensing notice ---------------------------------------------------
+;;;
+;;; This file is part of the distorted.org.uk key management suite.
+;;;
+;;; distorted-keys is free software; you can redistribute it and/or modify
+;;; it under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 2 of the License, or
+;;; (at your option) any later version.
+;;;
+;;; distorted-keys is distributed in the hope that it will be useful,
+;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with distorted-keys; if not, write to the Free Software Foundation,
+;;; Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+;;;--------------------------------------------------------------------------
+;;; REOP configuration.
+;;;
+;;; Important note!  REOP tries to provide (deniable) authenticity of
+;;; ciphertexts.  This implementation subverts that property by generating an
+;;; ephemeral sending key.
+;;;
+;;; Properties defined by the key-type are as follows.  All the properties
+;;; are optional.
+;;;
+;;; identity           The identity to store in the key data.  A %{PARAM}
+;;;                    placeholder is replaced by the value of the named
+;;;                    key-generation parameter PARAM, and an error is
+;;;                    reported if no such parameter is provided; a
+;;;                    %{PARAM-DEFAULT} placeholder is replaced by the value
+;;;                    of the parameter PARAM, or the string DEFAULT is no
+;;;                    such parameter is provided.
+
+[%reop]
+type = reop
+
+;; Identity string.
+identity = %{identity}
+
+[reop-integrity]
+@include = %reop %asymmetric-integrity
+
+[reop-secrecy]
+@include = %reop %asymmetric-secrecy
+
+[%seccure-infra]
+@include = %seccure
+
+;;;----- That's all, folks --------------------------------------------------
A Userv-based key management system.