dist_pkgdata_DATA += ktype.seccure
dist_profile_DATA += profile.d/01seccure
+dist_pkgdata_DATA += ktype.reop
+dist_profile_DATA += profile.d/01reop
+
## Commands.
dist_pkgdata_SCRIPTS += cryptop.archive
dist_pkgdata_SCRIPTS += cryptop.genkey
--- /dev/null
+### -*-sh-*-
+###
+### Key type for REOP
+###
+### (c) 2015 Mark Wooding
+###
+
+###----- Licensing notice ---------------------------------------------------
+###
+### This file is part of the distorted.org.uk key management suite.
+###
+### distorted-keys is free software; you can redistribute it and/or modify
+### it under the terms of the GNU General Public License as published by
+### the Free Software Foundation; either version 2 of the License, or
+### (at your option) any later version.
+###
+### distorted-keys is distributed in the hope that it will be useful,
+### but WITHOUT ANY WARRANTY; without even the implied warranty of
+### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+### GNU General Public License for more details.
+###
+### You should have received a copy of the GNU General Public License
+### along with distorted-keys; if not, write to the Free Software Foundation,
+### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+defprops k_props <<EOF
+identity t $R_LINE
+EOF
+
+: ${kprop_label=%{label\}}
+
+k_generate () {
+ base=$1 nub=$2
+
+ ident=$(subst "\`identity' value" "$kprop_identity" kopt_ "$R_LINE")
+ REOP_PASSPHRASE=$(cat "$nub") \
+ reop -G -i"$ident" -s"$base/sec" -p"$base/pub"
+}
+
+k_encrypt () {
+ base=$1
+
+ reop -Gn -idistorted-keys.tmp -s$tmp/sec -p$tmp/ct
+ reop -E -s$tmp/sec -p"$base/pub" -m- -x- >>$tmp/ct
+ cat $tmp/ct
+}
+
+k_decrypt () {
+ base=$1 nub=$2
+
+ sed -n "
+ /^-----BEGIN REOP PUBLIC KEY-----\$/,/^-----END REOP PUBLIC KEY-----\$/ \
+ w $tmp/pub
+ /^-----BEGIN REOP ENCRYPTED MESSAGE-----\$/,/^-----END REOP ENCRYPTED MESSAGE-----\$/ \
+ w $tmp/ct"
+ REOP_PASSPHRASE=$(cat "$nub") \
+ reop -D -s"$base/sec" -p$tmp/pub -m- -x$tmp/ct
+}
+
+k_sign () {
+ base=$1 nub=$2
+
+ REOP_PASSPHRASE=$(cat "$nub") \
+ reop -S -s"$base/sec" -m- -x-
+}
+
+k_verify () {
+ base=$1 sig=$3
+
+ echo "$sig" >$tmp/sig
+ reop -Vq -p"$base/pub" -m- -x$tmp/sig
+}
+
+###----- That's all, folks --------------------------------------------------
--- /dev/null
+;;; -*-conf-*-
+;;;
+;;; Default configuration for REOP keys
+;;;
+;;; (c) 2015 Mark Wooding
+;;;
+
+;;;----- Licensing notice ---------------------------------------------------
+;;;
+;;; This file is part of the distorted.org.uk key management suite.
+;;;
+;;; distorted-keys is free software; you can redistribute it and/or modify
+;;; it under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 2 of the License, or
+;;; (at your option) any later version.
+;;;
+;;; distorted-keys is distributed in the hope that it will be useful,
+;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with distorted-keys; if not, write to the Free Software Foundation,
+;;; Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+;;;--------------------------------------------------------------------------
+;;; REOP configuration.
+;;;
+;;; Important note! REOP tries to provide (deniable) authenticity of
+;;; ciphertexts. This implementation subverts that property by generating an
+;;; ephemeral sending key.
+;;;
+;;; Properties defined by the key-type are as follows. All the properties
+;;; are optional.
+;;;
+;;; identity The identity to store in the key data. A %{PARAM}
+;;; placeholder is replaced by the value of the named
+;;; key-generation parameter PARAM, and an error is
+;;; reported if no such parameter is provided; a
+;;; %{PARAM-DEFAULT} placeholder is replaced by the value
+;;; of the parameter PARAM, or the string DEFAULT is no
+;;; such parameter is provided.
+
+[%reop]
+type = reop
+
+;; Identity string.
+identity = %{identity}
+
+[reop-integrity]
+@include = %reop %asymmetric-integrity
+
+[reop-secrecy]
+@include = %reop %asymmetric-secrecy
+
+[%seccure-infra]
+@include = %seccure
+
+;;;----- That's all, folks --------------------------------------------------
~mdw / distorted-keys / commitdiff