}
if (!pass) {
- memset(line, 0, sizeof(line));
- snprintf(line, sizeof(line), "Private key passphrase: ");
- pass = silc_get_input(line, TRUE);
- if (!pass)
+ char *pass2 = NULL;
+ pass = silc_get_input("Private key passphrase: ", TRUE);
+ if (!pass) {
pass = strdup("");
+ } else {
+ while (TRUE) {
+ printf("\n");
+ pass2 = silc_get_input("Retype private key passphrase: ", TRUE);
+ if (!pass2)
+ pass2 = strdup("");
+ if (!strcmp(pass, pass2))
+ break;
+ fprintf(stderr, "\nPassphrases do not match");
+ }
+ silc_free(pass2);
+ }
}
/* Generate keys */
SILC_PKCS_FILE_PEM) == FALSE)
if (silc_pkcs_load_public_key((char *)pub_filename, return_public_key,
SILC_PKCS_FILE_BIN) == FALSE) {
- memset(pass, 0, strlen(pass));
+ if (pass)
+ memset(pass, 0, strlen(pass));
+ silc_free(pass);
return FALSE;
}
(unsigned char *)pass, strlen(pass),
SILC_PKCS_FILE_PEM) == FALSE) {
memset(pass, 0, strlen(pass));
+ silc_free(pass);
return FALSE;
}
}
memset(pass, 0, strlen(pass));
+ silc_free(pass);
return TRUE;
}
return TRUE;
}
+
+/* Change private key passphrase */
+
+bool silc_change_private_key_passphrase(const char *prv_filename,
+ const char *old_passphrase,
+ const char *new_passphrase)
+{
+ SilcPrivateKey private_key;
+ bool base64 = FALSE;
+ char *pass;
+
+ pass = old_passphrase ? strdup(old_passphrase) : NULL;
+ if (!pass) {
+ pass = silc_get_input("Old passphrase: ", TRUE);
+ if (!pass)
+ pass = strdup("");
+ }
+
+ if (silc_pkcs_load_private_key((char *)prv_filename, &private_key,
+ (unsigned char *)pass, strlen(pass),
+ SILC_PKCS_FILE_BIN) == FALSE) {
+ base64 = TRUE;
+ if (silc_pkcs_load_private_key((char *)prv_filename, &private_key,
+ (unsigned char *)pass, strlen(pass),
+ SILC_PKCS_FILE_PEM) == FALSE) {
+ memset(pass, 0, strlen(pass));
+ silc_free(pass);
+ fprintf(stderr, "Could not load private key `%s' file\n", prv_filename);
+ return FALSE;
+ }
+ }
+
+ memset(pass, 0, strlen(pass));
+ silc_free(pass);
+
+ pass = new_passphrase ? strdup(new_passphrase) : NULL;
+ if (!pass) {
+ char *pass2 = NULL;
+ fprintf(stdout, "\n");
+ pass = silc_get_input("New passphrase: ", TRUE);
+ if (!pass) {
+ pass = strdup("");
+ } else {
+ while (TRUE) {
+ printf("\n");
+ pass2 = silc_get_input("Retype new passphrase: ", TRUE);
+ if (!pass2)
+ pass2 = strdup("");
+ if (!strcmp(pass, pass2))
+ break;
+ fprintf(stderr, "\nPassphrases do not match");
+ }
+ silc_free(pass2);
+ }
+ }
+
+ silc_pkcs_save_private_key((char *)prv_filename, private_key,
+ (unsigned char *)pass, strlen(pass),
+ base64 ? SILC_PKCS_FILE_PEM : SILC_PKCS_FILE_BIN);
+
+ fprintf(stdout, "\nPassphrase changed\n");
+
+ memset(pass, 0, strlen(pass));
+ silc_free(pass);
+
+ silc_pkcs_private_key_free(private_key);
+ return TRUE;
+}