From 647788acfc0f07a0eac9ed501f960457a04e1539 Mon Sep 17 00:00:00 2001 From: Pekka Riikonen Date: Sat, 2 Nov 2002 22:12:36 +0000 Subject: [PATCH] Added silc_change_private_key_passphrase. --- lib/silccrypt/silcpkcs.c | 2 ++ lib/silcutil/silcapputil.c | 58 ++++++++++++++++++++++++++++++++++++++ lib/silcutil/silcapputil.h | 20 +++++++++++++ 3 files changed, 80 insertions(+) diff --git a/lib/silccrypt/silcpkcs.c b/lib/silccrypt/silcpkcs.c index 891e9afa..a8a2a3a4 100644 --- a/lib/silccrypt/silcpkcs.c +++ b/lib/silccrypt/silcpkcs.c @@ -1371,6 +1371,8 @@ bool silc_pkcs_load_private_key(char *filename, SilcPrivateKey *private_key, to be the old-style private keys that are not encrypted. */ SILC_GET32_MSB(magic, data); if (magic != SILC_PKCS_PRIVATE_KEY_MAGIC) { + SILC_LOG_DEBUG(("Private key does not have correct magic!")); + /* Now decode the actual private key */ if (!silc_pkcs_private_key_decode(data, len, private_key)) { memset(old, 0, data_len); diff --git a/lib/silcutil/silcapputil.c b/lib/silcutil/silcapputil.c index 4d05f16c..6f0f0604 100644 --- a/lib/silcutil/silcapputil.c +++ b/lib/silcutil/silcapputil.c @@ -253,6 +253,7 @@ bool silc_load_key_pair(const char *pub_filename, if (silc_pkcs_load_public_key((char *)pub_filename, return_public_key, SILC_PKCS_FILE_BIN) == FALSE) { memset(pass, 0, strlen(pass)); + silc_free(pass); return FALSE; } @@ -269,6 +270,7 @@ bool silc_load_key_pair(const char *pub_filename, (unsigned char *)pass, strlen(pass), SILC_PKCS_FILE_PEM) == FALSE) { memset(pass, 0, strlen(pass)); + silc_free(pass); return FALSE; } @@ -279,6 +281,7 @@ bool silc_load_key_pair(const char *pub_filename, } memset(pass, 0, strlen(pass)); + silc_free(pass); return TRUE; } @@ -342,3 +345,58 @@ bool silc_show_public_key(const char *pub_filename) return TRUE; } + +/* Change private key passphrase */ + +bool silc_change_private_key_passphrase(const char *prv_filename, + const char *old_passphrase, + const char *new_passphrase) +{ + SilcPrivateKey private_key; + bool base64 = FALSE; + char *pass; + + pass = old_passphrase ? strdup(old_passphrase) : NULL; + if (!pass) { + pass = silc_get_input("Old passphrase: ", TRUE); + if (!pass) + pass = strdup(""); + } + + if (silc_pkcs_load_private_key((char *)prv_filename, &private_key, + (unsigned char *)pass, strlen(pass), + SILC_PKCS_FILE_BIN) == FALSE) { + base64 = TRUE; + if (silc_pkcs_load_private_key((char *)prv_filename, &private_key, + (unsigned char *)pass, strlen(pass), + SILC_PKCS_FILE_PEM) == FALSE) { + memset(pass, 0, strlen(pass)); + silc_free(pass); + fprintf(stderr, "Could not load private key `%s' file\n", prv_filename); + return FALSE; + } + } + + memset(pass, 0, strlen(pass)); + silc_free(pass); + + pass = new_passphrase ? strdup(new_passphrase) : NULL; + if (!pass) { + fprintf(stdout, "\n"); + pass = silc_get_input("New passphrase: ", TRUE); + if (!pass) + pass = strdup(""); + } + + silc_pkcs_save_private_key(prv_filename, private_key, + (unsigned char *)pass, strlen(pass), + base64 ? SILC_PKCS_FILE_PEM : SILC_PKCS_FILE_BIN); + + fprintf(stdout, "\nPassphrase changed\n"); + + memset(pass, 0, strlen(pass)); + silc_free(pass); + + silc_pkcs_private_key_free(private_key); + return TRUE; +} diff --git a/lib/silcutil/silcapputil.h b/lib/silcutil/silcapputil.h index 827c2ff9..a1b39e7f 100644 --- a/lib/silcutil/silcapputil.h +++ b/lib/silcutil/silcapputil.h @@ -140,4 +140,24 @@ bool silc_load_key_pair(const char *pub_filename, ***/ bool silc_show_public_key(const char *pub_filename); +/****f* silcutil/SilcAppUtil/silc_change_private_key_passphrase + * + * SYNOPSIS + * + * bool silc_change_private_key_passphrase(const char *prv_filename, + * const char *old_passphrase, + * const char *new_passphrase); + * + * DESCRIPTION + * + * This routine can be used to change the passphrase of the private + * key file, which is used to encrypt the private key. If the old + * and new passphrase is not provided for this function this will + * prompt for them. + * + ***/ +bool silc_change_private_key_passphrase(const char *prv_filename, + const char *old_passphrase, + const char *new_passphrase); + #endif /* SILCAPPUTIL_H */ -- 2.24.0