version 1.239, 2014/01/31 16:39:19 |
version 1.240, 2014/02/02 03:44:31 |
|
|
pass = read_passphrase("Enter passphrase: ", |
pass = read_passphrase("Enter passphrase: ", |
RP_ALLOW_STDIN); |
RP_ALLOW_STDIN); |
prv = key_load_private(filename, pass, NULL); |
prv = key_load_private(filename, pass, NULL); |
memset(pass, 0, strlen(pass)); |
explicit_bzero(pass, strlen(pass)); |
free(pass); |
free(pass); |
} |
} |
return prv; |
return prv; |
|
|
RP_ALLOW_STDIN); |
RP_ALLOW_STDIN); |
private = key_load_private(identity_file, old_passphrase, |
private = key_load_private(identity_file, old_passphrase, |
&comment); |
&comment); |
memset(old_passphrase, 0, strlen(old_passphrase)); |
explicit_bzero(old_passphrase, strlen(old_passphrase)); |
free(old_passphrase); |
free(old_passphrase); |
if (private == NULL) { |
if (private == NULL) { |
printf("Bad passphrase.\n"); |
printf("Bad passphrase.\n"); |
|
|
|
|
/* Verify that they are the same. */ |
/* Verify that they are the same. */ |
if (strcmp(passphrase1, passphrase2) != 0) { |
if (strcmp(passphrase1, passphrase2) != 0) { |
memset(passphrase1, 0, strlen(passphrase1)); |
explicit_bzero(passphrase1, strlen(passphrase1)); |
memset(passphrase2, 0, strlen(passphrase2)); |
explicit_bzero(passphrase2, strlen(passphrase2)); |
free(passphrase1); |
free(passphrase1); |
free(passphrase2); |
free(passphrase2); |
printf("Pass phrases do not match. Try again.\n"); |
printf("Pass phrases do not match. Try again.\n"); |
exit(1); |
exit(1); |
} |
} |
/* Destroy the other copy. */ |
/* Destroy the other copy. */ |
memset(passphrase2, 0, strlen(passphrase2)); |
explicit_bzero(passphrase2, strlen(passphrase2)); |
free(passphrase2); |
free(passphrase2); |
} |
} |
|
|
|
|
if (!key_save_private(private, identity_file, passphrase1, comment, |
if (!key_save_private(private, identity_file, passphrase1, comment, |
use_new_format, new_format_cipher, rounds)) { |
use_new_format, new_format_cipher, rounds)) { |
printf("Saving the key failed: %s.\n", identity_file); |
printf("Saving the key failed: %s.\n", identity_file); |
memset(passphrase1, 0, strlen(passphrase1)); |
explicit_bzero(passphrase1, strlen(passphrase1)); |
free(passphrase1); |
free(passphrase1); |
key_free(private); |
key_free(private); |
free(comment); |
free(comment); |
exit(1); |
exit(1); |
} |
} |
/* Destroy the passphrase and the copy of the key in memory. */ |
/* Destroy the passphrase and the copy of the key in memory. */ |
memset(passphrase1, 0, strlen(passphrase1)); |
explicit_bzero(passphrase1, strlen(passphrase1)); |
free(passphrase1); |
free(passphrase1); |
key_free(private); /* Destroys contents */ |
key_free(private); /* Destroys contents */ |
free(comment); |
free(comment); |
|
|
/* Try to load using the passphrase. */ |
/* Try to load using the passphrase. */ |
private = key_load_private(identity_file, passphrase, &comment); |
private = key_load_private(identity_file, passphrase, &comment); |
if (private == NULL) { |
if (private == NULL) { |
memset(passphrase, 0, strlen(passphrase)); |
explicit_bzero(passphrase, strlen(passphrase)); |
free(passphrase); |
free(passphrase); |
printf("Bad passphrase.\n"); |
printf("Bad passphrase.\n"); |
exit(1); |
exit(1); |
|
|
printf("Enter new comment: "); |
printf("Enter new comment: "); |
fflush(stdout); |
fflush(stdout); |
if (!fgets(new_comment, sizeof(new_comment), stdin)) { |
if (!fgets(new_comment, sizeof(new_comment), stdin)) { |
memset(passphrase, 0, strlen(passphrase)); |
explicit_bzero(passphrase, strlen(passphrase)); |
key_free(private); |
key_free(private); |
exit(1); |
exit(1); |
} |
} |
|
|
if (!key_save_private(private, identity_file, passphrase, new_comment, |
if (!key_save_private(private, identity_file, passphrase, new_comment, |
use_new_format, new_format_cipher, rounds)) { |
use_new_format, new_format_cipher, rounds)) { |
printf("Saving the key failed: %s.\n", identity_file); |
printf("Saving the key failed: %s.\n", identity_file); |
memset(passphrase, 0, strlen(passphrase)); |
explicit_bzero(passphrase, strlen(passphrase)); |
free(passphrase); |
free(passphrase); |
key_free(private); |
key_free(private); |
free(comment); |
free(comment); |
exit(1); |
exit(1); |
} |
} |
memset(passphrase, 0, strlen(passphrase)); |
explicit_bzero(passphrase, strlen(passphrase)); |
free(passphrase); |
free(passphrase); |
public = key_from_private(private); |
public = key_from_private(private); |
key_free(private); |
key_free(private); |
|
|
* The passphrases do not match. Clear them and |
* The passphrases do not match. Clear them and |
* retry. |
* retry. |
*/ |
*/ |
memset(passphrase1, 0, strlen(passphrase1)); |
explicit_bzero(passphrase1, strlen(passphrase1)); |
memset(passphrase2, 0, strlen(passphrase2)); |
explicit_bzero(passphrase2, strlen(passphrase2)); |
free(passphrase1); |
free(passphrase1); |
free(passphrase2); |
free(passphrase2); |
printf("Passphrases do not match. Try again.\n"); |
printf("Passphrases do not match. Try again.\n"); |
goto passphrase_again; |
goto passphrase_again; |
} |
} |
/* Clear the other copy of the passphrase. */ |
/* Clear the other copy of the passphrase. */ |
memset(passphrase2, 0, strlen(passphrase2)); |
explicit_bzero(passphrase2, strlen(passphrase2)); |
free(passphrase2); |
free(passphrase2); |
} |
} |
|
|
|
|
if (!key_save_private(private, identity_file, passphrase1, comment, |
if (!key_save_private(private, identity_file, passphrase1, comment, |
use_new_format, new_format_cipher, rounds)) { |
use_new_format, new_format_cipher, rounds)) { |
printf("Saving the key failed: %s.\n", identity_file); |
printf("Saving the key failed: %s.\n", identity_file); |
memset(passphrase1, 0, strlen(passphrase1)); |
explicit_bzero(passphrase1, strlen(passphrase1)); |
free(passphrase1); |
free(passphrase1); |
exit(1); |
exit(1); |
} |
} |
/* Clear the passphrase. */ |
/* Clear the passphrase. */ |
memset(passphrase1, 0, strlen(passphrase1)); |
explicit_bzero(passphrase1, strlen(passphrase1)); |
free(passphrase1); |
free(passphrase1); |
|
|
/* Clear the private key and the random number generator. */ |
/* Clear the private key and the random number generator. */ |