From 772839eb5fa921c8be873afed5553db68c344bd0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=96=9F=E9=85=8C=20=E9=B5=AC=E5=85=84?= Date: Sun, 14 Aug 2022 01:47:12 +0800 Subject: [PATCH] Can change passphrase --- bash/bashrc/sources/16_keystore | 76 ++++++++++++++++++++++++++++++--- 1 file changed, 70 insertions(+), 6 deletions(-) diff --git a/bash/bashrc/sources/16_keystore b/bash/bashrc/sources/16_keystore index 92e6eb6..4142b20 100644 --- a/bash/bashrc/sources/16_keystore +++ b/bash/bashrc/sources/16_keystore @@ -31,12 +31,13 @@ function kstore { search) shift; kstore-search $@ ;; secret) shift; kstore-secret $@ ;; *) - __func_head "add key value|file|- [prop, default: $_KSTORE_DEF_PROP]" - __func_help "update key value|file|- [prop, default: $_KSTORE_DEF_PROP]" + __func_head "add [key] [value|file|-] [prop, default: $_KSTORE_DEF_PROP]" + __func_help "update [key] [value|file|-] [prop, default: $_KSTORE_DEF_PROP]" __func_help "get key [prop, default: $_KSTORE_DEF_PROP]" __func_help "list" __func_help "del key" __func_help "search key" + __func_help "secret ..." __func_help "query SQL" return 1 ;; @@ -48,9 +49,11 @@ function kstore-secret { case "$1" in clear) shift; kstore-secret-clear "$@" ;; config) shift; kstore-secret-config "$@" ;; + change) shift; kstore-secret-change "$@" ;; *) __func_head "clear" __func_help "config" + __func_help "change" ;; esac } @@ -95,6 +98,15 @@ function kstore-dec { openssl enc -d -aes-256-cbc -pbkdf2 -k "$_AUTH_SECRET" -a -A } +function kstore-secret-auto { + case $OSTYPE in + darwin*) kstore-secret-macos "$@" ;; + *) + echo "$OSTYPE is Not supported yet" >&2 + ;; + esac +} + function kstore-secret-macos { local _A case $1 in @@ -108,6 +120,9 @@ function kstore-secret-macos { set) security add-generic-password -a default -s rbash-kstore -w "$_AUTH_SECRET" ;; + del) + security delete-generic-password -a default -s rbash-kstore + ;; *) echo "Unknown action: $1" >&2 return 1 @@ -127,7 +142,7 @@ function kstore-secret-config { local _CONFIRM if [ -z "$_AUTH_SECRET" ]; then - kstore-secret-windows get || kstore-secret-macos get + kstore-secret-auto get if [ -n "$_AUTH_SECRET" ]; then return 0 fi @@ -144,12 +159,61 @@ function kstore-secret-config { return 0 fi - case $OSTYPE in - darwin*) kstore-secret-macos "set" ;; - esac + kstore-secret-auto set fi } +function kstore-secret-change { + kstore-secret-config + + local _NEW_SECRET i _key _prop _O_SECRET _BAK + read -sp "Enter the new passphrase: " _NEW_SECRET + echo + read -sp "Enter the passphrase again: " i + echo + if [ "$i" != "$_NEW_SECRET" ]; then + echo "Passphrase mismatched" >&2 + return 1 + fi + + _BAK=$( mktemp ) + cp "$_AUTH_DB" "$_BAK" + + echo "Backed up at $_BAK" + + _O_SECRET="$_AUTH_SECRET" + for i in `$_SQLITE -list "$_AUTH_DB" "SELECT _ROWID_ FROM store;"`; do + _AUTH_SECRET=$_O_SECRET + _key=`$_SQLITE -list "$_AUTH_DB" "SELECT key FROM store WHERE _ROWID_ = $i;"` + _key=`kstore-quote "$_key"` + _prop=`$_SQLITE -list "$_AUTH_DB" "SELECT prop FROM store WHERE _ROWID_ = $i;"` + _prop=`kstore-quote "$_prop"` + _val=`kstore get "$_key" "$_prop"` + if [ $? -ne 0 ]; then + echo "Current passphrase is incorrect?" >&2 + return 1 + fi + _AUTH_SECRET=$_NEW_SECRET + + echo Updating: [$_key] [$_prop] + kstore update "$_key" "$_val" "$_prop" + done + + kstore-secret-auto get + if [ -n "$_AUTH_SECRET" ]; then + kstore-secret-auto del 2>&1 > /dev/null + + _AUTH_SECRET=$_NEW_SECRET + kstore-secret-auto set + + if [ $? -eq 0 ]; then + echo "New passphrase saved in OS's keystore." + fi + fi + + _AUTH_SECRET=$_NEW_SECRET +} + function kstore-secret-clear { _AUTH_SECRET= case $OSTYPE in