Can change passphrase

bash/bashrc/sources/16_keystore

@@ -31,12 +31,13 @@ function kstore {
 		search) shift; kstore-search $@ ;;
 		secret) shift; kstore-secret $@ ;;
 		*)
-			__func_head "add key value|file|- [prop, default: $_KSTORE_DEF_PROP]"
+			__func_head "add [key] [value|file|-] [prop, default: $_KSTORE_DEF_PROP]"
-			__func_help "update key value|file|- [prop, default: $_KSTORE_DEF_PROP]"
+			__func_help "update [key] [value|file|-] [prop, default: $_KSTORE_DEF_PROP]"
 			__func_help "get key [prop, default: $_KSTORE_DEF_PROP]"
 			__func_help "list"
 			__func_help "del key"
 			__func_help "search key"
+			__func_help "secret ..."
 			__func_help "query SQL"
 			return 1
 			;;
@@ -48,9 +49,11 @@ function kstore-secret {
 	case "$1" in
 		clear) shift; kstore-secret-clear "$@" ;;
 		config) shift; kstore-secret-config "$@" ;;
+		change) shift; kstore-secret-change "$@" ;;
 		*)
 			__func_head "clear"
 			__func_help "config"
+			__func_help "change"
 			;;
 	esac
 }
@@ -95,6 +98,15 @@ function kstore-dec {
 	openssl enc -d -aes-256-cbc -pbkdf2 -k "$_AUTH_SECRET" -a -A
 }
 
+function kstore-secret-auto {
+	case $OSTYPE in
+		darwin*) kstore-secret-macos "$@" ;;
+		*)
+			echo "$OSTYPE is Not supported yet" >&2
+			;;
+	esac
+}
+
 function kstore-secret-macos {
 	local _A
 	case $1 in
@@ -108,6 +120,9 @@ function kstore-secret-macos {
 		set)
 			security add-generic-password -a default -s rbash-kstore -w "$_AUTH_SECRET"
 			;;
+		del)
+			security delete-generic-password -a default -s rbash-kstore
+			;;
 		*)
 			echo "Unknown action: $1" >&2
 			return 1
@@ -127,7 +142,7 @@ function kstore-secret-config {
 	local _CONFIRM
 	if [ -z "$_AUTH_SECRET" ]; then
 
-		kstore-secret-windows get || kstore-secret-macos get
+		kstore-secret-auto get
 		if [ -n "$_AUTH_SECRET" ]; then
 			return 0
 		fi
@@ -144,12 +159,61 @@ function kstore-secret-config {
 			return 0
 		fi
 
-		case $OSTYPE in
+		kstore-secret-auto set
-			darwin*) kstore-secret-macos "set" ;;
-		esac
 	fi
 }
 
+function kstore-secret-change {
+	kstore-secret-config
+
+	local _NEW_SECRET i _key _prop _O_SECRET _BAK
+	read -sp "Enter the new passphrase: " _NEW_SECRET
+	echo
+	read -sp "Enter the passphrase again: " i
+	echo
+	if [ "$i" != "$_NEW_SECRET" ]; then
+		echo "Passphrase mismatched" >&2
+		return 1
+	fi
+
+	_BAK=$( mktemp )
+	cp "$_AUTH_DB" "$_BAK"
+
+	echo "Backed up at $_BAK"
+
+	_O_SECRET="$_AUTH_SECRET"
+	for i in `$_SQLITE -list "$_AUTH_DB" "SELECT _ROWID_ FROM store;"`; do
+		_AUTH_SECRET=$_O_SECRET
+		_key=`$_SQLITE -list "$_AUTH_DB" "SELECT key FROM store WHERE _ROWID_ = $i;"`
+		_key=`kstore-quote "$_key"`
+		_prop=`$_SQLITE -list "$_AUTH_DB" "SELECT prop FROM store WHERE _ROWID_ = $i;"`
+		_prop=`kstore-quote "$_prop"`
+		_val=`kstore get "$_key" "$_prop"`
+		if [ $? -ne 0 ]; then
+			echo "Current passphrase is incorrect?" >&2
+			return 1
+		fi
+		_AUTH_SECRET=$_NEW_SECRET
+
+		echo Updating: [$_key] [$_prop]
+		kstore update "$_key" "$_val" "$_prop"
+	done
+
+	kstore-secret-auto get
+	if [ -n "$_AUTH_SECRET" ]; then
+		kstore-secret-auto del 2>&1 > /dev/null
+
+		_AUTH_SECRET=$_NEW_SECRET
+		kstore-secret-auto set
+
+		if [ $? -eq 0 ]; then
+			echo "New passphrase saved in OS's keystore."
+		fi
+	fi
+
+	_AUTH_SECRET=$_NEW_SECRET
+}
+
 function kstore-secret-clear {
 	_AUTH_SECRET=
 	case $OSTYPE in