summaryrefslogtreecommitdiff
path: root/nss-tool/common/util.cc
diff options
context:
space:
mode:
Diffstat (limited to 'nss-tool/common/util.cc')
-rw-r--r--nss-tool/common/util.cc53
1 files changed, 44 insertions, 9 deletions
diff --git a/nss-tool/common/util.cc b/nss-tool/common/util.cc
index 7cc4352c6..5b7ed0b9d 100644
--- a/nss-tool/common/util.cc
+++ b/nss-tool/common/util.cc
@@ -85,6 +85,21 @@ static std::vector<char> ReadFromIstream(std::istream &is) {
return certData;
}
+static std::string GetNewPasswordFromUser(void) {
+ std::string pw;
+
+ while (true) {
+ pw = GetPassword("Enter new password: ");
+ if (pw == GetPassword("Re-enter password: ")) {
+ break;
+ }
+
+ std::cerr << "Passwords do not match. Try again." << std::endl;
+ }
+
+ return pw;
+}
+
bool InitSlotPassword(void) {
ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot());
if (slot.get() == nullptr) {
@@ -95,23 +110,43 @@ bool InitSlotPassword(void) {
std::cout << "Enter a password which will be used to encrypt your keys."
<< std::endl
<< std::endl;
- std::string pw;
+ std::string pw = GetNewPasswordFromUser();
- while (true) {
- pw = GetPassword("Enter new password: ");
- if (pw == GetPassword("Re-enter password: ")) {
- break;
- }
+ SECStatus rv = PK11_InitPin(slot.get(), nullptr, pw.c_str());
+ if (rv != SECSuccess) {
+ std::cerr << "Init db password failed." << std::endl;
+ return false;
+ }
- std::cerr << "Passwords do not match. Try again." << std::endl;
+ return true;
+}
+
+bool ChangeSlotPassword(void) {
+ ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot());
+ if (slot.get() == nullptr) {
+ std::cerr << "Error: Init PK11SlotInfo failed!" << std::endl;
+ return false;
}
- SECStatus rv = PK11_InitPin(slot.get(), nullptr, pw.c_str());
+ // get old password and authenticate to db
+ PK11_SetPasswordFunc(&GetModulePassword);
+ std::string oldPw = GetPassword("Enter your current password: ");
+ PwData pwData = {PW_PLAINTEXT, const_cast<char *>(oldPw.c_str())};
+ SECStatus rv = PK11_Authenticate(slot.get(), false /*loadCerts*/, &pwData);
if (rv != SECSuccess) {
- std::cerr << "Init db password failed." << std::endl;
+ std::cerr << "Password incorrect." << std::endl;
+ return false;
+ }
+
+ // get new password
+ std::string newPw = GetNewPasswordFromUser();
+
+ if (PK11_ChangePW(slot.get(), oldPw.c_str(), newPw.c_str()) != SECSuccess) {
+ std::cerr << "Failed to change password." << std::endl;
return false;
}
+ std::cout << "Password changed successfully." << std::endl;
return true;
}
View Lorry Controller Status