Author: Adam <git@apiote.tk>
reëncrypt passwords with new master password
config/init.go | 29 +++++++++++++++++++++++++++++ eeze.go | 5 ++++- fs/fs.go | 22 ++++++++++++++--------
diff --git a/config/init.go b/config/init.go index 536f729503986dbbba1a063f3adf23691f19a1c8..f58c90ad09bad90fe19e18a9f6c4a6db6306b8b6 100644 --- a/config/init.go +++ b/config/init.go @@ -9,6 +9,7 @@ "golang.org/x/crypto/ssh/terminal" ) +// todo memguard masterPassword func Init(masterPassword string) { // todo memguard credentials := fs.Credentials{} @@ -24,3 +25,31 @@ fmt.Print("\n") fs.SaveCredentials(credentials, masterPassword) } + +func Reëncrypt(masterPassword string) error { + fmt.Print("New master password: ") + // todo memguard + p_b, _ := terminal.ReadPassword(int(os.Stdin.Fd())) + newMasterPassword := string(p_b) + fmt.Print("\n") + // todo memguard + credentials, err := fs.ReadCredentials(masterPassword) + if err != nil { + return err + } + err = fs.SaveCredentials(credentials, newMasterPassword) + if err != nil { + return err + } + // todo memguard + passwords, err := fs.Read(masterPassword) + if err != nil { + return err + } + err = fs.SaveBare(passwords, newMasterPassword) + if err != nil { + return err + } + + return nil +} diff --git a/eeze.go b/eeze.go index e829383483f1bac1303c56b68883d526a189de13..4a07d356cb29ab7cd15616d376be3ca3e75b7e56 100644 --- a/eeze.go +++ b/eeze.go @@ -29,6 +29,7 @@ getopt.StringVar(&s, "s", "", "filter Get by url (service/server)") f := getopt.Bool("f", false, "show full entry in Get, instead of just username/password") p := getopt.Bool("p", false, "show just password in Get") i := getopt.Bool("i", false, "in Config: set server, username, password (initialise)") + r := getopt.Bool("r", false, "in Config: reëncrypt (change master password)") err := getopt.Parse() if err != nil { @@ -47,7 +48,7 @@ else start agent fi */ - if masterPassword == "" || (*C && *i) { + if masterPassword == "" || (*C && (*i || *r)) { fmt.Print("Master password: ") // todo memguard masterPass_b, _ := terminal.ReadPassword(int(os.Stdin.Fd())) @@ -61,6 +62,8 @@ if *C { if *i { config.Init(masterPassword) + } else if *r { + config.Reëncrypt(masterPassword) } } else if *S { err = server.Sync(masterPassword) diff --git a/fs/fs.go b/fs/fs.go index 3efbc6bbdddf77e4a25de910fb4332b3cd85f82f..407cad670812a473d7e22ba1f3fcace01f80ff0d 100644 --- a/fs/fs.go +++ b/fs/fs.go @@ -38,16 +38,10 @@ return path } // todo memguard passwords, masterPassword -func Save(passwords []password.NextPassword, masterPassword string) error { +func SaveBare(passwords []password.BarePassword, masterPassword string) error { salt := makeSalt() // todo memguard key := deriveKey(masterPassword, salt) - // todo memguard - barePasswords := []password.BarePassword{} - // todo memguard - for _, p := range passwords { - barePasswords = append(barePasswords, p.ToBarePassword()) - } result, err := os.Create(getDataLocation() + "/passwords.bare") if err != nil { log.Fatal("Error creating passwords file. ", err) @@ -55,7 +49,7 @@ return err } defer result.Close() // todo memguard - bytes, err := bare.Marshal(&barePasswords) + bytes, err := bare.Marshal(&passwords) if err != nil { log.Fatal("Error marshalling passwords. ", err) return err @@ -86,6 +80,18 @@ log.Fatal("Error writing to file. ", err) return err } return nil +} + +// todo memguard passwords, masterPassword +func Save(passwords []password.NextPassword, masterPassword string) error { + // todo memguard + barePasswords := []password.BarePassword{} + // todo memguard + for _, p := range passwords { + barePasswords = append(barePasswords, p.ToBarePassword()) + } + err := SaveBare(barePasswords, masterPassword) + return err } // todo memguard masterPassword