commit d8f031aec2ee84c753ef282577c7f4fcf0123d2f Author: Nick Mathewson nickm@torproject.org Date: Tue Sep 1 10:41:02 2015 -0400
Add a new --newpass option to add or remove secret key passphrases. --- changes/feature16769 | 3 +++ src/or/config.c | 10 ++++++++++ src/or/or.h | 1 + src/or/routerkeys.c | 23 ++++++++++++++++++----- 4 files changed, 32 insertions(+), 5 deletions(-)
diff --git a/changes/feature16769 b/changes/feature16769 new file mode 100644 index 0000000..62d373e --- /dev/null +++ b/changes/feature16769 @@ -0,0 +1,3 @@ + o Minor features (ed25519): + - Add a --newpass option to allow changing or removing the + passphrase of an encrypted key. \ No newline at end of file diff --git a/src/or/config.c b/src/or/config.c index 6e782de..b4a490c 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1918,6 +1918,7 @@ static const struct { { "--dump-config", ARGUMENT_OPTIONAL }, { "--list-fingerprint", TAKES_NO_ARGUMENT }, { "--keygen", TAKES_NO_ARGUMENT }, + { "--newpass", TAKES_NO_ARGUMENT }, { "--no-passphrase", TAKES_NO_ARGUMENT }, { "--passphrase-fd", ARGUMENT_NECESSARY }, { "--verify-config", TAKES_NO_ARGUMENT }, @@ -4512,6 +4513,15 @@ options_init_from_torrc(int argc, char **argv) } }
+ if (config_line_find(cmdline_only_options, "--newpass")) { + if (command == CMD_KEYGEN) { + get_options_mutable()->change_key_passphrase = 1; + } else { + log_err(LD_CONFIG, "--newpass specified without --keygen!"); + exit(1); + } + } + { const config_line_t *fd_line = config_line_find(cmdline_only_options, "--passphrase-fd"); diff --git a/src/or/or.h b/src/or/or.h index 8c40f1a..0637325 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4302,6 +4302,7 @@ typedef struct { } keygen_force_passphrase; int use_keygen_passphrase_fd; int keygen_passphrase_fd; + int change_key_passphrase; } or_options_t;
/** Persistent state for an onion router, as saved to disk. */ diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index 50659fc..be5c2c3 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -200,8 +200,17 @@ write_secret_key(const ed25519_secret_key_t *key, int encrypted, { if (encrypted) { int r = write_encrypted_secret_key(key, encrypted_fname); - if (r != 0) - return r; /* Either succeeded or failed unrecoverably */ + if (r == 1) { + /* Success! */ + + /* Try to unlink the unencrypted key, if any existed before */ + if (strcmp(fname, encrypted_fname)) + unlink(fname); + return r; + } else if (r != 0) { + /* Unrecoverable failure! */ + return r; + }
fprintf(stderr, "Not encrypting the secret key.\n"); } @@ -432,7 +441,7 @@ ed_key_init_from_file(const char *fname, uint32_t flags, goto err; }
- /* if it's absent, make a new keypair and save it. */ + /* if it's absent, make a new keypair... */ if (!have_secret && !found_public) { tor_free(keypair); keypair = ed_key_new(signing_key, flags, now, lifetime, @@ -441,8 +450,12 @@ ed_key_init_from_file(const char *fname, uint32_t flags, tor_log(severity, LD_OR, "Couldn't create keypair"); goto err; } - created_pk = created_sk = created_cert = 1; + } + + /* Write it to disk if we're supposed to do with a new passphrase, or if + * we just created it. */ + if (created_sk || (have_secret && get_options()->change_key_passphrase)) { if (write_secret_key(&keypair->seckey, encrypt_key, secret_fname, tag, encrypted_secret_fname) < 0 @@ -671,7 +684,7 @@ load_ed_keys(const or_options_t *options, time_t now) const int need_new_signing_key = NULL == use_signing || EXPIRES_SOON(check_signing_cert, 0) || - options->command == CMD_KEYGEN; + (options->command == CMD_KEYGEN && ! options->change_key_passphrase); const int want_new_signing_key = need_new_signing_key || EXPIRES_SOON(check_signing_cert, options->TestingSigningKeySlop);