Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update nethsm dependency #469

Merged
merged 2 commits into from
Nov 24, 2023
Merged

Update nethsm dependency #469

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8b5b9e8
Update nethsm dependency to 0.5.0
robin-nitrokey Nov 14, 2023
8954884
nethsm: Add warnings and confirmation prompts for passphrases
robin-nitrokey Nov 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 46 additions & 2 deletions pynitrokey/cli/nethsm.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,14 @@ def provision(
used."""
if not system_time:
system_time = datetime.datetime.now(datetime.timezone.utc)

print(
"Warning: The unlock passphrase cannot be reset without knowing the current value. If the "
"unlock passphrase is lost, neither can it be reset to a new value nor can the NetHSM be "
"unlocked.",
file=sys.stderr,
)

with connect(ctx, require_auth=False) as nethsm:
nethsm.provision(unlock_passphrase, admin_passphrase, system_time)
print(f"NetHSM {nethsm.host} provisioned")
Expand Down Expand Up @@ -824,9 +832,15 @@ def get_config(ctx: Context, **kwargs: bool) -> None:
"--current-passphrase",
help="The current backup passphrase (or an empty string if not set)",
)
@click.option(
"-f",
"--force",
is_flag=True,
help="Do not ask for confirmation before changing the passphrase",
)
@click.pass_context
def set_backup_passphrase(
ctx: Context, new_passphrase: str, current_passphrase: Optional[str]
ctx: Context, new_passphrase: str, current_passphrase: Optional[str], force: bool
) -> None:
"""Set the backup passphrase of a NetHSM.

Expand All @@ -835,6 +849,18 @@ def set_backup_passphrase(

This command requires authentication as a user with the Administrator
role."""

print(
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In my opinion this warning should only be printed if the force flag is false. But may this is more a matter of taste.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would be conservative here: Always printing the warning doesn’t cost us anything, but it could still help to prevent mistakes.

"Warning: The backup passphrase cannot be reset without knowing the current value. If the "
"backup passphrase is lost, neither can it be reset to a new value nor can the created "
"backups be restored.",
file=sys.stderr,
)

confirmed = force or click.confirm("Do you want to continue?")
if not confirmed:
raise click.Abort()

if not current_passphrase:
current_passphrase = prompt_str(
"The current backup passphrase (or an empty string if not set)",
Expand Down Expand Up @@ -864,16 +890,34 @@ def set_backup_passphrase(
prompt=True,
help="The current unlock passphrase",
)
@click.option(
"-f",
"--force",
is_flag=True,
help="Do not ask for confirmation before changing the passphrase",
)
@click.pass_context
def set_unlock_passphrase(
ctx: Context, new_passphrase: str, current_passphrase: str
ctx: Context, new_passphrase: str, current_passphrase: str, force: bool
) -> None:
"""Set the unlock passphrase of a NetHSM.

Changing the unlock passphrase requires the current passphrase.

This command requires authentication as a user with the Administrator
role."""

print(
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In my opinion this warning should only be printed if the force flag is false. But may this is more a matter of taste.

"Warning: The unlock passphrase cannot be reset without knowing the current value. If the "
"unlock passphrase is lost, neither can it be reset to a new value nor can the NetHSM be "
"unlocked.",
file=sys.stderr,
)

confirmed = force or click.confirm("Do you want to continue?")
if not confirmed:
raise click.Abort()

with connect(ctx) as nethsm:
nethsm.set_unlock_passphrase(
new_passphrase=new_passphrase, current_passphrase=current_passphrase
Expand Down