From 10570ec5dd008f1a651b995a8f6578a51f43e020 Mon Sep 17 00:00:00 2001 From: Michael Parks Date: Thu, 26 Jun 2014 11:16:51 -0600 Subject: [PATCH 1/4] Add password confirmation to encryption If the user mistypes their password, they could end up losing data when it comes time to decrypt it elsewhere. This would ask them to confirm their initial entry to safeguard against that. --- jrnl/install.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/jrnl/install.py b/jrnl/install.py index dcb83601..6f55d655 100644 --- a/jrnl/install.py +++ b/jrnl/install.py @@ -69,7 +69,14 @@ def install_jrnl(config_path='~/.jrnl_config'): # Encrypt it? if module_exists("Crypto"): - password = getpass.getpass("Enter password for journal (leave blank for no encryption): ") + confirmed_password = False + while confirmed_password == False: + password = getpass.getpass("Enter password for journal (leave blank for no encryption): ") + password_conf = getpass.getpass("Confirm password: ") + if password == password_conf: + confirmed_password = True + else: + print("Password and confirmation did not match, try again.") if password: default_config['encrypt'] = True if util.yesno("Do you want to store the password in your keychain?", default=True): From 1272e1395d42cdf70f3d68dabf8ba33954c13397 Mon Sep 17 00:00:00 2001 From: Michael Parks Date: Thu, 26 Jun 2014 11:24:38 -0600 Subject: [PATCH 2/4] Add password confirmation to cli --encrypt --- jrnl/cli.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/jrnl/cli.py b/jrnl/cli.py index 46cecb09..c05188c3 100644 --- a/jrnl/cli.py +++ b/jrnl/cli.py @@ -69,7 +69,14 @@ def guess_mode(args, config): def encrypt(journal, filename=None): """ Encrypt into new file. If filename is not set, we encrypt the journal file itself. """ - password = util.getpass("Enter new password: ") + confirmed_password = False + while confirmed_password == False: + password = util.getpass("Enter new password: ") + password_conf = util.getpass("Confirm password: ") + if password == password_conf: + confirmed_password = True + else: + print("Password and confirmation did not match, try again.") journal.make_key(password) journal.config['encrypt'] = True journal.write(filename) From 4bfe4d9ddc669bb4963bdb6d32300582b25899db Mon Sep 17 00:00:00 2001 From: Michael Parks Date: Thu, 26 Jun 2014 11:41:37 -0600 Subject: [PATCH 3/4] Update encryption.feature for pw confirmation --- features/encryption.feature | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/features/encryption.feature b/features/encryption.feature index 43d07c26..5fa8bbc1 100644 --- a/features/encryption.feature +++ b/features/encryption.feature @@ -16,6 +16,8 @@ Scenario: Encrypting a journal Given we use the config "basic.json" When we run "jrnl --encrypt" and enter "swordfish" + Then we should see the message "Confirm Password:" + When we enter "swordfish" again Then we should see the message "Journal encrypted" and the config for journal "default" should have "encrypt" set to "bool:True" When we run "jrnl -n 1" and enter "swordfish" @@ -30,7 +32,9 @@ Scenario: Storing a password in Keychain Given we use the config "multiple.json" When we run "jrnl simple --encrypt" and enter "sabertooth" - When we set the keychain password of "simple" to "sabertooth" + Then we should see the message "Confirm Password:" + When we enter "sabertooh" again + and we set the keychain password of "simple" to "sabertooth" Then the config for journal "simple" should have "encrypt" set to "bool:True" When we run "jrnl simple -n 1" Then we should not see the message "Password" From 362107f8537ec272f0eea6f32955b22620acde9d Mon Sep 17 00:00:00 2001 From: Michael Parks Date: Thu, 26 Jun 2014 11:43:47 -0600 Subject: [PATCH 4/4] Update encryption.feature --- features/encryption.feature | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/features/encryption.feature b/features/encryption.feature index 5fa8bbc1..74eca5b8 100644 --- a/features/encryption.feature +++ b/features/encryption.feature @@ -17,7 +17,7 @@ Given we use the config "basic.json" When we run "jrnl --encrypt" and enter "swordfish" Then we should see the message "Confirm Password:" - When we enter "swordfish" again + When we enter "swordfish" Then we should see the message "Journal encrypted" and the config for journal "default" should have "encrypt" set to "bool:True" When we run "jrnl -n 1" and enter "swordfish" @@ -33,7 +33,7 @@ Given we use the config "multiple.json" When we run "jrnl simple --encrypt" and enter "sabertooth" Then we should see the message "Confirm Password:" - When we enter "sabertooh" again + When we enter "sabertooth" and we set the keychain password of "simple" to "sabertooth" Then the config for journal "simple" should have "encrypt" set to "bool:True" When we run "jrnl simple -n 1"