Skip to content

Commit

Permalink
cli password confirmation (#38)
Browse files Browse the repository at this point in the history
  • Loading branch information
jshawl authored Feb 16, 2024
1 parent a8bb493 commit 3c81e26
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 2 deletions.
6 changes: 6 additions & 0 deletions lib/minisign/cli.rb
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,12 @@ def self.generate(options)
else
print 'Password: '
password = prompt
print "\nPassword (one more time): "
password_confirmation = prompt
if password != password_confirmation
puts "\nPasswords don't match"
exit 1
end
print "\nDeriving a key from the password in order to encrypt the secret key..."
keypair = Minisign::KeyPair.new(password)
File.write(secret_key, keypair.private_key)
Expand Down
5 changes: 3 additions & 2 deletions spec/minisign/e2e_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,7 @@
keyname = 'ruby-encrypted'
exe = 'minisign'
password = SecureRandom.uuid
# TODO: prompt a second time for password confirmation
command = "echo '#{password}' | #{exe} -G -p #{path}/#{keyname}.pub -s #{path}/#{keyname}.key"
command = "echo '#{password}\n#{password}' | #{exe} -G -p #{path}/#{keyname}.pub -s #{path}/#{keyname}.key"
`#{command}`
# prompt -f
expect(`#{command} 2>&1`).to match('Key generation aborted:')
Expand All @@ -22,6 +21,8 @@
expect(output).to match("The public key was saved as #{path}/#{keyname}.pub - That one can be public.")
public_key = File.read("#{path}/#{keyname}.pub").split("\n").pop
expect(output.gsub('+', '')).to match("minisign -Vm <file> -P #{public_key}".gsub('+', ''))
command = "echo '#{password}\nnottherightpassword' | #{exe} -G -p #{path}/#{keyname}.pub -s #{path}/#{keyname}.key"
expect(`#{command} -f 2>&1`).to match("Passwords don't match")
end
it 'signs files' do
path = 'test/generated'
Expand Down

0 comments on commit 3c81e26

Please sign in to comment.