From 3c81e26ef55f88d6a35dc0dd94399af0aab2dca9 Mon Sep 17 00:00:00 2001 From: Jesse Shawl Date: Fri, 16 Feb 2024 04:55:36 -0600 Subject: [PATCH] cli password confirmation (#38) --- lib/minisign/cli.rb | 6 ++++++ spec/minisign/e2e_spec.rb | 5 +++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/minisign/cli.rb b/lib/minisign/cli.rb index a536ca6..6ad3cff 100644 --- a/lib/minisign/cli.rb +++ b/lib/minisign/cli.rb @@ -67,6 +67,12 @@ def self.generate(options) else print 'Password: ' password = prompt + print "\nPassword (one more time): " + password_confirmation = prompt + if password != password_confirmation + puts "\nPasswords don't match" + exit 1 + end print "\nDeriving a key from the password in order to encrypt the secret key..." keypair = Minisign::KeyPair.new(password) File.write(secret_key, keypair.private_key) diff --git a/spec/minisign/e2e_spec.rb b/spec/minisign/e2e_spec.rb index d3a44e3..9ffda20 100644 --- a/spec/minisign/e2e_spec.rb +++ b/spec/minisign/e2e_spec.rb @@ -11,8 +11,7 @@ keyname = 'ruby-encrypted' exe = 'minisign' password = SecureRandom.uuid - # TODO: prompt a second time for password confirmation - command = "echo '#{password}' | #{exe} -G -p #{path}/#{keyname}.pub -s #{path}/#{keyname}.key" + command = "echo '#{password}\n#{password}' | #{exe} -G -p #{path}/#{keyname}.pub -s #{path}/#{keyname}.key" `#{command}` # prompt -f expect(`#{command} 2>&1`).to match('Key generation aborted:') @@ -22,6 +21,8 @@ expect(output).to match("The public key was saved as #{path}/#{keyname}.pub - That one can be public.") public_key = File.read("#{path}/#{keyname}.pub").split("\n").pop expect(output.gsub('+', '')).to match("minisign -Vm -P #{public_key}".gsub('+', '')) + command = "echo '#{password}\nnottherightpassword' | #{exe} -G -p #{path}/#{keyname}.pub -s #{path}/#{keyname}.key" + expect(`#{command} -f 2>&1`).to match("Passwords don't match") end it 'signs files' do path = 'test/generated'