akovalenko/lnd.xprv
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cmd: Add retry for password capture in create wallet

Browse Source
This commit is contained in:
carla 2019-07-15 10:27:32 -04:00
parent 807012f960
commit d5b662d066
1 changed files with 60 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
cmd/lncli/commands.go
View File

@ -1398,33 +1398,12 @@ func create(ctx *cli.Context) error {
client, cleanUp := getWalletUnlockerClient(ctx) client, cleanUp := getWalletUnlockerClient(ctx)
defer cleanUp() defer cleanUp()
// First, we'll prompt the user for their passphrase twice to ensure walletPassword, err := capturePassword(
// both attempts match up properly. "Input wallet password: ", false, walletunlocker.ValidatePassword,
fmt.Printf("Input wallet password: ") )
pw1, err := terminal.ReadPassword(int(syscall.Stdin))
if err != nil { if err != nil {
return err return err
} }
fmt.Println()
fmt.Printf("Confirm wallet password: ")
pw2, err := terminal.ReadPassword(int(syscall.Stdin))
if err != nil {
return err
}
fmt.Println()
// If the passwords don't match, then we'll return an error.
if !bytes.Equal(pw1, pw2) {
return fmt.Errorf("passwords don't match")
}
// If the password length is less than 8 characters, then we'll
// return an error.
pwErr := walletunlocker.ValidatePassword(pw1)
if pwErr != nil {
return pwErr
}
// Next, we'll see if the user has 24-word mnemonic they want to use to // Next, we'll see if the user has 24-word mnemonic they want to use to
// derive a seed within the wallet. // derive a seed within the wallet.
@ -1539,39 +1518,23 @@ mnemonicCheck:
// want to use, we'll generate a fresh one with the GenSeed // want to use, we'll generate a fresh one with the GenSeed
// command. // command.
fmt.Println("Your cipher seed can optionally be encrypted.") fmt.Println("Your cipher seed can optionally be encrypted.")
fmt.Printf("Input your passphrase if you wish to encrypt it " +
instruction := "Input your passphrase if you wish to encrypt it " +
"(or press enter to proceed without a cipher seed " + "(or press enter to proceed without a cipher seed " +
"passphrase): ") "passphrase): "
aezeedPass1, err := terminal.ReadPassword(int(syscall.Stdin)) aezeedPass, err = capturePassword(
instruction, true, func(_ []byte) error { return nil },
)
if err != nil { if err != nil {
return err return err
} }
fmt.Println()
if len(aezeedPass1) != 0 {
fmt.Printf("Confirm cipher seed passphrase: ")
aezeedPass2, err := terminal.ReadPassword(
int(syscall.Stdin),
)
if err != nil {
return err
}
fmt.Println()
// If the passwords don't match, then we'll return an
// error.
if !bytes.Equal(aezeedPass1, aezeedPass2) {
return fmt.Errorf("cipher seed pass phrases " +
"don't match")
}
}
fmt.Println() fmt.Println()
fmt.Println("Generating fresh cipher seed...") fmt.Println("Generating fresh cipher seed...")
fmt.Println() fmt.Println()
genSeedReq := &lnrpc.GenSeedRequest{ genSeedReq := &lnrpc.GenSeedRequest{
AezeedPassphrase: aezeedPass1, AezeedPassphrase: aezeedPass,
} }
seedResp, err := client.GenSeed(ctxb, genSeedReq) seedResp, err := client.GenSeed(ctxb, genSeedReq)
if err != nil { if err != nil {
@ -1579,7 +1542,6 @@ mnemonicCheck:
} }
cipherSeedMnemonic = seedResp.CipherSeedMnemonic cipherSeedMnemonic = seedResp.CipherSeedMnemonic
aezeedPass = aezeedPass1
} }
// Before we initialize the wallet, we'll display the cipher seed to // Before we initialize the wallet, we'll display the cipher seed to
@ -1635,7 +1597,7 @@ mnemonicCheck:
// With either the user's prior cipher seed, or a newly generated one, // With either the user's prior cipher seed, or a newly generated one,
// we'll go ahead and initialize the wallet. // we'll go ahead and initialize the wallet.
req := &lnrpc.InitWalletRequest{ req := &lnrpc.InitWalletRequest{
WalletPassword: pw1, WalletPassword: walletPassword,
CipherSeedMnemonic: cipherSeedMnemonic, CipherSeedMnemonic: cipherSeedMnemonic,
AezeedPassphrase: aezeedPass, AezeedPassphrase: aezeedPass,
RecoveryWindow: recoveryWindow, RecoveryWindow: recoveryWindow,
@ -1650,6 +1612,55 @@ mnemonicCheck:
return nil return nil
} }
// capturePassword returns a password value that has been entered twice by the
// user, to ensure that the user knows what password they have entered. The user
// will be prompted to retry until the passwords match. If the optional param is
// true, the function may return an empty byte array if the user opts against
// using a password.
func capturePassword(instruction string, optional bool,
validate func([]byte) error) ([]byte, error) {
for {
fmt.Printf(instruction)
password, err := terminal.ReadPassword(int(syscall.Stdin))
if err != nil {
return nil, err
}
fmt.Println()
// Do not require users to repeat password if
// it is optional and they are not using one.
if len(password) == 0 && optional {
return nil, nil
}
// If the password provided is not valid, restart
// password capture process from the beginning.
if err := validate(password); err != nil {
fmt.Println(err.Error())
fmt.Println()
continue
}
fmt.Println("Confirm password:")
passwordConfirmed, err := terminal.ReadPassword(
int(syscall.Stdin),
)
if err != nil {
return nil, err
}
fmt.Println()
if bytes.Equal(password, passwordConfirmed) {
return password, nil
}
fmt.Println("Passwords don't match, " +
"please try again")
fmt.Println()
}
}
var unlockCommand = cli.Command{ var unlockCommand = cli.Command{
Name: "unlock", Name: "unlock",
Category: "Startup", Category: "Startup",