Refactored encryption error handling code - pee - Pee a password manager;Pee - because you have to...
(HTM) git clone git://vernunftzentrum.de/pee.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) LICENSE
---
(DIR) commit a09303351df8a4cf928cb0bac8167b631264d025
(DIR) parent dcd1351050e076fccb2b080bd90f51e6c0b0d0ff
(HTM) Author: Christian Kellermann <ckeen@pestilenz.org>
Date: Fri, 8 Jan 2016 09:01:48 +0100
Refactored encryption error handling code
The encrypt-file procedure does the error handling now and aborts on
error with an exit code 1.
Diffstat:
pee.scm | 55 +++++++++++++-------------------
todo.org | 1 -
2 files changed, 22 insertions(+), 34 deletions(-)
---
(DIR) diff --git a/pee.scm b/pee.scm
@@ -112,8 +112,15 @@
(enc/dec-file content passphrase symmetric-unbox)))
(define (encrypt-file file content passphrase)
- (with-output-to-file file
- (lambda () (display (enc/dec-file content passphrase symmetric-box)))))
+ (let ((cyphertext (enc/dec-file
+ (with-output-to-string (lambda () (pp content)))
+ passphrase
+ symmetric-box)))
+ (unless cyphertext
+ (print "Error: cannot encrypt password store.")
+ (exit 1))
+ (with-output-to-file file
+ (lambda () (display cyphertext)))))
(define (db-keys alist) (map car alist))
@@ -238,12 +245,9 @@
(let ((user (prompt-for "Username"))
(password (new-password))
(comment (prompt-for "Comment")))
- (unless (encrypt-file db-name
- (with-output-to-string (lambda ()
- (pp (cons (list e user password comment) db))))
- p)
- (print "Error while encrypting password store")
- (exit 1))
+ (encrypt-file db-name
+ (cons (list e user password comment) db)
+ p)
(print "Entry for " e " added.")))
(define (do-update db-name db p account)
@@ -255,14 +259,10 @@
(ask-for-choice "Change password?" "y" "n"))
(new-password)
(second e))))
- (unless (encrypt-file db-name
- (with-output-to-string
- (lambda ()
- (pp (alist-update account (list user password comment) db equal?))))
- p)
- (print "Error: Encryption failed.")
- (exit 1))
- (print "Entry '" account "' has been updated."))))
+ (encrypt-file db-name
+ (alist-update account (list user password comment) db equal?)
+ p)
+ (print "Entry '" account "' has been updated."))))
(else (print "Error> Entry for '" account "' not found.")
(exit 1))))
@@ -271,12 +271,8 @@
(lambda (e)
(print-without-password (cons account e))
(if (equal? "y" (ask-for-choice "Really delete account?" "y" "n"))
- (if (encrypt-file db-name (with-output-to-string (lambda () (pp (alist-delete account db equal?)))) p)
- (print "Entry '" (car e) "' deleted.")
- (begin
- (print "Error: Encryption failed")
- (exit 1)))
- (print "Nothing done."))))
+ (encrypt-file db-name (alist-delete account db equal?) p)
+ (print "Entry '" (car e) "' deleted."))))
(else (print "Error: Entry for '" account "' not found")
(exit 1))))
@@ -311,12 +307,8 @@
(print "Error: Passphrases do not match.")
(print passphrase1 passphrase2)
(exit 1))
- (cond ((encrypt-file db-name (with-output-to-string (lambda () (pp content))) passphrase1)
- (print "Password store " db-name " initialised.")
- (exit 0))
- (else
- (print "Could not encrypt password store.")
- (exit 1)))))
+ (encrypt-file db-name content passphrase1)
+ (print "Password store " db-name " initialised.")))
(define (do-change-passphrase db-name db old-passphrase)
(print "I will ask you twice for the new passphrase.")
@@ -328,11 +320,8 @@
((equal? passphrase1 old-passphrase)
(print "Error: Passphrase is the same as old passphrase")
(exit 1))
- ((encrypt-file db-name (with-output-to-string (lambda () (pp db))) passphrase1)
- (print "Password store " db-name " reencrypted."))
- (else
- (print "Could not re-encrypt password store.")
- (exit 1)))))
+ (else (encrypt-file db-name db passphrase1)
+ (print "Password store " db-name " reencrypted.")))))
(define (main args)
(let* ((opts
(DIR) diff --git a/todo.org b/todo.org
@@ -3,7 +3,6 @@
** initialise-db should not overwrite the file so easily
** Add a version counter to the file, so we can make assumptions about the file format (maybe with a '@ entry?)
** Refactor the exit code
-** Refactor the encryption code
** Make password prompts not echo the password on the terminal
** Make ask-for-choice react on a single keystroke
** Add a last modified date to entries, this should make it easier when merging two databases