diff options
| author | DanConwayDev <DanConwayDev@protonmail.com> | 2024-11-21 16:53:17 +0000 |
|---|---|---|
| committer | DanConwayDev <DanConwayDev@protonmail.com> | 2024-11-21 16:53:17 +0000 |
| commit | f79014235e85554e3661b3f2a02b8fa88bc192ff (patch) | |
| tree | fceec3ff2df212148a3420af7cef81a3f818463e /src/lib/login/key_encryption.rs | |
| parent | 91b0eac4daf92b7b740267ef203a1a8ba591974b (diff) | |
feat(login): overhaul login experience
* simplify login menu, making it more accessable to newcomers and
easier to select remote signer options
* enable `ngit login` to work from anywhere (not just a git repo)
* assume fresh login details saved to global git config but fallback
to local repository
* maintain local repository login via `ngit login --local`
* maintain login via CLI arguments eg `ngit send --nsec nsec123`
* nudge users to remember nsec when pasting in ncryptsec for a
better UX, whilst maintaining the option to be prompted for
password everytime
* create placeholder menu items for help menu and create account
Diffstat (limited to 'src/lib/login/key_encryption.rs')
| -rw-r--r-- | src/lib/login/key_encryption.rs | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/src/lib/login/key_encryption.rs b/src/lib/login/key_encryption.rs index b50b507..efb38d1 100644 --- a/src/lib/login/key_encryption.rs +++ b/src/lib/login/key_encryption.rs | |||
| @@ -1,23 +1,5 @@ | |||
| 1 | use anyhow::Result; | 1 | use anyhow::Result; |
| 2 | use nostr::{prelude::*, Keys}; | 2 | use nostr::prelude::*; |
| 3 | |||
| 4 | pub fn encrypt_key(keys: &Keys, password: &str) -> Result<String> { | ||
| 5 | let log2_rounds: u8 = if password.len() > 20 { | ||
| 6 | // we have enough of entropy - no need to spend CPU time adding much more | ||
| 7 | 1 | ||
| 8 | } else { | ||
| 9 | println!("this may take a few seconds..."); | ||
| 10 | // default (scrypt::Params::RECOMMENDED_LOG_N) is 17 but 30s is too long to wait | ||
| 11 | 15 | ||
| 12 | }; | ||
| 13 | Ok(nostr::nips::nip49::EncryptedSecretKey::new( | ||
| 14 | keys.secret_key(), | ||
| 15 | password, | ||
| 16 | log2_rounds, | ||
| 17 | KeySecurity::Medium, | ||
| 18 | )? | ||
| 19 | .to_bech32()?) | ||
| 20 | } | ||
| 21 | 3 | ||
| 22 | pub fn decrypt_key(encrypted_key: &str, password: &str) -> Result<nostr::Keys> { | 4 | pub fn decrypt_key(encrypted_key: &str, password: &str) -> Result<nostr::Keys> { |
| 23 | let encrypted_key = nostr::nips::nip49::EncryptedSecretKey::from_bech32(encrypted_key)?; | 5 | let encrypted_key = nostr::nips::nip49::EncryptedSecretKey::from_bech32(encrypted_key)?; |
| @@ -34,6 +16,24 @@ mod tests { | |||
| 34 | 16 | ||
| 35 | use super::*; | 17 | use super::*; |
| 36 | 18 | ||
| 19 | pub fn encrypt_key(keys: &Keys, password: &str) -> Result<String> { | ||
| 20 | let log2_rounds: u8 = if password.len() > 20 { | ||
| 21 | // we have enough of entropy - no need to spend CPU time adding much more | ||
| 22 | 1 | ||
| 23 | } else { | ||
| 24 | println!("this may take a few seconds..."); | ||
| 25 | // default (scrypt::Params::RECOMMENDED_LOG_N) is 17 but 30s is too long to wait | ||
| 26 | 15 | ||
| 27 | }; | ||
| 28 | Ok(nostr::nips::nip49::EncryptedSecretKey::new( | ||
| 29 | keys.secret_key(), | ||
| 30 | password, | ||
| 31 | log2_rounds, | ||
| 32 | KeySecurity::Medium, | ||
| 33 | )? | ||
| 34 | .to_bech32()?) | ||
| 35 | } | ||
| 36 | |||
| 37 | #[test] | 37 | #[test] |
| 38 | fn encrypt_key_produces_string_prefixed_with() -> Result<()> { | 38 | fn encrypt_key_produces_string_prefixed_with() -> Result<()> { |
| 39 | let s = encrypt_key(&nostr::Keys::generate(), TEST_PASSWORD)?; | 39 | let s = encrypt_key(&nostr::Keys::generate(), TEST_PASSWORD)?; |