Merge 7c306e6 into a5445a0

app/console.go

@@ -134,36 +134,60 @@ func cryptoWallet(ctx *ishell.Context, app *App) {
 		if app.CurrentUser.CryptoWallet {
 			ctx.Print("CryptoWallet is already enabled")
 		} else {
-			ctx.Print("Please enter password: ")
+			ctx.Print("Enter password: ")
 			password := ctx.ReadPassword()
+
+			// Verify password complexity
+			if !VerifyPasswordComplexity(password) {
+				ctx.Println("Invalid password length (min 8 chars)")
+				ctx.Print("Re-enter password: ")
+				password = ctx.ReadPassword()
+			}
+			if !VerifyPasswordComplexity(password) {
+				ctx.Println("Invalid password length, unable to encrypt private key")
+				break
+			}
+
+			// Confirm password
+			ctx.Print("Confirm password: ")
+			password2 := ctx.ReadPassword()
+			if password != password2 {
+				ctx.Println("Passwords do not match")
+				ctx.Print("Confirm password: ")
+				password2 = ctx.ReadPassword()
+			}
+			if password != password2 {
+				ctx.Println("Passwords do not match, unable to encrypt private key")
+				break
+			}
+
 			err := encryptUser(ctx, app, password)
 			if err != nil {
-				ctx.Print("Unable to decrypt private key")
+				ctx.Println("Unable to encrypt private key")
 			} else {
-				ctx.Print("Successfully enabled cryptowallet")
+				ctx.Println("Successfully enabled cryptowallet")
 			}
 		}
 	case "disable":
 		if !app.CurrentUser.CryptoWallet {
 			ctx.Print("CryptoWallet is already disabled")
 			return
 		}
-		ctx.Print("Please enter password: ")
+		ctx.Print("Enter password: ")
 		password := ctx.ReadPassword()
 		err := decryptUser(ctx, app, password)
 
 		// Invalid password, try again
 		if InvalidPassword(err) {
-			ctx.Print("Inavalid password, please try again: ")
+			ctx.Print("Inavalid password, try again: ")
 			password = ctx.ReadPassword()
 			err = decryptUser(ctx, app, password)
 		}
 		if err != nil {
 			ctx.Println("Unable to decrypt private key")
-			return
+		} else {
+			ctx.Print("Successfully disabled cryptowallet")
 		}
-		ctx.Print("Successfully disabled cryptowallet")
-		return
 	case "status":
 		var s string
 		if app.CurrentUser.CryptoWallet {
@@ -200,13 +224,13 @@ func send(ctx *ishell.Context, app *App) {
 	cryptoWallet := false
 	password := ""
 	if app.CurrentUser.CryptoWallet {
-		ctx.Print("Please enter cryptowallet password: ")
+		ctx.Print("Enter cryptowallet password: ")
 		password = ctx.ReadPassword()
 		err = app.CurrentUser.DecryptPrivateKey(password)
 
 		// Invalid password, try again
 		if InvalidPassword(err) {
-			ctx.Print("Inavalid password, please try again: ")
+			ctx.Print("Inavalid password, try again: ")
 			password = ctx.ReadPassword()
 			err = app.CurrentUser.DecryptPrivateKey(password)
 		}

app/crypto.go

@@ -14,11 +14,17 @@ import (
 https://golang.org/src/crypto/cipher/example_test.go
 */
 
+// Encryption utility constants
 const (
 	nonceSize = 12
 	saltSize  = 16
 )
 
+// Password complexity constants
+const (
+	minPasswordLen = 8
+)
+
 // Encrypt encrypts cipherText with a given password
 func Encrypt(plainText []byte, password string) ([]byte, error) {
 
@@ -89,6 +95,11 @@ func Decrypt(cipherText []byte, password string) ([]byte, error) {
 	return plainText, nil
 }
 
+// VerifyPasswordComplexity verifies password complexity
+func VerifyPasswordComplexity(password string) bool {
+	return len(password) >= minPasswordLen
+}
+
 // InvalidPassword is returned from Decrypt if an invalid password is used to
 // decrypt the ciphertext
 func InvalidPassword(err error) bool {

app/crypto_test.go

@@ -27,3 +27,15 @@ func TestInvalidPassword(t *testing.T) {
 		t.Fail()
 	}
 }
+
+func TestPasswordComplexity(t *testing.T) {
+	test := "1234567"
+	if app.VerifyPasswordComplexity(test) {
+		t.Fail()
+	}
+
+	test = "12345678"
+	if !app.VerifyPasswordComplexity(test) {
+		t.Fail()
+	}
+}