thePR0M3TH3AN/seedPass
1
0
Fork 0
mirror of https://github.com/PR0M3TH3AN/SeedPass.git synced 2025-09-10 00:09:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add encryption mode change feature

Browse Source
This commit is contained in:
thePR0M3TH3AN
2025-07-02 11:02:53 -04:00
parent 138cf01fe1
commit 4d9bcf6d3b
3 changed files with 119 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/password_manager/config_manager.py
View File

@@ -12,6 +12,10 @@ import bcrypt
from password_manager.vault import Vault
from nostr.client import DEFAULT_RELAYS as DEFAULT_NOSTR_RELAYS
from utils.key_derivation import (
EncryptionMode,
DEFAULT_ENCRYPTION_MODE,
)
logger = logging.getLogger(__name__)
@@ -41,6 +45,7 @@ class ConfigManager:
"relays": list(DEFAULT_NOSTR_RELAYS),
"pin_hash": "",
"password_hash": "",
"encryption_mode": DEFAULT_ENCRYPTION_MODE.value,
}
try:
data = self.vault.load_config()
@@ -50,6 +55,7 @@ class ConfigManager:
data.setdefault("relays", list(DEFAULT_NOSTR_RELAYS))
data.setdefault("pin_hash", "")
data.setdefault("password_hash", "")
data.setdefault("encryption_mode", DEFAULT_ENCRYPTION_MODE.value)
# Migrate legacy hashed_password.enc if present and password_hash is missing
legacy_file = self.fingerprint_dir / "hashed_password.enc"
@@ -113,3 +119,9 @@ class ConfigManager:
config = self.load_config(require_pin=False)
config["password_hash"] = password_hash
self.save_config(config)
def set_encryption_mode(self, mode: EncryptionMode) -> None:
"""Persist the selected encryption mode in the config."""
config = self.load_config(require_pin=False)
config["encryption_mode"] = mode.value
self.save_config(config)

51
src/password_manager/manager.py
View File

@@ -723,6 +723,7 @@ class PasswordManager:
)
self.store_hashed_password(password)
self.config_manager.set_encryption_mode(self.encryption_mode)
logging.info("User password hashed and stored successfully.")
seed_mgr.encrypt_parent_seed(seed)
@@ -1459,3 +1460,53 @@ class PasswordManager:
except Exception as e:
logging.error(f"Failed to change password: {e}", exc_info=True)
print(colored(f"Error: Failed to change password: {e}", "red"))
def change_encryption_mode(self, new_mode: EncryptionMode) -> None:
"""Re-encrypt the index using a different encryption mode."""
try:
password = prompt_existing_password("Enter your current master password: ")
if not self.verify_password(password):
print(colored("Incorrect password.", "red"))
return
index_data = self.vault.load_index()
config_data = self.config_manager.load_config(require_pin=False)
new_key = derive_index_key(self.parent_seed, password, new_mode)
new_mgr = EncryptionManager(new_key, self.fingerprint_dir)
self.vault.set_encryption_manager(new_mgr)
self.vault.save_index(index_data)
self.config_manager.vault = self.vault
config_data["encryption_mode"] = new_mode.value
self.config_manager.save_config(config_data)
self.encryption_manager = new_mgr
self.password_generator.encryption_manager = new_mgr
self.encryption_mode = new_mode
relay_list = config_data.get("relays", list(DEFAULT_RELAYS))
self.nostr_client = NostrClient(
encryption_manager=self.encryption_manager,
fingerprint=self.current_fingerprint,
relays=relay_list,
parent_seed=getattr(self, "parent_seed", None),
)
print(colored("Encryption mode changed successfully.", "green"))
try:
encrypted_data = self.get_encrypted_data()
if encrypted_data:
summary = f"mode-change-{int(time.time())}"
self.nostr_client.publish_json_to_nostr(
encrypted_data,
alt_summary=summary,
)
except Exception as nostr_error:
logging.error(
f"Failed to post updated index to Nostr after encryption mode change: {nostr_error}"
)
except Exception as e:
logging.error(f"Failed to change encryption mode: {e}", exc_info=True)
print(colored(f"Error: Failed to change encryption mode: {e}", "red"))