Change Stronghold password to be required

iotaledger · Mar 29, 2022 · 9293237 · 9293237
1 parent 5365702
commit 9293237
Show file tree

Hide file tree

Showing 11 changed files with 21 additions and 26 deletions.
diff --git a/bindings/stronghold-nodejs/.license_template b/bindings/stronghold-nodejs/.license_template
@@ -0,0 +1,2 @@
+// Copyright {20\d{2}(-20\d{2})?} IOTA Stiftung
+// SPDX-License-Identifier: Apache-2.0
diff --git a/bindings/stronghold-nodejs/js/stronghold.ts b/bindings/stronghold-nodejs/js/stronghold.ts
@@ -6,11 +6,11 @@ export class Stronghold implements Storage {
 
     constructor() {}
 
-    public async init(snapshot: string, password?: string, dropsave?: boolean) {
+    public async init(snapshot: string, password: string, dropsave?: boolean) {
         this.napiStronghold = await NapiStronghold.new(snapshot, password, dropsave);
     }
 
-    public static async build(snapshot: string, password?: string, dropsave?: boolean) {
+    public static async build(snapshot: string, password: string, dropsave?: boolean) {
         const stronghold = new Stronghold();
         await stronghold.init(snapshot, password, dropsave)
         return stronghold

diff --git a/bindings/stronghold-nodejs/src/account/storage/stronghold.rs b/bindings/stronghold-nodejs/src/account/storage/stronghold.rs
@@ -33,7 +33,7 @@ impl NapiStronghold {
 
   /// Creates an instance of `Stronghold`.
   #[napi]
-  pub async fn new(snapshot: String, password: Option<String>, dropsave: Option<bool>) -> Result<NapiStronghold> {
+  pub async fn new(snapshot: String, password: String, dropsave: Option<bool>) -> Result<NapiStronghold> {
     Ok(NapiStronghold(
       Stronghold::new(&snapshot, password, dropsave).await.napi_result()?,
     ))

diff --git a/examples/account/create_did.rs b/examples/account/create_did.rs
@@ -21,8 +21,8 @@ async fn main() -> Result<()> {
   // Stronghold is an encrypted file that manages private keys.
   // It implements best practices for security and is the recommended way of handling private keys.
   let stronghold_path: PathBuf = "./example-strong.hodl".into();
-  let password: String = "my-password".into();
-  let stronghold: Stronghold = Stronghold::new(&stronghold_path, Some(password), None).await?;
+  let password: String = "my-password".to_owned();
+  let stronghold: Stronghold = Stronghold::new(&stronghold_path, password, None).await?;
 
   // Create a new identity using Stronghold as local storage.
   //

diff --git a/examples/account/lazy.rs b/examples/account/lazy.rs
@@ -18,8 +18,8 @@ async fn main() -> Result<()> {
 
   // Stronghold settings
   let stronghold_path: PathBuf = "./example-strong.hodl".into();
-  let password: String = "my-password".into();
-  let stronghold: Stronghold = Stronghold::new(&stronghold_path, Some(password), None).await?;
+  let password: String = "my-password".to_owned();
+  let stronghold: Stronghold = Stronghold::new(&stronghold_path, password, None).await?;
 
   // Create a new Account with auto publishing set to false.
   // This means updates are not pushed to the tangle automatically.

diff --git a/examples/account/manipulate_did.rs b/examples/account/manipulate_did.rs
@@ -25,8 +25,8 @@ async fn main() -> Result<()> {
 
   // Stronghold settings
   let stronghold_path: PathBuf = "./example-strong.hodl".into();
-  let password: String = "my-password".into();
-  let stronghold: Stronghold = Stronghold::new(&stronghold_path, Some(password), None).await?;
+  let password: String = "my-password".to_owned();
+  let stronghold: Stronghold = Stronghold::new(&stronghold_path, password, None).await?;
 
   // Create a new Account with the default configuration
   let mut account: Account = Account::builder()

diff --git a/examples/account/multiple_identities.rs b/examples/account/multiple_identities.rs
@@ -23,8 +23,8 @@ async fn main() -> Result<()> {
   // Stronghold is an encrypted file that manages private keys.
   // It implements best practices for security and is the recommended way of handling private keys.
   let stronghold_path: PathBuf = "./example-strong.hodl".into();
-  let password: String = "my-password".into();
-  let stronghold: Stronghold = Stronghold::new(&stronghold_path, Some(password), None).await?;
+  let password: String = "my-password".to_owned();
+  let stronghold: Stronghold = Stronghold::new(&stronghold_path, password, None).await?;
 
   // Create an AccountBuilder to make it easier to create multiple identities.
   // Every account created from the builder will use the same storage - stronghold in this case.

diff --git a/examples/account/signing.rs b/examples/account/signing.rs
@@ -34,8 +34,8 @@ async fn main() -> Result<()> {
 
   // Stronghold settings
   let stronghold_path: PathBuf = "./example-strong.hodl".into();
-  let password: String = "my-password".into();
-  let stronghold: Stronghold = Stronghold::new(&stronghold_path, Some(password), None).await?;
+  let password: String = "my-password".to_owned();
+  let stronghold: Stronghold = Stronghold::new(&stronghold_path, password, None).await?;
 
   // Create a new Account with stronghold storage.
   let mut account: Account = Account::builder()

diff --git a/examples/account/unchecked.rs b/examples/account/unchecked.rs
@@ -23,8 +23,8 @@ async fn main() -> Result<()> {
   // Stronghold is an encrypted file that manages private keys.
   // It implements best practices for security and is the recommended way of handling private keys.
   let stronghold_path: PathBuf = "./example-strong.hodl".into();
-  let password: String = "my-password".into();
-  let stronghold: Stronghold = Stronghold::new(&stronghold_path, Some(password), None).await?;
+  let password: String = "my-password".to_owned();
+  let stronghold: Stronghold = Stronghold::new(&stronghold_path, password, None).await?;
 
   // Create a new identity using Stronghold as local storage.
   //

diff --git a/identity-account-storage/src/storage/stronghold.rs b/identity-account-storage/src/storage/stronghold.rs
@@ -45,17 +45,13 @@ impl Stronghold {
   /// * snapshot: path to a local Stronghold file, will be created if it does not exist.
   /// * password: password for the Stronghold file, optional.
   /// * dropsave: save all changes when the instance is dropped. Default: true.
-  pub async fn new<'a, T, U>(snapshot: &T, password: U, dropsave: Option<bool>) -> Result<Self>
+  pub async fn new<'a, T>(snapshot: &T, mut password: String, dropsave: Option<bool>) -> Result<Self>
   where
     T: AsRef<Path> + ?Sized,
-    U: Into<Option<String>>,
   {
     let snapshot: Snapshot = Snapshot::new(snapshot);
-
-    if let Some(mut password) = password.into() {
-      snapshot.load(derive_encryption_key(&password)).await?;
-      password.zeroize();
-    }
+    snapshot.load(derive_encryption_key(&password)).await?;
+    password.zeroize();
 
     Ok(Self {
       snapshot: Arc::new(snapshot),

diff --git a/identity-account/src/tests/account.rs b/identity-account/src/tests/account.rs
@@ -57,9 +57,6 @@ async fn test_account_builder() -> Result<()> {
     crate::Error::IdentityNotFound
   ));
 
-  // Release the lease on did1.
-  std::mem::drop(account1);
-
   assert!(builder.load_identity(did1).await.is_ok());
 
   Ok(())
@@ -502,7 +499,7 @@ async fn test_account_sync_diff_msg_update() {
 async fn create_account(network: Network) -> Account {
   Account::builder()
     .storage(
-      Stronghold::new("./example-strong.hodl", Some("my-password".to_owned()), None)
+      Stronghold::new("./example-strong.hodl", "my-password".to_owned(), None)
         .await
         .unwrap(),
     )