Commit Graph

20 Commits

Author SHA1 Message Date
Sofía Aritz c97700b29a Add structs `DecryptedNote`, `EncryptedNote` and `HiddenNote`
This makes some invalid states unrepresentable, which is something that is desired in this application to reduce mental complexity and to reduce the risk of undesired behaviour of aplying functions like `encrypt` on already encrypted notes.

`Note` is now an enum that holds the structs. This approach is similar to the one used in some parts of `std`, though in this case other approaches could be used, but they would be way too much verbose for this use case.

This change was done because having functions like `hide` on already hidden functions is not a good idea (even if was they do is "just" cloning the structure...).

There are some rough edges, but I'll improve them in another moment.
2023-03-16 22:28:17 +01:00
Sofía Aritz 237f343b33 Add link to article 2023-03-12 15:30:58 +01:00
Sofía Aritz 68011d61ee Start implementing settings page 2023-03-11 21:17:14 +01:00
Sofía Aritz 482f3f7fb0 Use a more idiomatic way to convert a `HashMap` to an `Option<HashMap>` 2023-03-11 20:51:25 +01:00
Sofía Aritz c92e73328d Prevent zero-length metadata to be created
This isn't the most idiomatic way, but I'll change it in another moment.
2023-03-08 21:39:19 +01:00
Sofía Aritz 0e2d79fc72 Implement the addition of arbitrary metadata when creating a note
The UI/UX needs to improve, but this is good enough for a proof of concept to start iterating.

Also fix a few clippy warnings.
2023-03-08 21:14:31 +01:00
Sofía Aritz 2078c82f45 Add a migration system for the new password system
Added an automatic migration system for notes before the #1 redesign.

Ths system works as follows:
1. Checks the password system used.
2. If it's the old system, the migration is started.
3. The data directory is backed up.
4. The notes are decrypted using the old password.
5. The notes are encrypted and saved using the `KDF(password)`

This commit also adds documentation related to future migrations of the "password system" and which migrations will be supported by each future version.

This documents also showcases that when v1 is released, support for `PasswordSystem::V0` will be completely removed.
2023-03-06 18:23:37 +01:00
Sofía Aritz fab26f8c73 Show user a password-length indicator
When the password is less than 12 characters, the length is shown in red, when it is higher, it is shown in green.

Also changed the entropy colors to be more _nuanced_, now they have the following values:
[0, 35) = red
[35, 60) = orange
(60, ∞) = green

Finally closes #1.
2023-03-06 00:30:51 +01:00
Sofía Aritz b051b923fd Show entropy to the user when inserting a password
Seems like according to the formula used (`E = L * log2(R)`, where `E` is the ntropy, `L` is the password length and `R` is the quantity of unique characters), a good value is a entropy higher than 60.

This is shown by using two distinct colors when rendering the entropy (dark orange when is lower than 60, and light green when is higher than 60).

Even though entropy is quite important, it would be more useful to take into account dictionaries when calculating the entropy, because raw bruteforce attacks are somewhat mitigated with the usage of a KDF.

Related #1
2023-03-06 00:03:41 +01:00
Sofía Aritz f4b5a0541d Improve security of encrypted notes
Closes #1.

The password is hashed using Argon2, with the salt being `SHA256(password)`. The output hash is then encoded using hex.

The password-checking function checks if the "note database" is encrypted using the plain password (and returns it) or if it is encrypted using the hashed+salted password (and returns the value). This allows older databases to work properly.

A migration path may be added in the future.
2023-03-05 17:35:04 +01:00
Sofía Aritz e40c076202 Add "Expectations" to the readme 2023-03-04 14:22:24 +01:00
Sofía Aritz fcdbfbc932 Implement "hide notes" and "show notes", retry on failed password and minor fixes
* implemented "hide notes"
* implemented "show notes" (internally "unhide")
* improved the title and metadata renderer to use enums and return values instead of callbacks
* added system to retry on password fails (adds `native-dialog` dep for convenience)
2023-03-02 22:40:36 +01:00
Sofía Aritz 19fe7a4ef5 Move App creation into its impl 2023-02-27 18:57:20 +01:00
Sofía Aritz e839770c9a Add ScrollArea to notes container 2023-02-27 17:19:09 +01:00
Sofía Aritz b599f628de Sort notes my newest, save note ID in the Note struct, add ID-based note removal
This adds a weird callback-based system to properly update the state once a note is removed.

This system isn't very nice, and it can be quite messy, but I'll improve it in the future
2023-02-27 16:57:00 +01:00
Sofía Aritz 88dd8f034f Add more spacing in the password prompt phase 2023-02-27 15:36:35 +01:00
Sofía Aritz d801350eb2 Use password TextEdit to hide the password 2023-02-27 15:35:44 +01:00
Sofía Aritz e1dc5f2d36 Remove terminal when executing 2023-02-27 15:31:17 +01:00
Sofía Aritz 159bf20447 Add readme 2023-02-27 15:28:19 +01:00
Sofía Aritz 4abecc7971 Initial release
This is an initial release, I'm aware that this doesn't have the best structure and that there's lots of copying, but performance isn't relevant right now
2023-02-27 15:22:30 +01:00