Commit graph

19 commits

Author SHA1 Message Date
237f343b33 Add link to article 2023-03-12 15:30:58 +01:00
68011d61ee Start implementing settings page 2023-03-11 21:17:14 +01:00
482f3f7fb0 Use a more idiomatic way to convert a HashMap to an Option<HashMap> 2023-03-11 20:51:25 +01:00
c92e73328d Prevent zero-length metadata to be created
This isn't the most idiomatic way, but I'll change it in another moment.
2023-03-08 21:39:19 +01:00
0e2d79fc72 Implement the addition of arbitrary metadata when creating a note
The UI/UX needs to improve, but this is good enough for a proof of concept to start iterating.

Also fix a few clippy warnings.
2023-03-08 21:14:31 +01:00
2078c82f45 Add a migration system for the new password system
Added an automatic migration system for notes before the #1 redesign.

Ths system works as follows:
1. Checks the password system used.
2. If it's the old system, the migration is started.
3. The data directory is backed up.
4. The notes are decrypted using the old password.
5. The notes are encrypted and saved using the `KDF(password)`

This commit also adds documentation related to future migrations of the "password system" and which migrations will be supported by each future version.

This documents also showcases that when v1 is released, support for `PasswordSystem::V0` will be completely removed.
2023-03-06 18:23:37 +01:00
fab26f8c73 Show user a password-length indicator
When the password is less than 12 characters, the length is shown in red, when it is higher, it is shown in green.

Also changed the entropy colors to be more _nuanced_, now they have the following values:
[0, 35) = red
[35, 60) = orange
(60, ∞) = green

Finally closes #1.
2023-03-06 00:30:51 +01:00
b051b923fd Show entropy to the user when inserting a password
Seems like according to the formula used (`E = L * log2(R)`, where `E` is the ntropy, `L` is the password length and `R` is the quantity of unique characters), a good value is a entropy higher than 60.

This is shown by using two distinct colors when rendering the entropy (dark orange when is lower than 60, and light green when is higher than 60).

Even though entropy is quite important, it would be more useful to take into account dictionaries when calculating the entropy, because raw bruteforce attacks are somewhat mitigated with the usage of a KDF.

Related #1
2023-03-06 00:03:41 +01:00
f4b5a0541d Improve security of encrypted notes
Closes #1.

The password is hashed using Argon2, with the salt being `SHA256(password)`. The output hash is then encoded using hex.

The password-checking function checks if the "note database" is encrypted using the plain password (and returns it) or if it is encrypted using the hashed+salted password (and returns the value). This allows older databases to work properly.

A migration path may be added in the future.
2023-03-05 17:35:04 +01:00
e40c076202 Add "Expectations" to the readme 2023-03-04 14:22:24 +01:00
fcdbfbc932 Implement "hide notes" and "show notes", retry on failed password and minor fixes
* implemented "hide notes"
* implemented "show notes" (internally "unhide")
* improved the title and metadata renderer to use enums and return values instead of callbacks
* added system to retry on password fails (adds `native-dialog` dep for convenience)
2023-03-02 22:40:36 +01:00
19fe7a4ef5 Move App creation into its impl 2023-02-27 18:57:20 +01:00
e839770c9a Add ScrollArea to notes container 2023-02-27 17:19:09 +01:00
b599f628de Sort notes my newest, save note ID in the Note struct, add ID-based note removal
This adds a weird callback-based system to properly update the state once a note is removed.

This system isn't very nice, and it can be quite messy, but I'll improve it in the future
2023-02-27 16:57:00 +01:00
88dd8f034f Add more spacing in the password prompt phase 2023-02-27 15:36:35 +01:00
d801350eb2 Use password TextEdit to hide the password 2023-02-27 15:35:44 +01:00
e1dc5f2d36 Remove terminal when executing 2023-02-27 15:31:17 +01:00
159bf20447 Add readme 2023-02-27 15:28:19 +01:00
4abecc7971 Initial release
This is an initial release, I'm aware that this doesn't have the best structure and that there's lots of copying, but performance isn't relevant right now
2023-02-27 15:22:30 +01:00