From 124a293a33c3d20152cd77bd15b9682d04e0bafc Mon Sep 17 00:00:00 2001 From: Peter Cai Date: Mon, 10 Oct 2022 16:18:30 -0400 Subject: [PATCH] Only allow alphanumeric passphrases for now We would need to sanitize the input for perl, or find a better way to do hmac_sha256 here. --- gocrypt.bash | 1 + 1 file changed, 1 insertion(+) diff --git a/gocrypt.bash b/gocrypt.bash index f0cacfa..d33c97c 100755 --- a/gocrypt.bash +++ b/gocrypt.bash @@ -67,6 +67,7 @@ gocrypt_init() { if $needs_passphrase; then echo -n "Enter passphrase: " read -s passphrase + [[ "$passphrase" =~ [^a-zA-Z0-9\ ] ]] && gocrypt_die "Only alphanumeric characters are allowed for now" local passphrase_confirm="" echo echo -n "Confirm passphrase: "