Confirm passphrase if the user has typed it

dchenz · dchenz · commit b1b42ddbc580 · 2026-05-10T04:13:52.000+10:00
diff --git a/src/main/java/org/cryptomator/cli/Create.java b/src/main/java/org/cryptomator/cli/Create.java
@@ -59,22 +59,20 @@ public class Create implements Callable<Integer> {
     public Integer call() throws Exception {
         csprng = SecureRandom.getInstanceStrong();
 
-        createVault(pathToVault);
+        try (var passphraseContainer = passwordSource.readPassphrase()) {
+            passwordSource.confirmPassphrase();
 
-        LOG.info("Vault created successfully in {}", pathToVault);
-        return 0;
-    }
-
-    private void createVault(Path path) throws IOException {
-        // Throw exception if there's something already there.
-        Files.createDirectory(path);
+            // Throw exception if there's something already there.
+            Files.createDirectory(pathToVault);
 
-        try (var passphraseContainer = passwordSource.readPassphrase();
-                var masterkey = Masterkey.generate(csprng)) {
-
-            persistMasterkey(path, masterkey, passphraseContainer.content());
-            initializeVault(path, masterkey);
+            try (var masterkey = Masterkey.generate(csprng)) {
+                persistMasterkey(pathToVault, masterkey, passphraseContainer.content());
+                initializeVault(pathToVault, masterkey);
+            }
         }
+
+        LOG.info("Vault created successfully in {}", pathToVault);
+        return 0;
     }
 
     private void persistMasterkey(Path path, Masterkey masterkey, char[] passphrase)
diff --git a/src/main/java/org/cryptomator/cli/PasswordSource.java b/src/main/java/org/cryptomator/cli/PasswordSource.java
@@ -38,6 +38,23 @@ Passphrase readPassphrase() throws IOException {
         throw new IllegalStateException("Passphrase source not specified, but required.");
     }
 
+    void confirmPassphrase() throws IOException {
+        // Don't confirm the passphrase if stdin is piped.
+        if (passphraseStdin == null || System.console() == null) {
+            return;
+        }
+        char[] confirmationInput = System.console().readPassword("Confirm passphrase: ");
+        if (confirmationInput == null) {
+            throw new PassphraseNotConfirmedException("Passphrase confirmation failed (EOF reached).");
+        }
+        try (Passphrase confirmationPassphrase = new Passphrase(confirmationInput)) {
+            System.out.println("\n");
+            if (!Arrays.equals(passphraseStdin, confirmationPassphrase.content)) {
+                throw new PassphraseNotConfirmedException("Passphrase does not match. Please try again.");
+            }
+        }
+    }
+
     private Passphrase readPassphraseFromEnvironment() {
         LOG.debug("Reading passphrase from env variable '{}'", passphraseEnvironmentVariable);
         var tmp = System.getenv(passphraseEnvironmentVariable);
@@ -106,6 +123,12 @@ static class ReadingEnvironmentVariableFailedException extends PasswordSourceExc
         }
     }
 
+    static class PassphraseNotConfirmedException extends PasswordSourceException {
+      PassphraseNotConfirmedException(String msg) {
+        super(msg);
+      }
+    }
+
     record Passphrase(char[] content) implements AutoCloseable {
 
         @Override
