move incorrect passkey error
This commit is contained in:
Carson McManus
parent
fdc606fb0e
commit
49a264ba3f
5 changed files with 7 additions and 23 deletions
13
Cargo.lock
generated
13
Cargo.lock
generated
|
|
@ -808,18 +808,6 @@ version = "2.3.4"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "0ee1c47aaa256ecabcaea351eae4a9b01ef39ed810004e298d2511ed284b1525"
|
checksum = "0ee1c47aaa256ecabcaea351eae4a9b01ef39ed810004e298d2511ed284b1525"
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "memoize"
|
|
||||||
version = "0.1.9"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "bb49e4361c7534fd1fd1d4a1da51b1bb4b254c5ebc519fc4e5dce578fd69f5d9"
|
|
||||||
dependencies = [
|
|
||||||
"lazy_static 1.4.0",
|
|
||||||
"proc-macro2",
|
|
||||||
"quote",
|
|
||||||
"syn",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "mime"
|
name = "mime"
|
||||||
version = "0.3.16"
|
version = "0.3.16"
|
||||||
|
|
@ -1863,7 +1851,6 @@ dependencies = [
|
||||||
"hmac-sha1",
|
"hmac-sha1",
|
||||||
"lazy_static 1.4.0",
|
"lazy_static 1.4.0",
|
||||||
"log",
|
"log",
|
||||||
"memoize",
|
|
||||||
"proptest",
|
"proptest",
|
||||||
"rand 0.8.4",
|
"rand 0.8.4",
|
||||||
"regex",
|
"regex",
|
||||||
|
|
|
||||||
|
|
@ -38,7 +38,6 @@ ring = "0.16.20"
|
||||||
aes = "0.7.4"
|
aes = "0.7.4"
|
||||||
block-modes = "0.8.1"
|
block-modes = "0.8.1"
|
||||||
thiserror = "1.0.26"
|
thiserror = "1.0.26"
|
||||||
memoize = "0.1.9"
|
|
||||||
|
|
||||||
[dev-dependencies]
|
[dev-dependencies]
|
||||||
tempdir = "0.3"
|
tempdir = "0.3"
|
||||||
|
|
|
||||||
|
|
@ -97,6 +97,9 @@ impl Manifest {
|
||||||
let plaintext = crate::encryption::LegacySdaCompatible::decrypt(
|
let plaintext = crate::encryption::LegacySdaCompatible::decrypt(
|
||||||
passkey, params, ciphertext,
|
passkey, params, ciphertext,
|
||||||
)?;
|
)?;
|
||||||
|
if plaintext[0] != '{' as u8 && plaintext[plaintext.len() - 1] != '}' as u8 {
|
||||||
|
return Err(ManifestAccountLoadError::IncorrectPasskey);
|
||||||
|
}
|
||||||
let s = std::str::from_utf8(&plaintext).unwrap();
|
let s = std::str::from_utf8(&plaintext).unwrap();
|
||||||
account = serde_json::from_str(&s)?;
|
account = serde_json::from_str(&s)?;
|
||||||
}
|
}
|
||||||
|
|
@ -195,6 +198,8 @@ impl Manifest {
|
||||||
pub enum ManifestAccountLoadError {
|
pub enum ManifestAccountLoadError {
|
||||||
#[error("Manifest accounts are encrypted, but no passkey was provided.")]
|
#[error("Manifest accounts are encrypted, but no passkey was provided.")]
|
||||||
MissingPasskey,
|
MissingPasskey,
|
||||||
|
#[error("Incorrect passkey provided.")]
|
||||||
|
IncorrectPasskey,
|
||||||
#[error("Failed to decrypt account. {self:?}")]
|
#[error("Failed to decrypt account. {self:?}")]
|
||||||
DecryptionFailed(#[from] crate::encryption::EntryEncryptionError),
|
DecryptionFailed(#[from] crate::encryption::EntryEncryptionError),
|
||||||
#[error("Failed to deserialize the account.")]
|
#[error("Failed to deserialize the account.")]
|
||||||
|
|
|
||||||
|
|
@ -131,9 +131,6 @@ impl EntryEncryptor for LegacySdaCompatible {
|
||||||
let mut buffer = vec![0xffu8; 16 * size];
|
let mut buffer = vec![0xffu8; 16 * size];
|
||||||
buffer[..decoded.len()].copy_from_slice(&decoded);
|
buffer[..decoded.len()].copy_from_slice(&decoded);
|
||||||
let mut decrypted = cipher.decrypt(&mut buffer)?;
|
let mut decrypted = cipher.decrypt(&mut buffer)?;
|
||||||
if decrypted[0] != '{' as u8 && decrypted[decrypted.len() - 1] != '}' as u8 {
|
|
||||||
return Err(EntryEncryptionError::IncorrectPasskey);
|
|
||||||
}
|
|
||||||
let unpadded = Pkcs7::unpad(&mut decrypted)?;
|
let unpadded = Pkcs7::unpad(&mut decrypted)?;
|
||||||
return Ok(unpadded.to_vec());
|
return Ok(unpadded.to_vec());
|
||||||
}
|
}
|
||||||
|
|
@ -141,8 +138,6 @@ impl EntryEncryptor for LegacySdaCompatible {
|
||||||
|
|
||||||
#[derive(Debug, Error)]
|
#[derive(Debug, Error)]
|
||||||
pub enum EntryEncryptionError {
|
pub enum EntryEncryptionError {
|
||||||
#[error("Incorrect passkey provided.")]
|
|
||||||
IncorrectPasskey,
|
|
||||||
#[error(transparent)]
|
#[error(transparent)]
|
||||||
Unknown(#[from] anyhow::Error),
|
Unknown(#[from] anyhow::Error),
|
||||||
}
|
}
|
||||||
|
|
@ -208,7 +203,7 @@ mod tests {
|
||||||
fn test_ensure_encryption_symmetric() -> anyhow::Result<()> {
|
fn test_ensure_encryption_symmetric() -> anyhow::Result<()> {
|
||||||
let passkey = "password";
|
let passkey = "password";
|
||||||
let params = EntryEncryptionParams::generate();
|
let params = EntryEncryptionParams::generate();
|
||||||
let orig = "{{tactical glizzy}}".as_bytes().to_vec();
|
let orig = "tactical glizzy".as_bytes().to_vec();
|
||||||
let encrypted =
|
let encrypted =
|
||||||
LegacySdaCompatible::encrypt(&passkey.clone().into(), ¶ms, orig.clone()).unwrap();
|
LegacySdaCompatible::encrypt(&passkey.clone().into(), ¶ms, orig.clone()).unwrap();
|
||||||
let result = LegacySdaCompatible::decrypt(&passkey.into(), ¶ms, encrypted).unwrap();
|
let result = LegacySdaCompatible::decrypt(&passkey.into(), ¶ms, encrypted).unwrap();
|
||||||
|
|
|
||||||
|
|
@ -193,9 +193,7 @@ fn main() {
|
||||||
Ok(_) => break,
|
Ok(_) => break,
|
||||||
Err(
|
Err(
|
||||||
accountmanager::ManifestAccountLoadError::MissingPasskey
|
accountmanager::ManifestAccountLoadError::MissingPasskey
|
||||||
| accountmanager::ManifestAccountLoadError::DecryptionFailed(
|
| accountmanager::ManifestAccountLoadError::IncorrectPasskey,
|
||||||
encryption::EntryEncryptionError::IncorrectPasskey,
|
|
||||||
),
|
|
||||||
) => {
|
) => {
|
||||||
if passkey.is_some() {
|
if passkey.is_some() {
|
||||||
error!("Incorrect passkey");
|
error!("Incorrect passkey");
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue