Skip to content

Dont wipe vault on decryption errors #486

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kira-bruneau wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Dont wipe vault on decryption errors #486

kira-bruneau wants to merge 2 commits into from

Conversation

@kira-bruneau
Copy link

@kira-bruneau kira-bruneau commented Jul 23, 2024
edited
Loading

Fixes #470.

Previously, encryption errors from unmarshalFile were grouped together with vault load errors as "corrupt vault" errors, and https://github.com/kira-bruneau/proton-bridge/blob/2fd0985a523784ec412de68ec5bec5bf4309e485/internal/vault/vault.go#L370-L377 would reset the vault any time it was found to be "corrupt".

This change just checks if the resulting error is an encryption error first, and if it is, wires it up like any other I/O error.

Before:

WARN[Jul 23 21:13:10.396] Failed to load existing vault, vault has been reset  error="failed to decrypt vault: cipher: message authentication failed"
WARN[Jul 23 21:13:10.414] The vault is corrupt and has been wiped

After:

FATA[Jul 24 10:18:22.188] could not load/create vault: failed to decrypt vault: cipher: message authentication failed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Vault gets wiped on startup when using pass

1 participant

@kira-bruneau