vaultwarden
/
goldwarden-vaultwarden-bitwarden-client
mirror of https://github.com/quexten/goldwarden.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add error handling for cipher decryption

This commit is contained in:
Bernd Schoolmann 2024-01-09 23:29:05 +01:00
parent 01aca3582f
commit 63ca3f2295
No known key found for this signature in database
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
agent/bitwarden/crypto/encstring.go
View File

@ -154,6 +154,12 @@ func DecryptWith(s EncString, key SymmetricEncryptionKey) ([]byte, error) {
if !isMacValid(msg, s.MAC, macKeyData) { if !isMacValid(msg, s.MAC, macKeyData) {
return nil, fmt.Errorf("decrypt: MAC mismatch") return nil, fmt.Errorf("decrypt: MAC mismatch")
} }
} else if s.Type == AesCbc256_B64 {
return nil, fmt.Errorf("decrypt: cipher of unsupported type %q", s.Type)
}
if len(s.IV) != block.BlockSize() {
return nil, fmt.Errorf("decrypt: invalid IV length, expected %d, got %d", block.BlockSize(), len(s.IV))
} }
mode := cipher.NewCBCDecrypter(block, s.IV) mode := cipher.NewCBCDecrypter(block, s.IV)
@ -168,7 +174,13 @@ func DecryptWith(s EncString, key SymmetricEncryptionKey) ([]byte, error) {
func EncryptWith(data []byte, typ EncStringType, key SymmetricEncryptionKey) (EncString, error) { func EncryptWith(data []byte, typ EncStringType, key SymmetricEncryptionKey) (EncString, error) {
encKeyData, err := key.EncryptionKeyBytes() encKeyData, err := key.EncryptionKeyBytes()
if err != nil {
return EncString{}, err
}
macKeyData, err := key.MacKeyBytes() macKeyData, err := key.MacKeyBytes()
if err != nil {
return EncString{}, err
}
s := EncString{} s := EncString{}
switch typ { switch typ {