Show proper error message if generating KDF hash fails with OOM

This commit is contained in:
Artem Chepurnoy 2024-01-08 19:49:23 +02:00
parent 2d090b4a86
commit 51dd09a94c
No known key found for this signature in database
GPG Key ID: FAC37D0CF674043E
3 changed files with 31 additions and 5 deletions

View File

@ -0,0 +1,12 @@
package com.artemchep.keyguard.common.exception
import com.artemchep.keyguard.res.Res
import dev.icerock.moko.resources.StringResource
open class OutOfMemoryKdfException(
m: String?,
e: Throwable?,
) : Exception(m, e), Readable {
override val title: StringResource
get() = Res.strings.error_failed_generate_kdf_hash_oom
}

View File

@ -1,5 +1,6 @@
package com.artemchep.keyguard.provider.bitwarden.api
import com.artemchep.keyguard.common.exception.OutOfMemoryKdfException
import com.artemchep.keyguard.common.io.bind
import com.artemchep.keyguard.common.model.Argon2Mode
import com.artemchep.keyguard.common.service.crypto.CryptoGenerator
@ -234,11 +235,23 @@ private fun generateSecrets(
.lowercase(Locale.ENGLISH)
.toByteArray()
val masterKey = cryptoGenerator.masterKeyHash(
val masterKey = runCatching {
cryptoGenerator.masterKeyHash(
seed = passwordBytes,
salt = emailBytes,
config = hashConfig,
)
}.getOrElse { e ->
if (e is OutOfMemoryError) {
val newError = OutOfMemoryKdfException(
m = e.localizedMessage ?: e.message,
e = e,
)
throw newError
}
throw e
}
val passwordKey = cryptoGenerator.pbkdf2(
seed = masterKey,
salt = passwordBytes,

View File

@ -399,6 +399,7 @@
<string name="error_invalid_uri">Invalid URI</string>
<string name="error_invalid_card_number">Invalid card number</string>
<string name="error_incorrect_password">Incorrect password</string>
<string name="error_failed_generate_kdf_hash_oom">Failed to create a key, out of memory. Please check your KDF server settings.</string>
<string name="error_failed_generate_otp_code">Failed to generate OTP code</string>
<string name="error_failed_create_passkey">Failed to create a passkey</string>
<string name="error_failed_use_passkey">Failed to authorize a request</string>