thePR0M3TH3AN/seedPass
1
0
Fork 0
mirror of https://github.com/PR0M3TH3AN/SeedPass.git synced 2025-09-08 15:28:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #490 from PR0M3TH3AN/codex/modify-decrypt_parent_seed-for-aes-gcm-and-fernet

Browse Source 
Handle legacy Fernet parent seed files
This commit is contained in:
thePR0M3TH3AN
2025-07-13 09:12:51 -04:00
committed by GitHub
parent a93f7c6628 0ba38c3dc2
commit e203ce0e1b
1 changed files with 29 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/password_manager/encryption.py
View File

@@ -124,29 +124,45 @@ class EncryptionManager:
raise raise
def decrypt_parent_seed(self) -> str: def decrypt_parent_seed(self) -> str:
""" """Decrypt and return the stored parent seed."""
Decrypts and returns the parent seed from 'parent_seed.enc' within the fingerprint directory.
:return: The decrypted parent seed. parent_seed_path = self.fingerprint_dir / "parent_seed.enc"
"""
try: try:
parent_seed_path = self.fingerprint_dir / "parent_seed.enc"
with exclusive_lock(parent_seed_path) as fh: with exclusive_lock(parent_seed_path) as fh:
fh.seek(0) fh.seek(0)
encrypted_data = fh.read() encrypted_data = fh.read()
decrypted_data = self.decrypt_data(encrypted_data) try:
parent_seed = decrypted_data.decode("utf-8").strip() decrypted = self.decrypt_data(encrypted_data)
parent_seed = decrypted.decode("utf-8").strip()
logger.debug(
f"Parent seed decrypted successfully from '{parent_seed_path}'."
)
return parent_seed
except (InvalidTag, InvalidToken):
logger.info(
"AES-GCM decryption failed for parent seed, attempting Fernet fallback"
)
try:
decrypted = self.fernet.decrypt(encrypted_data)
except InvalidToken as e:
logger.error(
f"Fernet decryption failed for '{parent_seed_path}': {e}",
exc_info=True,
)
raise
parent_seed = decrypted.decode("utf-8").strip()
legacy_path = parent_seed_path.with_suffix(
parent_seed_path.suffix + ".fernet"
)
os.rename(parent_seed_path, legacy_path)
self.encrypt_parent_seed(parent_seed)
logger.debug( logger.debug(
f"Parent seed decrypted successfully from '{parent_seed_path}'." f"Parent seed decrypted with Fernet and re-encrypted using AES-GCM at '{parent_seed_path}'."
) )
return parent_seed return parent_seed
except InvalidTag:
logger.error(
"Invalid encryption key or corrupted data while decrypting parent seed."
)
raise
except Exception as e: except Exception as e:
logger.error(f"Failed to decrypt parent seed: {e}", exc_info=True) logger.error(f"Failed to decrypt parent seed: {e}", exc_info=True)
print(colored(f"Error: Failed to decrypt parent seed: {e}", "red")) print(colored(f"Error: Failed to decrypt parent seed: {e}", "red"))