mirror of
https://github.com/PR0M3TH3AN/SeedPass.git
synced 2025-09-08 07:18:47 +00:00
Merge pull request #852 from PR0M3TH3AN/codex/handle-encryption-exceptions-with-user-friendly-message
Handle decryption failures with friendly message
This commit is contained in:
thePR0M3TH3AN
@@ -29,6 +29,7 @@ from utils.file_lock import exclusive_lock
|
||||
from mnemonic import Mnemonic
|
||||
from utils.password_prompt import prompt_existing_password
|
||||
from utils.key_derivation import KdfConfig, CURRENT_KDF_VERSION
|
||||
from .errors import DecryptionError
|
||||
|
||||
# Instantiate the logger
|
||||
logger = logging.getLogger(__name__)
|
||||
@@ -137,12 +138,15 @@ class EncryptionManager:
|
||||
ciphertext = encrypted_data[15:]
|
||||
if len(ciphertext) < 16:
|
||||
logger.error("AES-GCM payload too short")
|
||||
raise InvalidToken("AES-GCM payload too short")
|
||||
raise DecryptionError(
|
||||
f"Failed to decrypt{ctx}: AES-GCM payload too short"
|
||||
)
|
||||
return self.cipher.decrypt(nonce, ciphertext, None)
|
||||
except InvalidTag as e:
|
||||
msg = f"Failed to decrypt{ctx}: invalid key or corrupt file"
|
||||
logger.error(msg)
|
||||
raise InvalidToken(msg) from e
|
||||
logger.error(f"Failed to decrypt{ctx}: invalid key or corrupt file")
|
||||
raise DecryptionError(
|
||||
f"Failed to decrypt{ctx}: invalid key or corrupt file"
|
||||
) from e
|
||||
|
||||
# Next try the older V2 format
|
||||
if encrypted_data.startswith(b"V2:"):
|
||||
@@ -151,7 +155,9 @@ class EncryptionManager:
|
||||
ciphertext = encrypted_data[15:]
|
||||
if len(ciphertext) < 16:
|
||||
logger.error("AES-GCM payload too short")
|
||||
raise InvalidToken("AES-GCM payload too short")
|
||||
raise DecryptionError(
|
||||
f"Failed to decrypt{ctx}: AES-GCM payload too short"
|
||||
)
|
||||
return self.cipher.decrypt(nonce, ciphertext, None)
|
||||
except InvalidTag as e:
|
||||
logger.debug(
|
||||
@@ -164,9 +170,12 @@ class EncryptionManager:
|
||||
)
|
||||
return result
|
||||
except InvalidToken:
|
||||
msg = f"Failed to decrypt{ctx}: invalid key or corrupt file"
|
||||
logger.error(msg)
|
||||
raise InvalidToken(msg) from e
|
||||
logger.error(
|
||||
f"Failed to decrypt{ctx}: invalid key or corrupt file"
|
||||
)
|
||||
raise DecryptionError(
|
||||
f"Failed to decrypt{ctx}: invalid key or corrupt file"
|
||||
) from e
|
||||
|
||||
# If it's neither V3 nor V2, assume legacy Fernet format
|
||||
logger.warning("Data is in legacy Fernet format. Attempting migration.")
|
||||
@@ -176,18 +185,23 @@ class EncryptionManager:
|
||||
logger.error(
|
||||
"Legacy Fernet decryption failed. Vault may be corrupt or key is incorrect."
|
||||
)
|
||||
raise e
|
||||
raise DecryptionError(
|
||||
f"Failed to decrypt{ctx}: invalid key or corrupt file"
|
||||
) from e
|
||||
|
||||
except (InvalidToken, InvalidTag) as e:
|
||||
if encrypted_data.startswith(b"V3|") or encrypted_data.startswith(b"V2:"):
|
||||
# Already determined not to be legacy; re-raise
|
||||
raise
|
||||
if isinstance(e, InvalidToken) and str(e) == "AES-GCM payload too short":
|
||||
raise
|
||||
if not self._legacy_migrate_flag:
|
||||
except DecryptionError as e:
|
||||
if (
|
||||
encrypted_data.startswith(b"V3|")
|
||||
or encrypted_data.startswith(b"V2:")
|
||||
or not self._legacy_migrate_flag
|
||||
):
|
||||
raise
|
||||
logger.debug(f"Could not decrypt data{ctx}: {e}")
|
||||
raise LegacyFormatRequiresMigrationError(context)
|
||||
raise LegacyFormatRequiresMigrationError(context) from e
|
||||
except (InvalidToken, InvalidTag) as e: # pragma: no cover - safety net
|
||||
raise DecryptionError(
|
||||
f"Failed to decrypt{ctx}: invalid key or corrupt file"
|
||||
) from e
|
||||
|
||||
def decrypt_legacy(
|
||||
self, encrypted_data: bytes, password: str, context: Optional[str] = None
|
||||
@@ -224,8 +238,8 @@ class EncryptionManager:
|
||||
except Exception as e2: # pragma: no cover - try next iteration
|
||||
last_exc = e2
|
||||
logger.error(f"Failed legacy decryption attempt: {last_exc}", exc_info=True)
|
||||
raise InvalidToken(
|
||||
f"Could not decrypt{ctx} with any available method."
|
||||
raise DecryptionError(
|
||||
f"Failed to decrypt{ctx}: invalid key or corrupt file"
|
||||
) from last_exc
|
||||
|
||||
# --- All functions below this point now use the smart `decrypt_data` method ---
|
||||
@@ -409,10 +423,16 @@ class EncryptionManager:
|
||||
if return_kdf:
|
||||
return data, kdf
|
||||
return data
|
||||
except (InvalidToken, InvalidTag) as e:
|
||||
except DecryptionError as e:
|
||||
msg = f"Failed to decrypt or parse data from {file_path}: {e}"
|
||||
logger.error(msg)
|
||||
raise InvalidToken(msg) from e
|
||||
raise
|
||||
except (InvalidToken, InvalidTag) as e: # pragma: no cover - legacy safety
|
||||
msg = f"Failed to decrypt or parse data from {file_path}: {e}"
|
||||
logger.error(msg)
|
||||
raise DecryptionError(
|
||||
f"Failed to decrypt {file_path}: invalid key or corrupt file"
|
||||
) from e
|
||||
except JSONDecodeError as e:
|
||||
msg = f"Failed to parse JSON data from {file_path}: {e}"
|
||||
logger.error(msg)
|
||||
@@ -484,7 +504,7 @@ class EncryptionManager:
|
||||
logger.info("Index file from Nostr was processed and saved successfully.")
|
||||
self.last_migration_performed = is_legacy
|
||||
return True
|
||||
except (InvalidToken, LegacyFormatRequiresMigrationError):
|
||||
except (DecryptionError, LegacyFormatRequiresMigrationError):
|
||||
try:
|
||||
password = prompt_existing_password(
|
||||
"Enter your master password for legacy decryption: "
|
||||
|
||||
@@ -9,6 +9,7 @@ exception, displaying a friendly message and exiting with code ``1``.
|
||||
"""
|
||||
|
||||
from click import ClickException
|
||||
from cryptography.fernet import InvalidToken
|
||||
|
||||
|
||||
class SeedPassError(ClickException):
|
||||
@@ -18,4 +19,12 @@ class SeedPassError(ClickException):
|
||||
super().__init__(message)
|
||||
|
||||
|
||||
__all__ = ["SeedPassError"]
|
||||
class DecryptionError(InvalidToken, SeedPassError):
|
||||
"""Raised when encrypted data cannot be decrypted.
|
||||
|
||||
Subclasses :class:`cryptography.fernet.InvalidToken` so callers expecting
|
||||
the cryptography exception continue to work.
|
||||
"""
|
||||
|
||||
|
||||
__all__ = ["SeedPassError", "DecryptionError"]
|
||||
|
||||
@@ -37,8 +37,7 @@ from .password_generation import PasswordGenerator
|
||||
from .backup import BackupManager
|
||||
from .vault import Vault
|
||||
from .portable_backup import export_backup, import_backup, PortableMode
|
||||
from cryptography.fernet import InvalidToken
|
||||
from .errors import SeedPassError
|
||||
from .errors import SeedPassError, DecryptionError
|
||||
from .totp import TotpManager
|
||||
from .entry_types import EntryType
|
||||
from .pubsub import bus
|
||||
@@ -752,13 +751,11 @@ class PasswordManager:
|
||||
):
|
||||
self.config_manager.set_kdf_iterations(iter_try)
|
||||
break
|
||||
except InvalidToken:
|
||||
except DecryptionError:
|
||||
seed_mgr = None
|
||||
|
||||
if seed_mgr is None:
|
||||
msg = (
|
||||
"Invalid password for selected seed profile. Please try again."
|
||||
)
|
||||
msg = "Incorrect password or corrupt file"
|
||||
print(colored(msg, "red"))
|
||||
attempts += 1
|
||||
password = None
|
||||
@@ -830,6 +827,10 @@ class PasswordManager:
|
||||
seed_bytes = Bip39SeedGenerator(self.parent_seed).Generate()
|
||||
self.derive_key_hierarchy(seed_bytes)
|
||||
self.bip85 = BIP85(seed_bytes)
|
||||
except DecryptionError as e:
|
||||
logger.error(f"Failed to load parent seed: {e}", exc_info=True)
|
||||
print(colored("Incorrect password or corrupt file", "red"))
|
||||
raise SeedPassError("Incorrect password or corrupt file") from e
|
||||
except Exception as e:
|
||||
logger.error(f"Failed to load parent seed: {e}", exc_info=True)
|
||||
print(colored(f"Error: Failed to load parent seed: {e}", "red"))
|
||||
@@ -4246,7 +4247,7 @@ class PasswordManager:
|
||||
src,
|
||||
parent_seed=self.parent_seed,
|
||||
)
|
||||
except InvalidToken:
|
||||
except DecryptionError:
|
||||
logging.error("Invalid backup token during import", exc_info=True)
|
||||
print(
|
||||
colored(
|
||||
@@ -4488,7 +4489,7 @@ class PasswordManager:
|
||||
else:
|
||||
logging.warning("Password verification failed.")
|
||||
return is_correct
|
||||
except InvalidToken as e:
|
||||
except DecryptionError as e:
|
||||
logging.error(f"Failed to decrypt config: {e}")
|
||||
print(
|
||||
colored(
|
||||
|
||||
23
src/tests/test_invalid_password_message.py
Normal file
23
src/tests/test_invalid_password_message.py
Normal file
@@ -0,0 +1,23 @@
|
||||
from pathlib import Path
|
||||
from tempfile import TemporaryDirectory
|
||||
|
||||
import pytest
|
||||
|
||||
from seedpass.core.manager import PasswordManager
|
||||
from seedpass.core.config_manager import ConfigManager
|
||||
from seedpass.core.errors import SeedPassError
|
||||
from helpers import create_vault, TEST_SEED, TEST_PASSWORD
|
||||
|
||||
|
||||
def test_invalid_password_shows_friendly_message_once(capsys):
|
||||
with TemporaryDirectory() as tmpdir:
|
||||
tmp_path = Path(tmpdir)
|
||||
vault, _ = create_vault(tmp_path, TEST_SEED, TEST_PASSWORD)
|
||||
pm = PasswordManager.__new__(PasswordManager)
|
||||
pm.config_manager = ConfigManager(vault, tmp_path)
|
||||
pm.fingerprint_dir = tmp_path
|
||||
pm.parent_seed = ""
|
||||
with pytest.raises(SeedPassError):
|
||||
pm.load_parent_seed(tmp_path, password="wrongpass")
|
||||
captured = capsys.readouterr().out
|
||||
assert captured.count("Incorrect password or corrupt file") == 1
|
||||
Reference in New Issue
Block a user