Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cypto.getPrivate(): fix error when passphrase kinda works #1386

Merged
merged 6 commits into from
Feb 10, 2025
Merged

cypto.getPrivate(): fix error when passphrase kinda works #1386

merged 6 commits into from
Feb 10, 2025

Conversation

alxndrsn
Copy link
Contributor

@alxndrsn alxndrsn commented Feb 4, 2025
edited
Loading

Closes #1212

Sometimes an incorrect passphrase can still "successfully" decrypt supplied the supplied ciphertext, but to nonsense. In this case, the call to createPrivateKey() will throw an error that was not previously handled by the surrounding try/catch block.

What has been done to verify that this works as intended?

Added tests.

Why is this the best possible solution? Were any other approaches considered?

The full error generated can be:

Error: error:1E08010C:DECODER routines::unsupported
    at createPrivateKey (node:internal/crypto/keys:726:12)
    at /home/user/workspaces/odk/backend/lib/util/crypto.js:164:14 {
  opensslErrorStack: [ 'error:1E08010C:DECODER routines::unsupported' ],
  library: 'DECODER routines',
  reason: 'unsupported',
  code: 'ERR_OSSL_UNSUPPORTED'
}

Checking error.code seems like it should be reasonably stable.

How does this change affect users? Describe intentional changes to behavior and behavior that could have accidentally been affected by code changes. In other words, what are the regression risks?

Should reduce 500 errors or similar.

Does this change require updates to the API documentation? If so, please update docs/api.yaml as part of this PR.

Hopefully not.

Before submitting this PR, please make sure you have:

  • run make test and confirmed all checks still pass OR confirm CircleCI build passes
  • verified that any code from external sources are properly credited in comments or that everything is internally sourced

@alxndrsn alxndrsn mentioned this pull request Feb 6, 2025
Open
@alxndrsn alxndrsn self-assigned this Feb 8, 2025
matthew-white
matthew-white approved these changes Feb 10, 2025
View reviewed changes
Copy link
Member

@matthew-white matthew-white left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, it sounds like this is getting to the root cause of the issue.

@matthew-white
Copy link
Member

I'm going to take this PR out of the project, since the associated issue is also in the project.

@alxndrsn alxndrsn merged commit 4af4f33 into getodk:master Feb 10, 2025
6 checks passed
@alxndrsn alxndrsn deleted the 1212-fix branch February 10, 2025 06:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matthew-white matthew-white matthew-white approved these changes

Assignees

@alxndrsn alxndrsn

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Intermittent test failure: DECODER routines::unsupported
2 participants
@alxndrsn @matthew-white