cleanup: KeyConfig::decrypt - show password hint on error
This commit is contained in:
parent
f490dda05a
commit
8428063d9e
@ -484,19 +484,7 @@ pub async fn restore_key(
|
||||
|
||||
if let Some(key_config) = key_config {
|
||||
let password_fn = || { Ok(password.as_bytes().to_vec()) };
|
||||
let key = match key_config.decrypt(&password_fn) {
|
||||
Ok((key, ..)) => key,
|
||||
Err(_) => {
|
||||
match key_config.hint {
|
||||
Some(hint) => {
|
||||
bail!("decrypt key failed (password hint: {})", hint);
|
||||
}
|
||||
None => {
|
||||
bail!("decrypt key failed (wrong password)");
|
||||
}
|
||||
}
|
||||
}
|
||||
};
|
||||
let (key, ..) = key_config.decrypt(&password_fn)?;
|
||||
config::tape_encryption_keys::insert_key(key, key_config)?;
|
||||
} else {
|
||||
bail!("media does not contain any encryption key configuration");
|
||||
|
@ -216,7 +216,7 @@ impl KeyConfig {
|
||||
let derived_key = kdf.derive_key(&passphrase)?;
|
||||
|
||||
if raw_data.len() < 32 {
|
||||
bail!("Unable to encode key - short data");
|
||||
bail!("Unable to decrypt key - short data");
|
||||
}
|
||||
let iv = &raw_data[0..16];
|
||||
let tag = &raw_data[16..32];
|
||||
@ -231,7 +231,16 @@ impl KeyConfig {
|
||||
b"",
|
||||
&enc_data,
|
||||
&tag,
|
||||
).map_err(|err| format_err!("Unable to decrypt key (wrong password?) - {}", err))?
|
||||
).map_err(|err| {
|
||||
match self.hint {
|
||||
Some(ref hint) => {
|
||||
format_err!("Unable to decrypt key (password hint: {})", hint)
|
||||
}
|
||||
None => {
|
||||
format_err!("Unable to decrypt key (wrong password?) - {}", err)
|
||||
}
|
||||
}
|
||||
})?
|
||||
|
||||
} else {
|
||||
raw_data.clone()
|
||||
|
Loading…
Reference in New Issue
Block a user