aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJesse Luehrs <doy@tozt.net>2021-03-02 02:45:04 -0500
committerJesse Luehrs <doy@tozt.net>2021-03-02 02:45:04 -0500
commitd149a01bffd2bfdd16e471c8be55f7760c70dd69 (patch)
tree552b9f5a1288cf29ae88bf65a5e201692a29004a
parentafde294f5922cead3efde54400c973e55004aa0a (diff)
downloadrbw-d149a01bffd2bfdd16e471c8be55f7760c70dd69.tar.gz
rbw-d149a01bffd2bfdd16e471c8be55f7760c70dd69.zip
suggest rotating the user's encryption key for old cipherstring types
-rw-r--r--CHANGELOG.md2
-rw-r--r--src/cipherstring.rs12
-rw-r--r--src/error.rs3
3 files changed, 14 insertions, 3 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4888412..664b165 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,8 @@
* On Linux, the `rbw-agent` process can no longer be attached to by debuggers,
and no longer produces core dumps (#42, oranenj)
+* Suggest rotating the user's encryption key if we see an old cipherstring type
+ (#40, rjc)
## [1.0.0] - 2021-02-21
diff --git a/src/cipherstring.rs b/src/cipherstring.rs
index 6de4d6c..c1bd80d 100644
--- a/src/cipherstring.rs
+++ b/src/cipherstring.rs
@@ -76,9 +76,15 @@ impl CipherString {
.context(crate::error::InvalidBase64)?;
Ok(Self::Asymmetric { ciphertext })
}
- _ => Err(Error::UnimplementedCipherStringType {
- ty: ty.to_string(),
- }),
+ _ => {
+ if ty < 6 {
+ Err(Error::TooOldCipherStringType { ty: ty.to_string() })
+ } else {
+ Err(Error::UnimplementedCipherStringType {
+ ty: ty.to_string(),
+ })
+ }
+ }
}
}
diff --git a/src/error.rs b/src/error.rs
index 6e8e6da..e43084c 100644
--- a/src/error.rs
+++ b/src/error.rs
@@ -162,6 +162,9 @@ pub enum Error {
#[snafu(display("error spawning pinentry"))]
Spawn { source: tokio::io::Error },
+ #[snafu(display("cipherstring type {} too old\n\nPlease rotate your account encryption key (https://bitwarden.com/help/article/account-encryption-key/) and try again.", ty))]
+ TooOldCipherStringType { ty: String },
+
#[snafu(display("two factor required"))]
TwoFactorRequired {
providers: Vec<crate::api::TwoFactorProviderType>,