From d149a01bffd2bfdd16e471c8be55f7760c70dd69 Mon Sep 17 00:00:00 2001 From: Jesse Luehrs Date: Tue, 2 Mar 2021 02:45:04 -0500 Subject: suggest rotating the user's encryption key for old cipherstring types --- CHANGELOG.md | 2 ++ src/cipherstring.rs | 12 +++++++++--- src/error.rs | 3 +++ 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4888412..664b165 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,8 @@ * On Linux, the `rbw-agent` process can no longer be attached to by debuggers, and no longer produces core dumps (#42, oranenj) +* Suggest rotating the user's encryption key if we see an old cipherstring type + (#40, rjc) ## [1.0.0] - 2021-02-21 diff --git a/src/cipherstring.rs b/src/cipherstring.rs index 6de4d6c..c1bd80d 100644 --- a/src/cipherstring.rs +++ b/src/cipherstring.rs @@ -76,9 +76,15 @@ impl CipherString { .context(crate::error::InvalidBase64)?; Ok(Self::Asymmetric { ciphertext }) } - _ => Err(Error::UnimplementedCipherStringType { - ty: ty.to_string(), - }), + _ => { + if ty < 6 { + Err(Error::TooOldCipherStringType { ty: ty.to_string() }) + } else { + Err(Error::UnimplementedCipherStringType { + ty: ty.to_string(), + }) + } + } } } diff --git a/src/error.rs b/src/error.rs index 6e8e6da..e43084c 100644 --- a/src/error.rs +++ b/src/error.rs @@ -162,6 +162,9 @@ pub enum Error { #[snafu(display("error spawning pinentry"))] Spawn { source: tokio::io::Error }, + #[snafu(display("cipherstring type {} too old\n\nPlease rotate your account encryption key (https://bitwarden.com/help/article/account-encryption-key/) and try again.", ty))] + TooOldCipherStringType { ty: String }, + #[snafu(display("two factor required"))] TwoFactorRequired { providers: Vec, -- cgit v1.2.3