Add explicit error for no private key (#1026)

Follow up to #1024, which improves the error message when missing a private key.
bitwarden · Sep 6, 2024 · 59cee6e · 59cee6e
1 parent fdb4308
commit 59cee6e
Show file tree

Hide file tree

Showing 6 changed files with 32 additions and 9 deletions.
diff --git a/crates/bitwarden-core/src/client/encryption_settings.rs b/crates/bitwarden-core/src/client/encryption_settings.rs
@@ -8,6 +8,7 @@ use uuid::Uuid;
 
 #[cfg(feature = "internal")]
 use crate::error::Result;
+use crate::VaultLocked;
 
 #[derive(Debug, Error)]
 pub enum EncryptionSettingsError {
@@ -17,8 +18,14 @@ pub enum EncryptionSettingsError {
     #[error(transparent)]
     InvalidBase64(#[from] base64::DecodeError),
 
+    #[error(transparent)]
+    VaultLocked(#[from] VaultLocked),
+
     #[error("Invalid private key")]
     InvalidPrivateKey,
+
+    #[error("Missing private key")]
+    MissingPrivateKey,
 }
 
 #[derive(Clone)]
@@ -98,11 +105,9 @@ impl EncryptionSettings {
     pub(crate) fn set_org_keys(
         &mut self,
         org_enc_keys: Vec<(Uuid, AsymmetricEncString)>,
-    ) -> Result<&Self> {
+    ) -> Result<&Self, EncryptionSettingsError> {
         use bitwarden_crypto::KeyDecryptable;
 
-        use crate::VaultLocked;
-
         // Make sure we only keep the keys given in the arguments and not any of the previous
         // ones, which might be from organizations that the user is no longer a part of anymore
         self.org_keys.clear();
@@ -112,7 +117,10 @@ impl EncryptionSettings {
             return Ok(self);
         }
 
-        let private_key = self.private_key.as_ref().ok_or(VaultLocked)?;
+        let private_key = self
+            .private_key
+            .as_ref()
+            .ok_or(EncryptionSettingsError::MissingPrivateKey)?;
 
         // Decrypt the org keys with the private key
         for (org_id, org_enc_key) in org_enc_keys {

diff --git a/crates/bitwarden-core/src/client/internal.rs b/crates/bitwarden-core/src/client/internal.rs
@@ -234,7 +234,7 @@ impl InternalClient {
     pub fn initialize_org_crypto(
         &self,
         org_keys: Vec<(Uuid, AsymmetricEncString)>,
-    ) -> Result<Arc<EncryptionSettings>> {
+    ) -> Result<Arc<EncryptionSettings>, EncryptionSettingsError> {
         let mut guard = self
             .encryption_settings
             .write()

diff --git a/crates/bitwarden-core/src/mobile/client_crypto.rs b/crates/bitwarden-core/src/mobile/client_crypto.rs
@@ -25,7 +25,10 @@ impl<'a> ClientCrypto<'a> {
         initialize_user_crypto(self.client, req).await
     }
 
-    pub async fn initialize_org_crypto(&self, req: InitOrgCryptoRequest) -> Result<()> {
+    pub async fn initialize_org_crypto(
+        &self,
+        req: InitOrgCryptoRequest,
+    ) -> Result<(), EncryptionSettingsError> {
         initialize_org_crypto(self.client, req).await
     }
 

diff --git a/crates/bitwarden-core/src/mobile/crypto.rs b/crates/bitwarden-core/src/mobile/crypto.rs
@@ -190,7 +190,10 @@ pub struct InitOrgCryptoRequest {
     pub organization_keys: HashMap<uuid::Uuid, AsymmetricEncString>,
 }
 
-pub async fn initialize_org_crypto(client: &Client, req: InitOrgCryptoRequest) -> Result<()> {
+pub async fn initialize_org_crypto(
+    client: &Client,
+    req: InitOrgCryptoRequest,
+) -> Result<(), EncryptionSettingsError> {
     let organization_keys = req.organization_keys.into_iter().collect();
     client.internal.initialize_org_crypto(organization_keys)?;
     Ok(())

diff --git a/crates/bitwarden-uniffi/src/crypto.rs b/crates/bitwarden-uniffi/src/crypto.rs
@@ -31,7 +31,13 @@ impl ClientCrypto {
     /// Initialization method for the organization crypto. Needs to be called after
     /// `initialize_user_crypto` but before any other crypto operations.
     pub async fn initialize_org_crypto(&self, req: InitOrgCryptoRequest) -> Result<()> {
-        Ok(self.0 .0.crypto().initialize_org_crypto(req).await?)
+        Ok(self
+            .0
+             .0
+            .crypto()
+            .initialize_org_crypto(req)
+            .await
+            .map_err(Error::EncryptionSettings)?)
     }
 
     /// Get the uses's decrypted encryption key. Note: It's very important

diff --git a/crates/bitwarden-vault/src/sync.rs b/crates/bitwarden-vault/src/sync.rs
@@ -44,7 +44,10 @@ pub(crate) async fn sync(client: &Client, input: &SyncRequest) -> Result<SyncRes
         .filter_map(|o| o.id.zip(o.key.as_deref().and_then(|k| k.parse().ok())))
         .collect();
 
-    let enc = client.internal.initialize_org_crypto(org_keys)?;
+    let enc = client
+        .internal
+        .initialize_org_crypto(org_keys)
+        .map_err(bitwarden_core::Error::EncryptionSettings)?;
 
     SyncResponse::process_response(sync, &enc)
 }