From 17f17a80f818bcc20c387583a6ff00a8e07ec533 Mon Sep 17 00:00:00 2001 From: Lucas Fernandes Nogueira Date: Thu, 17 Feb 2022 18:41:47 -0300 Subject: [PATCH] fix(cli): do not panic if private key password is wrong, closes #3449 (#3495) --- .changes/cli-private-key-pwd-panic.md | 6 ++++++ tooling/cli/src/helpers/updater_signature.rs | 8 ++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) create mode 100644 .changes/cli-private-key-pwd-panic.md diff --git a/.changes/cli-private-key-pwd-panic.md b/.changes/cli-private-key-pwd-panic.md new file mode 100644 index 000000000..291d8bb11 --- /dev/null +++ b/.changes/cli-private-key-pwd-panic.md @@ -0,0 +1,6 @@ +--- +"cli.rs": patch +"cli.js": patch +--- + +Do not panic if the updater private key password is wrong. diff --git a/tooling/cli/src/helpers/updater_signature.rs b/tooling/cli/src/helpers/updater_signature.rs index 158adbf07..73bbc8e2e 100644 --- a/tooling/cli/src/helpers/updater_signature.rs +++ b/tooling/cli/src/helpers/updater_signature.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: MIT +use anyhow::Context; use base64::{decode, encode}; use minisign::{sign, KeyPair as KP, SecretKeyBox}; use std::{ @@ -109,8 +110,11 @@ where P: AsRef, { let decoded_secret = decode_key(private_key)?; - let sk_box = SecretKeyBox::from_string(&decoded_secret).unwrap(); - let sk = sk_box.into_secret_key(password).unwrap(); + let sk_box = SecretKeyBox::from_string(&decoded_secret) + .with_context(|| "failed to load updater private key")?; + let sk = sk_box + .into_secret_key(password) + .with_context(|| "incorrect updater private key password")?; // We need to append .sig at the end it's where the signature will be stored let signature_path_string = format!("{}.sig", bin_path.as_ref().display());