fix(pubky): decrypt_recovery_file, correctly parse SnD

pubky · Aug 22, 2024 · a16569b · a16569b
1 parent ec4ef0d
commit a16569b
Showing 1 changed file with 23 additions and 20 deletions.
diff --git a/pubky/src/shared/recovery_file.rs b/pubky/src/shared/recovery_file.rs
@@ -10,30 +10,33 @@ static SPEC_LINE: &str = "pubky.org/recovery";
 pub fn decrypt_recovery_file(recovery_file: &[u8], passphrase: &str) -> Result<Keypair> {
     let encryption_key = recovery_file_encryption_key_from_passphrase(passphrase)?;
 
-    let mut split = recovery_file.split(|byte| byte == &10);
-
-    match split.next() {
-        Some(bytes) => {
-            if !(bytes.starts_with(SPEC_LINE.as_bytes())
-                || bytes.starts_with(b"pkarr.org/recovery"))
-            {
-                return Err(Error::RecoveryFileVersionNotSupported);
-            }
-        }
-        None => return Err(Error::RecoveryFileMissingSpecLine),
-    };
+    let newline_index = recovery_file
+        .iter()
+        .position(|&r| r == 10)
+        .ok_or(())
+        .map_err(|_| Error::RecoveryFileMissingSpecLine)?;
+
+    let spec_line = &recovery_file[..newline_index];
+
+    if !(spec_line.starts_with(SPEC_LINE.as_bytes())
+        || spec_line.starts_with(b"pkarr.org/recovery"))
+    {
+        return Err(Error::RecoveryFileVersionNotSupported);
+    }
 
-    if let Some(encrypted) = split.next() {
-        let decrypted = decrypt(encrypted, &encryption_key)?;
-        let length = decrypted.len();
-        let secret_key: [u8; 32] = decrypted
-            .try_into()
-            .map_err(|_| Error::RecoverFileInvalidSecretKeyLength(length))?;
+    let encrypted = &recovery_file[newline_index + 1..];
 
-        return Ok(Keypair::from_secret_key(&secret_key));
+    if encrypted.is_empty() {
+        return Err(Error::RecoverFileMissingEncryptedSecretKey);
     };
 
-    Err(Error::RecoverFileMissingEncryptedSecretKey)
+    let decrypted = decrypt(encrypted, &encryption_key)?;
+    let length = decrypted.len();
+    let secret_key: [u8; 32] = decrypted
+        .try_into()
+        .map_err(|_| Error::RecoverFileInvalidSecretKeyLength(length))?;
+
+    Ok(Keypair::from_secret_key(&secret_key))
 }
 
 pub fn create_recovery_file(keypair: &Keypair, passphrase: &str) -> Result<Vec<u8>> {