Properly propagate decryption errors

src/iridium-crypto.c

@@ -33,6 +33,12 @@
 #include <nettle/pbkdf2.h>
 #include "iridium-crypto.h"
 
+GQuark
+iridium_crypto_error_quark (void)
+{
+  return g_quark_from_static_string ("iridium-crypto-error-quark");
+}
+
 IridiumAuthParams *
 iridium_crypto_auth_params_new (void)
 {
@@ -194,10 +200,16 @@ iridium_crypto_decrypt_item (const gchar *enc_content,
   gsize enc_key_size;
   gchar *content;
 
-  enc_auth_key = iridium_crypto_decrypt (enc_item_key, uuid, params->keys.master, params->keys.auth, sizeof (params->keys.master));
+  enc_auth_key =
+      iridium_crypto_decrypt(enc_item_key, uuid, params->keys.master,
+                             params->keys.auth, sizeof(params->keys.master));
 
-  if (enc_auth_key == NULL)
+  if (enc_auth_key == NULL) {
+    g_set_error(error, IRIDIUM_CRYPTO_ERROR,
+                IRIDIUM_CRYPTO_ERROR_DECRYPT_ENCRYPTION_KEY,
+                "Could not decrypt encryption key for %s", uuid);
     return NULL;
+  }
 
   enc_key = (gchar *) enc_auth_key;
   enc_key_size = strlen (enc_auth_key) / 2 - 8;
@@ -206,7 +218,8 @@ iridium_crypto_decrypt_item (const gchar *enc_content,
   enc_key_bytes = iridium_crypto_unhexlify (enc_key, enc_key_size);
   auth_key_bytes = iridium_crypto_unhexlify (auth_key, enc_key_size);
 
-  content = iridium_crypto_decrypt (enc_content, uuid, enc_key_bytes, auth_key_bytes, enc_key_size / 2);
+  content = iridium_crypto_decrypt(enc_content, uuid, enc_key_bytes,
+                                   auth_key_bytes, enc_key_size / 2);
 
   g_free (enc_key_bytes);
   g_free (auth_key_bytes);

src/iridium-crypto.h

@@ -22,6 +22,8 @@
 
 G_BEGIN_DECLS
 
+#define IRIDIUM_CRYPTO_ERROR  iridium_crypto_error_quark()
+
 typedef struct {
   guint cost;
   guint key_size;
@@ -43,6 +45,9 @@ typedef struct {
   } keys;
 } IridiumAuthParams;
 
+typedef enum {
+  IRIDIUM_CRYPTO_ERROR_DECRYPT_ENCRYPTION_KEY,
+} IridiumCryptoError;
 
 IridiumAuthParams *iridium_crypto_auth_params_new   (void);
 void               iridium_crypto_auth_params_free  (IridiumAuthParams  *params);
@@ -57,5 +62,6 @@ gchar             *iridium_crypto_hexlify           (const guint8       *s,
                                                      gsize               length);
 guint8            *iridium_crypto_unhexlify         (const gchar        *s,
                                                      gsize               length);
+GQuark             iridium_crypto_error_quark       (void);
 
 G_END_DECLS

src/iridium-standard-file.c

@@ -353,6 +353,7 @@ iridium_standard_file_get_items (JsonParser *parser,
   JsonObject *root;
   JsonArray *array;
   GList *items = NULL;
+  GError *tmp_error = NULL;
 
   root = json_node_get_object (json_parser_get_root (parser));
   array = json_object_get_array_member (root, "items");
@@ -373,7 +374,15 @@ iridium_standard_file_get_items (JsonParser *parser,
       continue;
 
     enc_content = json_object_get_string_member (data, "content");
-    content = iridium_crypto_decrypt_item (enc_content, auth_params, enc_item_key, uuid, error);
+    content = iridium_crypto_decrypt_item(enc_content, auth_params,
+                                          enc_item_key, uuid, &tmp_error);
+
+    if (tmp_error) {
+      g_propagate_error (error, tmp_error);
+      g_list_free_full (items, g_object_unref);
+      g_free (content);
+      return NULL;
+    }
 
     if (content) {
       item = deserialize_item (data, content);

test/test-crypto.c

@@ -57,12 +57,14 @@ test_decrypt_003_wrong_password (Dump *dump, gconstpointer user_data)
 {
   IridiumAuthParams *params;
   GList *items;
-  GError *error;
+  GError *error = NULL;
 
   params = iridium_crypto_auth_params_new ();
   iridium_crypto_derive_keys (params, "foo");
   items = iridium_standard_file_get_items (dump->parser, params, &error);
   g_assert_null (items);
+  g_assert_nonnull (error);
+  g_assert (error->code == IRIDIUM_CRYPTO_ERROR_DECRYPT_ENCRYPTION_KEY);
   iridium_crypto_auth_params_free (params);
 }