Skip to content

Commit

Permalink
ocicrypt-rs: dont't swallop pre_unwrap_key() error
Browse files Browse the repository at this point in the history 
The error for encryption::pre_unwrap_key() is silently discarded, which
means we get no meaningful error in consumers.

Signed-off-by: Magnus Kulke <magnuskulke@microsoft.com>
  • Loading branch information
@mkulke
mkulke committed Jul 30, 2024
1 parent d996c69 commit 51e9670
Showing 1 changed file with 3 additions and 4 deletions.
7 changes: 3 additions & 4 deletions ocicrypt-rs/src/encryption.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -188,10 +188,9 @@ pub fn decrypt_layer_key_opts_data(
priv_key_given = true;
}

if let Ok(opts_data) = pre_unwrap_key(keywrapper, dc, &b64_annotation) {
if !opts_data.is_empty() {
return Ok(opts_data);
}
let opts_data = pre_unwrap_key(keywrapper, dc, &b64_annotation)?;
if !opts_data.is_empty() {
return Ok(opts_data);
}
// try next keywrapper
}
Expand Down

0 comments on commit 51e9670

Please sign in to comment.