mirror of
https://github.com/nextcloud/server.git
synced 2026-06-25 16:41:03 -04:00
0cff2cdbaf
When decrypting a v3 ciphertext with a mismatched secret, the first attempt throws an Exception (HMAC mismatch). The fallback then calls decryptWithoutSecret() with an empty string, which causes hash_hkdf() to throw a ValueError. Since ValueError extends \Error rather than \Exception, it bypassed the catch block and propagated as an unhandled error, crashing the whole request. Wrap the fallback in its own try/catch(\Throwable) and rethrow the original Exception so callers get a meaningful HMAC mismatch error. Signed-off-by: Anna Larch <anna@nextcloud.com> AI-Assisted-By: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| Bruteforce | ||
| CSP | ||
| CSRF | ||
| FeaturePolicy | ||
| IdentityProof | ||
| Ip | ||
| Normalizer | ||
| RateLimiting | ||
| Signature | ||
| VerificationToken | ||
| Certificate.php | ||
| CertificateManager.php | ||
| CredentialsManager.php | ||
| Crypto.php | ||
| Hasher.php | ||
| RemoteHostValidator.php | ||
| SecureRandom.php | ||
| TrustedDomainHelper.php | ||