Add context to logs for decryption failures (#11684)

* Add logging to decryption routines * Fix case of uknown encryption type * Add decryption context to log where failures occur * Update log message * Fix linting * Add more context logs * Add more fine grained logging * Update log message * Fix tests
2025-12-14 23:33:31 +00:00 · 2024-10-25 15:22:30 +02:00
parent adabc59c03
commit 122c3c7809
7 changed files with 61 additions and 17 deletions
--- a/apps/browser/src/platform/services/local-backed-session-storage.service.spec.ts
+++ b/apps/browser/src/platform/services/local-backed-session-storage.service.spec.ts
@@ -48,8 +48,12 @@ describe("LocalBackedSessionStorage", () => {
      localStorage.internalStore["session_test"] = encrypted.encryptedString;
      encryptService.decryptToUtf8.mockResolvedValue(JSON.stringify("decrypted"));
      const result = await sut.get("test");
-      expect(encryptService.decryptToUtf8).toHaveBeenCalledWith(encrypted, sessionKey);
-      expect(result).toEqual("decrypted");
+      expect(encryptService.decryptToUtf8).toHaveBeenCalledWith(
+        encrypted,
+        sessionKey,
+        "browser-session-key",
+      ),
+        expect(result).toEqual("decrypted");
    });

    it("caches the decrypted value when one is stored in local storage", async () => {
@@ -65,8 +69,12 @@ describe("LocalBackedSessionStorage", () => {
      localStorage.internalStore["session_test"] = encrypted.encryptedString;
      encryptService.decryptToUtf8.mockResolvedValue(JSON.stringify("decrypted"));
      const result = await sut.get("test");
-      expect(encryptService.decryptToUtf8).toHaveBeenCalledWith(encrypted, sessionKey);
-      expect(result).toEqual("decrypted");
+      expect(encryptService.decryptToUtf8).toHaveBeenCalledWith(
+        encrypted,
+        sessionKey,
+        "browser-session-key",
+      ),
+        expect(result).toEqual("decrypted");
    });

    it("caches the decrypted value when one is stored in local storage", async () => {
--- a/apps/browser/src/platform/services/local-backed-session-storage.service.ts
+++ b/apps/browser/src/platform/services/local-backed-session-storage.service.ts
@@ -117,7 +117,11 @@ export class LocalBackedSessionStorageService
      return null;
    }

-    const valueJson = await this.encryptService.decryptToUtf8(new EncString(local), encKey);
+    const valueJson = await this.encryptService.decryptToUtf8(
+      new EncString(local),
+      encKey,
+      "browser-session-key",
+    );
    if (valueJson == null) {
      // error with decryption, value is lost, delete state and start over
      await this.localStorage.remove(this.sessionStorageKey(key));
--- a/apps/cli/src/commands/get.command.ts
+++ b/apps/cli/src/commands/get.command.ts
@@ -455,6 +455,7 @@ export class GetCommand extends DownloadCommand {
      decCollection.name = await this.encryptService.decryptToUtf8(
        new EncString(response.name),
        orgKey,
+        `orgkey-${options.organizationId}`,
      );
      const groups =
        response.groups == null