check value length and card type before decrypt

hazcod · Jul 17, 2022 · f4c575a · f4c575a
1 parent 1239cb1
commit f4c575a
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 3 deletions.
diff --git a/cmd/enpasscli/main.go b/cmd/enpasscli/main.go
@@ -122,7 +122,7 @@ func listEntries(logger *logrus.Logger, vault *enpass.Vault, args *Args) {
 		logger.Printf(
 			"> title: %s"+
 				"  login: %s"+
-				"  cat. : %s",
+				"  cat.: %s",
 			card.Title,
 			card.Subtitle,
 			card.Category,
@@ -151,11 +151,12 @@ func showEntries(logger *logrus.Logger, vault *enpass.Vault, args *Args) {
 		logger.Printf(
 			"> title: %s"+
 				"  login: %s"+
-				"  cat. : %s"+
-				"  pass : %s",
+				"  cat.: %s"+
+				"  %s: %s",
 			card.Title,
 			card.Subtitle,
 			card.Category,
+			card.Type,
 			decrypted,
 		)
 	}

diff --git a/pkg/enpass/card.go b/pkg/enpass/card.go
@@ -90,6 +90,16 @@ func (c *Card) IsDeleted() bool {
 }
 
 func (c *Card) Decrypt() (string, error) {
+	// Intercept item fields without value
+	if len(c.value) == 0 {
+		return "", nil
+	}
+
+	// Intercept non-password item fields, their value isn't encrypted
+	if c.Type != "password" {
+		return c.value, nil
+	}
+
 	// The key object is saved in binary from and actually consists of the
 	// AES key (32 bytes) and a nonce (12 bytes) for GCM
 	key := c.itemKey[:32]