diff options
Diffstat (limited to 'atuin-client/src')
| -rw-r--r-- | atuin-client/src/record/encryption.rs | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/atuin-client/src/record/encryption.rs b/atuin-client/src/record/encryption.rs index 6760d97b..3074a9c2 100644 --- a/atuin-client/src/record/encryption.rs +++ b/atuin-client/src/record/encryption.rs @@ -72,7 +72,10 @@ impl Encryption for PASETO_V4 { let assertions = Assertions::from(ad).encode(); // build the payload and encrypt the token - let payload = general_purpose::URL_SAFE_NO_PAD.encode(data.0); + let payload = serde_json::to_string(&AtuinPayload { + data: general_purpose::URL_SAFE_NO_PAD.encode(data.0), + }) + .expect("json encoding can't fail"); let nonce = DataKey::<32>::try_new_random().expect("could not source from random"); let nonce = PasetoNonce::<V4, LocalPurpose>::from(&nonce); @@ -104,7 +107,8 @@ impl Encryption for PASETO_V4 { ) .context("could not decrypt entry")?; - let data = general_purpose::URL_SAFE_NO_PAD.decode(payload)?; + let payload: AtuinPayload = serde_json::from_str(&payload)?; + let data = general_purpose::URL_SAFE_NO_PAD.decode(payload.data)?; Ok(DecryptedData(data)) } } @@ -147,6 +151,11 @@ impl PASETO_V4 { } #[derive(Serialize, Deserialize)] +struct AtuinPayload { + data: String, +} + +#[derive(Serialize, Deserialize)] /// Well-known footer claims for decrypting. This is not encrypted but is stored in the record. /// <https://github.com/paseto-standard/paseto-spec/blob/master/docs/02-Implementation-Guide/04-Claims.md#optional-footer-claims> struct AtuinFooter { |