diff --git a/packages/backend-core/src/security/encryption.ts b/packages/backend-core/src/security/encryption.ts index 0147b45c6c..7a8cfaf04a 100644 --- a/packages/backend-core/src/security/encryption.ts +++ b/packages/backend-core/src/security/encryption.ts @@ -120,12 +120,34 @@ export async function decryptFile( const stretched = stretchString(secret, salt) const decipher = crypto.createDecipheriv(ALGO, stretched, iv) - inputFile.pipe(decipher).pipe(zlib.createGunzip()).pipe(outputFile) + const unzip = zlib.createGunzip() - return new Promise(r => { + inputFile.pipe(decipher).pipe(unzip).pipe(outputFile) + + return new Promise((res, rej) => { outputFile.on("finish", () => { outputFile.close() - r() + res() + }) + + inputFile.on("error", e => { + outputFile.close() + rej(e) + }) + + decipher.on("error", e => { + outputFile.close() + rej(e) + }) + + unzip.on("error", e => { + outputFile.close() + rej(e) + }) + + outputFile.on("error", e => { + outputFile.close() + rej(e) }) }) } diff --git a/packages/server/src/sdk/app/backups/imports.ts b/packages/server/src/sdk/app/backups/imports.ts index 08b003a55b..619f888329 100644 --- a/packages/server/src/sdk/app/backups/imports.ts +++ b/packages/server/src/sdk/app/backups/imports.ts @@ -124,12 +124,19 @@ export function untarFile(file: { path: string }) { return tmpPath } -async function decryptFiles(path: string) { - for (let file of fs.readdirSync(path)) { - const inputPath = join(path, file) - const outputPath = inputPath.replace(/\.enc$/, "") - await encryption.decryptFile(inputPath, outputPath, "password") - fs.rmSync(inputPath) +async function decryptFiles(path: string, password: string) { + try { + for (let file of fs.readdirSync(path)) { + const inputPath = join(path, file) + const outputPath = inputPath.replace(/\.enc$/, "") + await encryption.decryptFile(inputPath, outputPath, password) + fs.rmSync(inputPath) + } + } catch (err: any) { + if (err.message === "incorrect header check") { + throw new Error("File cannot be imported") + } + throw err } } @@ -154,7 +161,7 @@ export async function importApp( if (template.file && (isTar || isDirectory)) { const tmpPath = isTar ? untarFile(template.file) : template.file.path if (isTar && template.file.password) { - await decryptFiles(tmpPath) + await decryptFiles(tmpPath, template.file.password) } const contents = fs.readdirSync(tmpPath) // have to handle object import