From 39ac94c096f7bbb3253c87d97dc6a4af77a309d5 Mon Sep 17 00:00:00 2001
From: Philipp Gesang <philipp.gesang@intra2net.com>
Date: Mon, 10 Apr 2017 17:37:33 +0200
Subject: [PATCH] improve error handling in crypto handler

Since invalid tags are some the most important bits of
information to be passed down, make the corresponding error
message human-readable.
---
 deltatar/crypto.py |   25 +++++++++++++++++++------
 1 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/deltatar/crypto.py b/deltatar/crypto.py
index 6970786..dfdb1d6 100755
--- a/deltatar/crypto.py
+++ b/deltatar/crypto.py
@@ -689,9 +689,9 @@ class Decrypt (Crypto):
                                             % type (tag))
                 data = self.enc.finalize_with_tag (self.tag)
         except cryptography.exceptions.InvalidTag:
-            raise InvalidGCMTag ("done: tag mismatch of object %d: %r "
+            raise InvalidGCMTag ("done: tag mismatch of object %d: %s "
                                   "rejected by finalize ()"
-                                  % (self.cnt, self.tag))
+                                  % (self.cnt, binascii.hexlify (self.tag)))
         self.ctsize += len (data)
         self.stats ["out"] += len (data)
         return data
@@ -770,8 +770,9 @@ def depdtcrypt (pw, ins, outs):
                 try:
                     pt = decr.done ()
                 except InvalidGCMTag as exn:
-                    raise DecryptionError ("error finalizing object (%s): %r"
-                                           % (pt, exn))
+                    raise DecryptionError ("error finalizing object %d (%d B): "
+                                           "%r" % (total_obj, len (pt), exn)) \
+                          from exn
                 out (pt)
                 if PDTCRYPT_VERBOSE is True:
                     noise ("PDT:\tÂ· object validated")
@@ -929,8 +930,18 @@ def parse_argv (argv):
 
 def main (argv):
     pw, ins, outs  = parse_argv (argv)
-    total_read, total_obj, total_ct, total_pt = \
-        depdtcrypt (pw, ins, outs)
+    try:
+        total_read, total_obj, total_ct, total_pt = \
+            depdtcrypt (pw, ins, outs)
+    except DecryptionError as exn:
+        noise ("PDT: Decryption failed:")
+        noise ("PDT:")
+        noise ("PDT:    â%sâ" % exn)
+        noise ("PDT:")
+        noise ("PDT: Did you specify the correct password?")
+        noise ("")
+        return 1
+
     if PDTCRYPT_VERBOSE is True:
         noise ("PDT: decryption successful"                 )
         noise ("PDT:   %.10d bytes read"        % total_read)
@@ -939,6 +950,8 @@ def main (argv):
         noise ("PDT:   %.10d bytes plaintext"   % total_pt  )
         noise (""                                           )
 
+    return 0
+
 
 if __name__ == "__main__":
     sys.exit (main (sys.argv))
-- 
1.7.1