fix: encode ciphertext using BASE64_STANDARD_NO_PAD

2025-12-04 14:59:33 +01:00 · 2025-02-09 10:38:16 +01:00
parent 1b0e4180a0
commit a8eaf3be50
3 changed files with 12 additions and 6 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -44,7 +44,7 @@ dependencies = [

 [[package]]
 name = "age-plugin-xwing"
-version = "0.1.1"
+version = "0.2.0"
 dependencies = [
 "age-core",
 "age-plugin",
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "age-plugin-xwing"
 description = "X-Wing plugin for age clients"
-version = "0.1.1"
+version = "0.2.0"
 edition = "2021"
 license = "MIT"
 repository = "https://github.com/Rixxc/age-plugin-xwing"
--- a/src/main.rs
+++ b/src/main.rs
@@ -56,7 +56,7 @@ impl RecipientPlugin {
                let wrapped_key = aead_encrypt(&ss, file_key.expose_secret());
                Stanza {
                    tag: PLUGIN_NAME.to_string(),
-                    args: vec![BASE64_STANDARD.encode(ct.as_bytes())],
+                    args: vec![BASE64_STANDARD_NO_PAD.encode(ct.as_bytes())],
                    body: wrapped_key,
                }
            })
@@ -166,9 +166,15 @@ impl IdentityPlugin {
                }
            };

-            let ct = match BASE64_STANDARD.decode(arg) {
-                Ok(ct) => ct,
-                Err(_) => {
+            // age-plugin-xwing up to version 0.1.1 encoded its ciphertext using BASE64_STANDARD.
+            // We still want to be able to support decrypting those.
+            let ct = match (
+                BASE64_STANDARD_NO_PAD.decode(arg),
+                BASE64_STANDARD.decode(arg),
+            ) {
+                (Ok(ct), _) => ct,
+                (_, Ok(ct)) => ct,
+                _ => {
                    errors.push(identity::Error::Stanza {
                        file_index,
                        stanza_index,