Add descriptive provisioner JWK decryption error messages

Wrap other errors in decryption process with more helpful messaging.  This should help users troubleshoot misconfiguration more easily.

Fixes #816
This commit is contained in:
Chris Crook 2022-02-04 17:53:58 -05:00
parent 039d2455d9
commit 11637b5793

View file

@ -155,11 +155,11 @@ func (p *Provisioner) SSHToken(certType, keyID string, principals []string) (str
func decryptProvisionerJWK(encryptedKey string, password []byte) (*jose.JSONWebKey, error) { func decryptProvisionerJWK(encryptedKey string, password []byte) (*jose.JSONWebKey, error) {
enc, err := jose.ParseEncrypted(encryptedKey) enc, err := jose.ParseEncrypted(encryptedKey)
if err != nil { if err != nil {
return nil, err return nil, errors.Wrap(err, "error parsing provisioner encrypted key")
} }
data, err := enc.Decrypt(password) data, err := enc.Decrypt(password)
if err != nil { if err != nil {
return nil, err return nil, errors.Wrap(err, "error decrypting provisioner key with provided password")
} }
jwk := new(jose.JSONWebKey) jwk := new(jose.JSONWebKey)
if err := json.Unmarshal(data, jwk); err != nil { if err := json.Unmarshal(data, jwk); err != nil {