Decryption doesn't always fail on wrong passwords

[exalted]

https://github.com/tka85/dotenvenc/blob/2d94f47871e9586b90eee252273257d581a5a7a8/src/index.ts#L60-L63

When trying to decrypt with random passwords, I am getting the expected 'Restored no env variables. Either empty input file or wrong password.' error message.

However, when I try to decrypt using asd as the password, decrypting doesn't fail and it returns { '-': '\x01�/�`Y�0Z' } instead (� characters are literally what I get when I console.log the result object to await decrypt({ ... }) call).

Any ideas?

[exalted]

As a workaround, I added a paranoid check on my usage for a variable that I know should exist. However, a more "fail-proof" check within the library would be awesome:

const env = await decrypt({ encryptedFile: `.env.${environment}.enc` });
if (!('SOMEVARTHATWEKNOWEXISTS' in env)) {
    throw new Error('Restored no env variables. Either empty input file or wrong password.');
}

[tka85]

Cannot reproduce.

I tried decrypting the encrypted file used in the tests test/.env.sample.enc and no matter what password I provide interactively or passed via the envv ar $DOTENVENC_PASS, I cannot get the describe behavior.

Can you please provide in detail the steps how you "decrypt using asd as the password"?

[exalted]

I'll see what I can do as soon as possible, but please don't hold your breath :)

[exalted]

Hmm, funny! I am not able to reproduce this anymore, either.

I remember having used an initial password to encrypt that was longer than 32 characters (to later discover that chars from the 33rd onward would get chopped off anyway, I believe).

I tried to see if that had anything to do with this bug report, but I couldn't reproduce it that way either. So, I am okay with closing this one.

@tka85 Thanks for taking the time to look into it! 🙏