refactor: improve error handling for encryption and decryption in EncryptedHandler

genu · genu · commit fa5c0658b4fe · 2024-12-29T07:55:45.000-03:00
diff --git a/packages/runtime/src/enhancements/node/encrypted.ts b/packages/runtime/src/enhancements/node/encrypted.ts
@@ -144,7 +144,11 @@ class EncryptedHandler extends DefaultPrismaProxyHandler {
                 // Don't decrypt null, undefined or empty string values
                 if (!entityData[field]) continue;
 
-                entityData[field] = await this.decrypt(fieldInfo, entityData[field]);
+                try {
+                    entityData[field] = await this.decrypt(fieldInfo, entityData[field]);
+                } catch (error) {
+                    console.warn('Decryption failed, keeping original value:', error);
+                }
             }
         }
     }
@@ -157,7 +161,11 @@ class EncryptedHandler extends DefaultPrismaProxyHandler {
 
                 const encAttr = field.attributes?.find((attr) => attr.name === '@encrypted');
                 if (encAttr && field.type === 'String') {
-                    context.parent[field.name] = await this.encrypt(field, data);
+                    try {
+                        context.parent[field.name] = await this.encrypt(field, data);
+                    } catch (error) {
+                        throw new Error(`Encryption failed for field ${field.name}: ${error}`);
+                    }
                 }
             },
         });
diff --git a/tests/integration/tests/enhancements/with-encrypted/with-encrypted.test.ts b/tests/integration/tests/enhancements/with-encrypted/with-encrypted.test.ts
@@ -23,9 +23,11 @@ describe('Encrypted test', () => {
     }`);
 
         const sudoDb = enhance(undefined, { kinds: [] });
+        const encryptionKey = new Uint8Array(Buffer.from('AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=', 'base64'));
+
         const db = enhance(undefined, {
             kinds: ['encrypted'],
-            encryption: { encryptionKey: 'c558Gq0YQK2QcqtkMF9BGXHCQn4dMF8w' },
+            encryption: { encryptionKey },
         });
 
         const create = await db.user.create({

Original file line number	Diff line number	Diff line change
`@@ -144,7 +144,11 @@ class EncryptedHandler extends DefaultPrismaProxyHandler {`
`144`	`144`	`// Don't decrypt null, undefined or empty string values`
`145`	`145`	`if (!entityData[field]) continue;`
`146`	`146`
`147`		`- entityData[field] = await this.decrypt(fieldInfo, entityData[field]);`
	`147`	`+ try {`
	`148`	`+ entityData[field] = await this.decrypt(fieldInfo, entityData[field]);`
	`149`	`+ } catch (error) {`
	`150`	`+ console.warn('Decryption failed, keeping original value:', error);`
	`151`	`+ }`
`148`	`152`	`}`
`149`	`153`	`}`
`150`	`154`	`}`
`@@ -157,7 +161,11 @@ class EncryptedHandler extends DefaultPrismaProxyHandler {`
`157`	`161`
`158`	`162`	`const encAttr = field.attributes?.find((attr) => attr.name === '@encrypted');`
`159`	`163`	`if (encAttr && field.type === 'String') {`
`160`		`- context.parent[field.name] = await this.encrypt(field, data);`
	`164`	`+ try {`
	`165`	`+ context.parent[field.name] = await this.encrypt(field, data);`
	`166`	`+ } catch (error) {`
	`167`	+ throw new Error(`Encryption failed for field ${field.name}: ${error}`);
	`168`	`+ }`
`161`	`169`	`}`
`162`	`170`	`},`
`163`	`171`	`});`