fix: Don't modify ciphertext in edit command if plaintext did not change

twpayne · Aug 5, 2024 · d6b20c3 · d6b20c3
1 parent c0a8059
commit d6b20c3
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 4 deletions.
diff --git a/internal/cmd/editcmd.go b/internal/cmd/editcmd.go
@@ -1,6 +1,8 @@
 package cmd
 
 import (
+	"crypto/sha512"
+	"crypto/subtle"
 	"log/slog"
 	"os"
 	"runtime"
@@ -85,8 +87,9 @@ func (c *Config) runEditCmd(cmd *cobra.Command, args []string) error {
 
 	editorArgs := make([]string, 0, len(targetRelPaths))
 	type transparentlyDecryptedFile struct {
-		sourceAbsPath    chezmoi.AbsPath
-		decryptedAbsPath chezmoi.AbsPath
+		sourceAbsPath       chezmoi.AbsPath
+		decryptedAbsPath    chezmoi.AbsPath
+		preEditPlaintextSum [sha512.Size]byte
 	}
 	var transparentlyDecryptedFiles []transparentlyDecryptedFile
 TARGET_REL_PATH:
@@ -117,8 +120,9 @@ TARGET_REL_PATH:
 				return err
 			}
 			transparentlyDecryptedFile := transparentlyDecryptedFile{
-				sourceAbsPath:    c.SourceDirAbsPath.Join(sourceRelPath.RelPath()),
-				decryptedAbsPath: decryptedAbsPath,
+				sourceAbsPath:       c.SourceDirAbsPath.Join(sourceRelPath.RelPath()),
+				decryptedAbsPath:    decryptedAbsPath,
+				preEditPlaintextSum: sha512.Sum512(contents),
 			}
 			transparentlyDecryptedFiles = append(transparentlyDecryptedFiles, transparentlyDecryptedFile)
 			editorArgs = append(editorArgs, decryptedAbsPath.String())
@@ -165,6 +169,13 @@ TARGET_REL_PATH:
 
 	postEditFunc := func() error {
 		for _, transparentlyDecryptedFile := range transparentlyDecryptedFiles {
+			postEditPlaintext, err := c.baseSystem.ReadFile(transparentlyDecryptedFile.decryptedAbsPath)
+			if err != nil {
+				return err
+			}
+			if postEditPlaintextSum := sha512.Sum512(postEditPlaintext); subtle.ConstantTimeCompare(transparentlyDecryptedFile.preEditPlaintextSum[:], postEditPlaintextSum[:]) != 0 {
+				return nil
+			}
 			contents, err := c.encryption.EncryptFile(transparentlyDecryptedFile.decryptedAbsPath)
 			if err != nil {
 				return err

diff --git a/internal/cmd/testdata/scripts/issue3887.txtar b/internal/cmd/testdata/scripts/issue3887.txtar
@@ -0,0 +1,19 @@
+mkageconfig
+mkgitconfig
+prependline ${CHEZMOICONFIGDIR}/chezmoi.toml 'edit.command = "/bin/true"'
+
+# add an initial encrypted file
+exec chezmoi init
+exec chezmoi add --encrypt ${HOME}${/}.encrypted
+exec chezmoi git add .
+exec chezmoi git commit -- -m 'initial commit' .
+
+# test that chezmoi edit on an encrypted file with no changes does not change the ciphertext
+exec chezmoi edit ${HOME}${/}.encrypted
+exec chezmoi diff
+! stdout .
+exec chezmoi git diff
+! stdout .
+
+-- home/user/.encrypted --
+plaintext