Return a UserError if aead.Open() fails to align with documentation

[crozzy]

As mentioned in this issue: #10842 the API documentation states that:

500 - Internal server error. An internal error has occurred, try again later. If the error persists, report a bug.
400 - Invalid request, missing or invalid data.

This change means that failures in key decryption at the aead.Open() step will result in a 400 status code being returned as opposed to a 500 as the problem probably originates from incorrect user data entry (there are other possibilites I imagine).

[hashicorp-cla]

All committers have signed the CLA.

[washtubs]

Note the 400 message before was pretty generic : invalid ciphertext: unable to decrypt

Currently the 500 message also tells you what algorithm is used which seems like revealing unnecessary (albeit benign) details. Like if it's a poly1305-chacha20 keyring it will say that in the error message.

[crozzy]

It's an interesting one, traditionally you'd want neither the 500 nor the 400 revealing anything internal but it's also possible to go too far (IMO) at the expense of user experience/debugging. It's also 100% possible that someone changes some code causing aead.Open to always error and instead of 500ing it's masked by a 400.

Probably worth someone working on Vault full-time reviewing it who is aware of those internal decisions.

[victorr]

HI @crozzy, even though issue #10842 was closed, your fix is still relevant. If you want to rebase your PR I'll be happy to review it.

[crozzy]

HI @crozzy, even though issue #10842 was closed, your fix is still relevant. If you want to rebase your PR I'll be happy to review it.

Looks like you changed the go.mod set up and the name of master/main since this PR, was pretty confused there for a second 😆

[victorr]

👍

[victorr]

Thank you for the fix @crozzy, it is very much appreciated.