From b0528802465f08c0438a03d7f9a35ff285fc6e75 Mon Sep 17 00:00:00 2001
From: Christian Mesh <christianmesh1@gmail.com>
Date: Mon, 11 Mar 2024 09:24:59 -0400
Subject: [PATCH] Encryption should require an explicit fallback (#1364)

Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
---
 internal/encryption/base.go | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/internal/encryption/base.go b/internal/encryption/base.go
index 45c453a254..7c3cafbee5 100644
--- a/internal/encryption/base.go
+++ b/internal/encryption/base.go
@@ -126,9 +126,16 @@ func (s *baseEncryption) decrypt(data []byte, validator func([]byte) error) ([]b
 			// Must have been invalid json payload
 			return nil, fmt.Errorf("unable to determine data structure during decryption: %w", verr)
 		}
+
+		methods, diags := s.buildTargetMethods(make(map[keyprovider.Addr][]byte))
+		if diags.HasErrors() {
+			// This cast to error here is safe as we know that at least one error exists
+			// This is also quite unlikely to happen as the constructor already has checked this code path
+			return nil, diags
+		}
 		// Yep, it's already decrypted
-		for target := s.target; target != nil; target = target.Fallback {
-			if target.Fallback == nil {
+		for _, method := range methods {
+			if method == nil {
 				// fallback allowed
 				return data, nil
 			}