[Decrypt script] In case decryption fails for a record, ignore and continue to decrypt

ipa-core/src/cli/crypto.rs

@@ -18,7 +18,7 @@ use crate::{
         U128Conversions,
     },
     hpke::{KeyRegistry, PrivateKeyOnly},
-    report::{EncryptedOprfReport, EventType, OprfReport, DEFAULT_KEY_ID},
+    report::{EncryptedOprfReport, EventType, InvalidReportError, OprfReport, DEFAULT_KEY_ID},
     secret_sharing::IntoShares,
     test_fixture::{ipa::TestRawDataRecord, Reconstruct},
 };
@@ -146,16 +146,15 @@ impl DecryptedReports {
 }
 
 impl Iterator for DecryptedReports {
-    type Item = OprfReport<BA8, BA3, BA20>;
+    type Item = Result<OprfReport<BA8, BA3, BA20>, InvalidReportError>;
 
     fn next(&mut self) -> Option<Self::Item> {
         let mut line = String::new();
         if self.reader.read_line(&mut line).unwrap() > 0 {
             let encrypted_report_bytes = hex::decode(line.trim()).unwrap();
             let enc_report =
                 EncryptedOprfReport::from_bytes(encrypted_report_bytes.as_slice()).unwrap();
-            let dec_report: OprfReport<BA8, BA3, BA20> =
-                enc_report.decrypt(&self.key_registry).unwrap();
+            let dec_report = enc_report.decrypt(&self.key_registry);
             Some(dec_report)
         } else {
             None
@@ -181,60 +180,88 @@ pub async fn decrypt_and_reconstruct(args: DecryptArgs) -> Result<(), BoxError>
             .create_new(true)
             .open(args.output_file)?,
     );
-
-    for (dec_report1, (dec_report2, dec_report3)) in
-        decrypted_reports1.zip(decrypted_reports2.zip(decrypted_reports3))
+    let mut first_error = Ok(());
+    for (idx, (dec_report1, (dec_report2, dec_report3))) in decrypted_reports1
+        .zip(decrypted_reports2.zip(decrypted_reports3))
+        .enumerate()
     {
-        let timestamp = [
-            dec_report1.timestamp,
-            dec_report2.timestamp,
-            dec_report3.timestamp,
-        ]
-        .reconstruct()
-        .as_u128();
-
-        let match_key = [
-            dec_report1.match_key,
-            dec_report2.match_key,
-            dec_report3.match_key,
-        ]
-        .reconstruct()
-        .as_u128();
-
-        // these aren't reconstucted, so we explictly make sure
-        // they are consistent across all three files, then set
-        // it to the first one (without loss of generality)
-        assert_eq!(dec_report1.event_type, dec_report2.event_type);
-        assert_eq!(dec_report2.event_type, dec_report3.event_type);
-        let is_trigger_report = dec_report1.event_type == EventType::Trigger;
-
-        let breakdown_key = [
-            dec_report1.breakdown_key,
-            dec_report2.breakdown_key,
-            dec_report3.breakdown_key,
-        ]
-        .reconstruct()
-        .as_u128();
-
-        let trigger_value = [
-            dec_report1.trigger_value,
-            dec_report2.trigger_value,
-            dec_report3.trigger_value,
-        ]
-        .reconstruct()
-        .as_u128();
-
-        writeln!(
-            writer,
-            "{},{},{},{},{}",
-            timestamp,
-            match_key,
-            u8::from(is_trigger_report),
-            breakdown_key,
-            trigger_value,
-        )?;
+        match (dec_report1, dec_report2, dec_report3) {
+            (Ok(dec_report1), Ok(dec_report2), Ok(dec_report3)) => {
+                let timestamp = [
+                    dec_report1.timestamp,
+                    dec_report2.timestamp,
+                    dec_report3.timestamp,
+                ]
+                .reconstruct()
+                .as_u128();
+
+                let match_key = [
+                    dec_report1.match_key,
+                    dec_report2.match_key,
+                    dec_report3.match_key,
+                ]
+                .reconstruct()
+                .as_u128();
+
+                // these aren't reconstucted, so we explictly make sure
+                // they are consistent across all three files, then set
+                // it to the first one (without loss of generality)
+                assert_eq!(dec_report1.event_type, dec_report2.event_type);
+                assert_eq!(dec_report2.event_type, dec_report3.event_type);
+                let is_trigger_report = dec_report1.event_type == EventType::Trigger;
+
+                let breakdown_key = [
+                    dec_report1.breakdown_key,
+                    dec_report2.breakdown_key,
+                    dec_report3.breakdown_key,
+                ]
+                .reconstruct()
+                .as_u128();
+
+                let trigger_value = [
+                    dec_report1.trigger_value,
+                    dec_report2.trigger_value,
+                    dec_report3.trigger_value,
+                ]
+                .reconstruct()
+                .as_u128();
+
+                writeln!(
+                    writer,
+                    "{},{},{},{},{}",
+                    timestamp,
+                    match_key,
+                    u8::from(is_trigger_report),
+                    breakdown_key,
+                    trigger_value,
+                )?;
+            }
+            // error handling in case decryption failed
+            (Err(e1), _, _) => {
+                writeln!(writer, "Decryption failed Record: {idx} Reason:{e1}",)?;
+                eprintln!("Decryption failed Record: {idx} Reason:{e1}");
+                if first_error.is_ok() {
+                    first_error = Err(e1);
+                }
+            }
+            (Ok(_), Err(e2), _) => {
+                writeln!(writer, "Decryption failed Record: {idx} Reason:{e2}",)?;
+                eprintln!("Decryption failed Record: {idx} Reason:{e2}");
+                if first_error.is_ok() {
+                    first_error = Err(e2);
+                }
+            }
+            (Ok(_), Ok(_), Err(e3)) => {
+                writeln!(writer, "Decryption failed Record: {idx} Reason:{e3}",)?;
+                eprintln!("Decryption failed Record: {idx} Reason:{e3}");
+                if first_error.is_ok() {
+                    first_error = Err(e3);
+                }
+            }
+        }
     }
 
+    first_error.unwrap();
     Ok(())
 }