microsoft · TylerLeonhardt · Nov 4, 2022 · Nov 4, 2022
diff --git a/src/vs/platform/encryption/node/encryptionMainService.ts b/src/vs/platform/encryption/node/encryptionMainService.ts
@@ -4,6 +4,7 @@
  *--------------------------------------------------------------------------------------------*/
 
 import { ICommonEncryptionService } from 'vs/platform/encryption/common/encryptionService';
+import { ILogService } from 'vs/platform/log/common/log';
 
 export interface Encryption {
 	encrypt(salt: string, value: string): Promise<string>;
@@ -12,28 +13,42 @@ export interface Encryption {
 export class EncryptionMainService implements ICommonEncryptionService {
 	declare readonly _serviceBrand: undefined;
 	constructor(
-		private machineId: string) {
-
-	}
+		private machineId: string,
+		@ILogService private readonly logService: ILogService
+	) { }
 
 	private encryption(): Promise<Encryption> {
 		return new Promise((resolve, reject) => require(['vscode-encrypt'], resolve, reject));
 	}
 
 	async encrypt(value: string): Promise<string> {
+		let encryption: Encryption;
+		try {
+			encryption = await this.encryption();
+		} catch (e) {
+			return value;
+		}
+
 		try {
-			const encryption = await this.encryption();
 			return encryption.encrypt(this.machineId, value);
 		} catch (e) {
+			this.logService.error(e);
 			return value;
 		}
 	}
 
 	async decrypt(value: string): Promise<string> {
+		let encryption: Encryption;
+		try {
+			encryption = await this.encryption();
+		} catch (e) {
+			return value;
+		}
+
 		try {
-			const encryption = await this.encryption();
 			return encryption.decrypt(this.machineId, value);
 		} catch (e) {
+			this.logService.error(e);
 			return value;
 		}
 	}

diff --git a/src/vs/workbench/api/browser/mainThreadSecretState.ts b/src/vs/workbench/api/browser/mainThreadSecretState.ts
@@ -36,19 +36,21 @@ export class MainThreadSecretState extends Disposable implements MainThreadSecre
 	}
 
 	async $getPassword(extensionId: string, key: string): Promise<string | undefined> {
-		this.logService.trace(`Getting password for ${extensionId} extension:`, key);
+		this.logService.trace(`MainThreadSecretState#getPassword: Getting password for ${extensionId} extension: `, key);
 		const fullKey = await this.getFullKey(extensionId);
 		const password = await this.credentialsService.getPassword(fullKey, key);
 		if (!password) {
-			this.logService.trace('No password found for:', key);
+			this.logService.trace('MainThreadSecretState#getPassword: No password found for: ', key);
 			return undefined;
 		}
 
 		let decrypted: string | null;
 		try {
+			this.logService.trace('MainThreadSecretState#getPassword: Decrypting password for: ', key);
 			decrypted = await this.encryptionService.decrypt(password);
 		} catch (e) {
 			this.logService.error(e);
+			this.logService.trace('MainThreadSecretState#getPassword: Trying migration for: ', key);
 
 			// If we are on a platform that newly started encrypting secrets before storing them,
 			// then passwords previously stored were stored un-encrypted (NOTE: but still being stored in a secure keyring).
@@ -65,7 +67,7 @@ export class MainThreadSecretState extends Disposable implements MainThreadSecre
 			try {
 				const value = JSON.parse(decrypted);
 				if (value.extensionId === extensionId) {
-					this.logService.trace('Password found for:', key);
+					this.logService.trace('MainThreadSecretState#getPassword: Password found for: ', key);
 					return value.content;
 				}
 			} catch (parseError) {
@@ -82,17 +84,20 @@ export class MainThreadSecretState extends Disposable implements MainThreadSecre
 			}
 		}
 
-		this.logService.trace('No password found for:', key);
+		this.logService.trace('MainThreadSecretState#getPassword: No password found for: ', key);
 		return undefined;
 	}
 
 	async $setPassword(extensionId: string, key: string, value: string): Promise<void> {
+		this.logService.trace(`MainThreadSecretState#setPassword: Setting password for ${extensionId} extension: `, key);
 		const fullKey = await this.getFullKey(extensionId);
 		const toEncrypt = JSON.stringify({
 			extensionId,
 			content: value
 		});
+		this.logService.trace('MainThreadSecretState#setPassword: Encrypting password for: ', key);
 		const encrypted = await this.encryptionService.encrypt(toEncrypt);
+		this.logService.trace('MainThreadSecretState#setPassword: Storing password for: ', key);
 		return await this.credentialsService.setPassword(fullKey, key, encrypted);
 	}