wincred: add fallback for existing values

As older versions of the credential helper would store creds as raw
bytes, we must expect the value to be a raw byte, not UTF-16LE encoded.

Try decoding the value and check if it round-trips correctly to make
sure we're actually dealing with UTF-16LE encoded creds.

We should also consider setting a custom "encoding" attribute instead
to detect what encoding was used to store the value.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

Author: thaJeztah

wincred/wincred.go

@@ -4,7 +4,9 @@ package wincred
 
 import (
 	"bytes"
+	"encoding/binary"
 	"net/url"
+	"unicode/utf16"
 
 	winc "github.com/danieljoos/wincred"
 	"golang.org/x/text/encoding/unicode"
@@ -64,10 +66,19 @@ func (h Wincred) Get(serverURL string) (string, string, error) {
 
 	for _, attr := range g.Attributes {
 		if attr.Keyword == "label" && bytes.Equal(attr.Value, []byte(credentials.CredsLabel)) {
-			encoder := unicode.UTF16(unicode.LittleEndian, unicode.IgnoreBOM).NewDecoder()
-			creds, _, err := transform.String(encoder, string(g.CredentialBlob))
-			if err != nil {
-				return "", "", err
+			creds := string(g.CredentialBlob)
+
+			// Older versions of the wincred credential-helper stored the password blob
+			// as raw string bytes. Newer versions store it as UTF-16LE.
+			//
+			// The credential blob does not include encoding metadata, so we cannot
+			// reliably distinguish legacy entries from UTF-16LE entries in all cases.
+			// For backward compatibility, keep the legacy raw-byte form by default and
+			// only use the UTF-16LE-decoded form when it round-trips cleanly.
+			//
+			// See https://github.com/docker/docker-credential-helpers/pull/335
+			if p, ok := tryDecodeUTF16LE(g.CredentialBlob); ok {
+				creds = p
 			}
 			return g.UserName, creds, nil
 		}
@@ -159,3 +170,31 @@ func (h Wincred) List() (map[string]string, error) {
 
 	return resp, nil
 }
+
+func tryDecodeUTF16LE(blob []byte) (string, bool) {
+	if len(blob)%2 != 0 {
+		return "", false
+	}
+
+	decoder := unicode.UTF16(unicode.LittleEndian, unicode.IgnoreBOM).NewDecoder()
+	s, _, err := transform.String(decoder, string(blob))
+	if err != nil {
+		return "", false
+	}
+
+	// roundtrip the value to check if it was indeed valid UTF-16LE.
+	if string(encodeUTF16LE(s)) != string(blob) {
+		return "", false
+	}
+
+	return s, true
+}
+
+func encodeUTF16LE(s string) []byte {
+	u16 := utf16.Encode([]rune(s))
+	buf := make([]byte, len(u16)*2)
+	for i, r := range u16 {
+		binary.LittleEndian.PutUint16(buf[i*2:], r)
+	}
+	return buf
+}