-
Notifications
You must be signed in to change notification settings - Fork 143
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Improve error reporting in ThemisPP (#385)
* Add Themis status to exceptions Just like for JavaScript, it may be interesting for the user to check the status code. Add the status code field to the exception type. Default status code is "invalid parameter" as that's what most checks performed by ThemisPP are. Do not use actual default arguments to keep the ABI stable. * Secure Message: add empty key checks Just like with JsThemis, Secure Message in ThemisPP has an interface that may be hard to use correctly. Furthermore, it may be 'successfully' misused by providing an empty private or public key and then calling "wrap" or "unwrap" (actually doing "sign" or "verify"). Introduce additional length checks for the keys to ensure that keys are set when they should be set. While we're here, use the new status reporting feature of exceptions to return Themis status codes together with errors. * Secure Cell: add empty key checks Add a similar early check for empty password (aka "master key"). While we're here, update the error messages in exceptions and include status code into them. * Secure Comparator: improved error messages Update the error messages for consistency, add status code information. * Secure Session: add empty key checks Add checks for empty client ID and private key at construction, these will throw exceptions now. Also update the error handling code to include status codes into exceptions and use consistent messages. * Key generation: improved error messages Make the error messages consistent with other facilities. Include the status code into exceptions where possible. * More paranoid checks for empty data buffers It is really important to verify that the vectors are non-empty before taking a pointer to their first element (as in "&data[0]") because that's undefined behavior if the vector is empty. The same is true for vector's iterators (data_t::const_iterator). While it tends to work with current libstdc++ implementations we still should not dereference invalid iterators as that's undefined behavior as well. * Improve iterator range validation A likely error with iterators is accidentally misplacing begin and end iterators in a pair. If we do a check like this then (end, begin) pair will be considered valid. We should check that the "end" iterator comes after the "begin" one instead (and that there's at least one element between them). This does not protect from all possible errors (e.g., using iterators from two distinct containers), but it should be good enough for now.
- Loading branch information
Showing
9 changed files
with
365 additions
and
93 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.