-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
improve keys checks for jsthemis in SecureMessage #465
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
would be great to add some regression tests for these cases when we create secure message with empty keys and catch exceptions
We have some tests here: Lines 33 to 40 in bccb755
But unfortunately they don't cover the case when only one of the keys is empty. They also do not check the specific error message, only the error code. The |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍
I wonder whether we should invest more into code coverage analysis over wrappers to catch mistakes like this...
In new SecureMessage API we made a mistake when checking keys for SecureMessage. For
sign
mode we should check private key, forverify
mode we should check public key.This affects only error messages for user, Themis uses correct keys while actual signing/verifying.
After this merge, we should update
jsthemis
and push to npm again as0.11.2
.