Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto.encrypt_message should not catch errors and rerturn None #697

Open
brassy-endomorph opened this issue Oct 17, 2024 · 0 comments
Open

Comments

@brassy-endomorph
Copy link
Collaborator

Is your feature request related to a problem? Please describe.

This function catches all errors and returns None:

hushline/hushline/crypto.py

Lines 107 to 121 in 71140c3

def encrypt_message(message: str, user_pgp_key: str) -> str | None:
current_app.logger.info("Encrypting message for user with provided PGP key")
try:
# Load the user's PGP certificate (public key) from the key data
recipient_cert = Cert.from_bytes(user_pgp_key.encode())
# Encode the message string to bytes
message_bytes = message.encode("utf-8")
# Assuming there is no signer (i.e., unsigned encryption).
# Adjust the call to encrypt by passing the encoded message
return encrypt([recipient_cert], message_bytes) # Use message_bytes
except Exception as e:
current_app.logger.error(f"Error during encryption: {e}")
return None

And is only ever used here:

hushline/hushline/routes.py

Lines 220 to 230 in 71140c3

elif uname.user.pgp_key:
try:
encrypted_content = encrypt_message(full_content, uname.user.pgp_key)
if not encrypted_content:
flash("⛔️ Failed to encrypt message.", "error")
return redirect(url_for("profile", username=username))
content_to_save = encrypted_content
except Exception as e:
app.logger.error("Encryption failed: %s", str(e), exc_info=True)
flash("⛔️ Failed to encrypt message.", "error")
return redirect(url_for("profile", username=username))

Describe the solution you'd like

We are catching the same errors in two places. There is never a time we'd want to try encrypting and get a None back. This function should just raise an exception.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: BL-P4 - DevOps & Code Tidiness
Development

No branches or pull requests

1 participant