Add Better Exception Handling to the C7Decrypt "decrypt" Function
Closed this issue · 2 comments
C7Decrypt is now being used in a service (ThreatAgent) and probably getting some decent usage via user input. As such, I'd like to be a bit smarter about what happens if we're provided invalid or malformed hashes from an end-user.
Here are some conditions that I'm thinking about handling better:
1.) User presents a hash to the decrypt function which contains a non-numeric first character
2.) User presents a hash to the decrypt function which contains lower-case alpha chars
3.) User presents a hash to the decrypt function which contains something other than alpha-numeric characters.
I think that these three cases would throw the following Ruby exceptions respectively:
1.) InvalidFirstCharacter
2.) InvalidLowerCaseLetter
3.) InvalidCharacter
Note: The implementer of the decrypt function would then need to be informed of these custom exceptions (likely via Yard documentation) and would need to implement exception handling if the string being supplied is "unknown" or "user controlled"
Some other thoughts would be to talk to Marcus and get feedback on whether this is something (1) that is reasonable for his current use case and (2) whether it would reasonable to get telemetry data on these exceptions and any other standard exceptions that are thrown by the library to help bolster it's exception handling.
Another case that I thought of:
1.) User presents a hash to the decrypt function which contains a numeric first character that is greater than 15
Would throw: InvalidFirstCharacter
Implemented exception handling, see Yard docs for details.