Use new Secure Message API in RubyThemis #402
Conversation
It's easy to use the new API even if I don't know Ruby, just "attach" the new functions instead of the old ones and use them.
Just like with other language wrappers, improve key validation in Secure Message: perform early checks of private and public key and signal the user if there's anything wrong with them.
|
@shadinua I'd like you to take a look at this since I don't actually know Ruby, I just kept hitting the keyboard until the tests passed. For example, I don't really understand why the 'module methods' have to be defined that way for it to work and why the constants from ThemisImports are not visible when the module seems to be 'imported' and the functions are visible. I'm also concerned about visibility of the new key checking methods, they might have been unintentionally exported for the users. |
| raise ThemisError, "Secure Message: invalid public key" | ||
| end | ||
| if not Themis.private_key(private_key) | ||
| raise ThemisError, "Secure Message: public key used instead of private" |
| @@ -360,24 +410,31 @@ def Ssign(*args) | |||
| deprecate :Ssign, :s_sign, 2018, 6 | |||
|
|
|||
| def s_sign(private_key, message) | |||
| if not valid_key(private_key) | |||
There was a problem hiding this comment.
technically speaking for user both these checks are the same -- wrong / empty / bad key.
There was a problem hiding this comment.
I would rather prefer to merge these checks in one, or use "Secure Message: private key used instead of public" as second error message
There was a problem hiding this comment.
There's a difference between "using an incorrect key" and "using a key incorrectly". If we get to the second check we are sure that the key is at least valid so we should not tell the user that their key is garbled or something.
I guess I'll reuse the same messages as for the encrypt/decrypt mode.
It's easy to use the new API even if I don't know Ruby, just "attach" the new functions instead of the old ones and use them.
Just like with other language wrappers, improve key validation in Secure Message: perform early checks of private and public key and signal the user if there's anything wrong with them.