Decrypt - Malformed URI should throw an error and abort

[suprafly]

When I encrypt some data, manually change it slightly and then attempt to decrypt that, Cipher breaks on an error:

** (ArgumentError) malformed URI "a%uisdfiuhdsiue889sdjkjk%2BXLAEFsgccTI4S9EApWiWpFpLcF7QPVoNiPiXMZz7g6dtjxi4ctfuAZCEqINevWvzeC4u%2FkbqELA4Zd0Shq9dPjhvP9oO3uGCfKGUIuOk30G1ohDN%2B5q%2BgjJD1c7JmN4klAKT%2B6S1PUWP41cp5M3xJgXcfbuJ5HbZVWvzHed%2FhM8vwGe7V6%2F4IPZGhJpa5Yo%2B8WgITql8%2FNWHLAa2MulQrZxJbuUY8h3ORQKMrE5eniVTLlLb9%2BPsyrolNlhyqkZCCbIc051jFJNmf8HDjebLraDG9ZdH71lqzu7M52aPw5WqdzZTz3kQ6c%2BfnGgjknkAgIAQHdPWBAlOoyt0S%2B6U7TEYHuF%2FsB1pgUPWNAzzlYmS1V%2B%2FZZgKJwihGHO5BR0luM4eayZCs7AgbBvQ%2FJ0jrrJKGEIRjcIr2%2FbY7H9qWn1RZqjqsdLEbkNg6h7y15xO0kSxSKPIuLLLpKVWHjVMIqXwo9nj55n9sskDeYjS2wiGI%2F5VnPGYsvuqPe9QgNuVat95%2F%2FAFQCqCabdemhA0KTcd9kIXMouCesw4mwQevXPfOu3K1aV4NNE2erPhUNSWsaHo4rfs19B%2FqEjDaRVKFCF4o8flOXb%2F5wzNapg8zpWjVhLXfuG4RBT4wV0jo9SOFksPALWiA7X9Q5M0MasmBtuoanMHATMLhMadLdKc7ugbVRseksfUXj2rkpyFgSM%2BA%3D%3D"
     stacktrace:
       (elixir) lib/uri.ex:238: URI.decode_www_form/1
       lib/cipher.ex:36: Cipher.decrypt/1

[suprafly]

This one might be an error of the URI module itself: http://elixir-lang.org/docs/stable/elixir/URI.html#parse/1

Note this function expects a well-formed URI and does not perform any validation. See the examples section below of how URI.parse/1 can be used to parse a wide range of relative URIs.

[suprafly]

You can catch the exception like this, then return a sensible error:

    try do
      Cipher.decrypt(string) do
    rescue
      e in ArgumentError -> {:error, e.message}
    end

[suprafly]

In fact, that try rescue block will catch the other argument error I raised an issue about as well. Just need to return the correct msg.

[rubencaro]

I think I should not output the original error message when an internal procedure fails, such as this case. That is just an escaping/unescaping mechanism that Cipher uses internally. The crypted string is not meant to be an actual URL, so it would be meaningless to see an error message like "Malformed URI" at this stage. I fixed this by differenciating and documenting (hopefully) meaningful errors at the 2 stages of decrypting. So you would get {:error, "Could not decode string 'yourstring'"} or {:error, "Could not decrypt string 'yourstring'"}. See the docs for them:

    Returns `{:error, "Could not decode string 'yourstring'"}` if it failed in
    the first stage of decryption (unescaping and decoding given string). That
    means someone tampered your crypted data, or maybe the crypted string was
    not transferred properly.

    Returns `{:error, "Could not decrypt string 'yourstring'"}` if it failed in
    the last stage, the decryption itself. Usually means your decryption keys are
    not the same that were used to encrypt. But may also be some cases were a 
    tampered or wrongly transferred string can be actually unescaped and decoded
    successfully. They will fail in the decryption stage.

Many thanks!

[rubencaro]

I also added some of that to the README on master.

[rubencaro]

Just released 1.0.2 including this!