search

apple / swift-crypto

Open-source implementation of a substantial portion of the API of Apple CryptoKit suitable for use on Linux platforms.
https://apple.github.io/swift-crypto
Apache License 2.0
1.45k stars 157 forks source link

extras: Add meaningful description to BoringSSL errors #237

Open simonjbeaumont opened 3 months ago

simonjbeaumont commented 3 months ago

Motivation

When an error occurs in a BoringSSL call, we typically embed the packed error code in a CryptoKitError.underlyingCoreCryptoError(error: Int32). This packed error code consists of the library and the reason and BoringSSL has functions for unpacking these and getting descriptive messages for them. I often spend my time in a debugger, manually calling these C functions and then looking things up in header files.

Modifications

In _CryptoExtras (not in Crypto) add a (possibly retroactive) conformance to CustomStringConvertible.

Result

If _CryptoExtras is imported, errors will likely be much more informative. For example,

error: "underlyingCoreCryptoError(error: 50331755)"  // before

error: "lib: bignum routines, reason: INPUT_NOT_REDUCED, code: 50331755"  // after
Lukasa commented 3 months ago

I'm not wild about adding a retroactive conformance: we don't have a unique privilege to add this conformance. Can I suggest instead we add a different overload without a conformance?

simonjbeaumont commented 3 days ago

So, I've had this kicking around on my machine as an executable target, called crypto-errno. Do you think that'd be a better way to have this information provided for development and, if so, worth having in the repo?

Lukasa commented 3 days ago

We could do both.