search

terl / lazysodium-java

A Java implementation of the Libsodium crypto library. For the lazy dev.
https://github.com/terl/lazysodium-java/wiki
Mozilla Public License 2.0
134 stars 46 forks source link

Throw exception on AEAD decryption failure #90

Closed gnarula closed 3 years ago

gnarula commented 3 years ago

~Adds AEADAuthenticationException which is thrown if any AEAD decryption fails.~

Throws javax.crypto.AEADBadTagException in case of AEAD decryption failure.

This is a backwards incompatible change to the API and might require a major version bump.

Fixes #89

gurpreet- commented 3 years ago

Thanks so much for the PR!

The only problem I have with it is addition of a new package 😕 I see you also added a custom exception at one point, may I ask why you used javax.crypto.AEADBadTagException rather than AEADAuthenticationException? 🙂

gnarula commented 3 years ago

The only problem I have with it is addition of a new package 😕 I see you also added a custom exception at one point, may I ask why you used javax.crypto.AEADBadTagException rather than AEADAuthenticationException? 🙂

I thought it's better to use an existing Exception in the Java Cryptography Extension API which denotes the same cause.

I reckon javax.crypto.AEADBadTagException is available in JDK >= 1.7 and Android API >= 19 so there aren't any external dependencies being added. Does the project support JDK/Android targets below this? I'd be happy to change it however you see fit.

gurpreet- commented 3 years ago

OK you have convinced me. It's better to reuse than reinvent the wheel. Let's keep it using javax.crypto.AEADBadTagException 👍

gurpreet- commented 3 years ago

Hey I'll merge but then pickup the changes myself 👍