search

wultra / powerauth-crypto

PowerAuth - Open-source solution for authentication, secure data storage and transport security in mobile banking.
https://www.wultra.com/product/wultra-mobile-security-suite/
Apache License 2.0
56 stars 22 forks source link

Catch runtime exceptions in low-level crypto #283

Open petrdvorak opened 5 years ago

petrdvorak commented 5 years ago

In several places in code (for example, when decoding private/public keys from bytes), we currently catch regular exceptions and not the runtime exceptions. These can occur, however, for example in case byte array contains invalid key data.

We should evaluate and catch runtime exceptions and rethrow our own exception type.

However, we are opening the issue based on debugging with our customer. Please consider if this is a good step and feel free to just close the issue in case you find that the current behavior is sufficient

romanstrobl commented 4 years ago

This issue will have to wait for the next release.

romanstrobl commented 3 years ago

This issue will have to wait for the next release.