Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clarify that the pass key new function can fail. #409

Merged
merged 1 commit into from
Jan 12, 2017
Merged

Clarify that the pass key new function can fail. #409

merged 1 commit into from
Jan 12, 2017

Conversation

iphydf
Copy link
Member

@iphydf iphydf commented Jan 8, 2017
edited
Loading

This change is Reviewable

@iphydf iphydf added this to the v0.1.4 milestone Jan 8, 2017
@iphydf iphydf force-pushed the tes-clarification branch 4 times, most recently from 5824cca to 1cfcda9 Compare January 9, 2017 00:55
@GrayHatter
Copy link

:lgtm:

Reviewed 2 of 2 files at r1.
Review status: all files reviewed at latest revision, all discussions resolved.

Comments from Reviewable

@robinlinden
Copy link
Member

Reviewed 2 of 2 files at r1.
Review status: all files reviewed at latest revision, all discussions resolved.

Comments from Reviewable

@iphydf iphydf modified the milestone: v0.1.4 Jan 10, 2017
@sudden6
Copy link

sudden6 commented Jan 10, 2017

Review status: all files reviewed at latest revision, 2 unresolved discussions, some commit checks failed.

toxencryptsave/toxencryptsave.api.h, line 168 at r1 (raw file):

 * @param ciphertext_len The length of the cipher text array. At least $PASS_ENCRYPTION_EXTRA_LENGTH.
 * @param passphrase The user-provided password. Can be empty or NULL.
 * @param passphrase_len The length of the password. Must be 0 if passphrase is NULL.

Does it really have to be 0? IMO it would be better to ignore it if passphrase is NULL

toxencryptsave/toxencryptsave.api.h, line 204 at r1 (raw file):

   * initialise it, use one of the derive_* functions below.
   *
   * In case of allocation failure, this function returns NULL.

Only on allocation failure? Else it would be better to write In case of failure.

Comments from Reviewable

@iphydf
Copy link
Member Author

iphydf commented Jan 10, 2017

Review status: all files reviewed at latest revision, 2 unresolved discussions, some commit checks failed.

toxencryptsave/toxencryptsave.api.h, line 168 at r1 (raw file):

Previously, sudden6 wrote…

Does it really have to be 0? IMO it would be better to ignore it if passphrase is NULL

Why do you think it would be better? If you pass NULL, but a non-zero length, you indicate that you want the function to read more than 0 bytes from the password, which is invalid. Reading exactly 0 bytes from a NULL pointer is valid.

toxencryptsave/toxencryptsave.api.h, line 204 at r1 (raw file):

Previously, sudden6 wrote…

Only on allocation failure? Else it would be better to write In case of failure.

Allocation failure is the only possible failure here. The only thing this function will ever do (in this version of the API) is call malloc.

Comments from Reviewable

@sudden6
Copy link

sudden6 commented Jan 10, 2017

Review status: all files reviewed at latest revision, 2 unresolved discussions, some commit checks failed.

toxencryptsave/toxencryptsave.api.h, line 168 at r1 (raw file):

Previously, iphydf wrote…

Why do you think it would be better? If you pass NULL, but a non-zero length, you indicate that you want the function to read more than 0 bytes from the password, which is invalid. Reading exactly 0 bytes from a NULL pointer is valid.

If the function throws an error when passphrase == NULL AND passphrase != 0 it's ok for me.

toxencryptsave/toxencryptsave.api.h, line 204 at r1 (raw file):

Previously, iphydf wrote…

Allocation failure is the only possible failure here. The only thing this function will ever do (in this version of the API) is call malloc.

Removing allocation from the sentence also removes the thought "are there any other failure modes I have to care for?" from the API users mind, which is IMO a good thing. But if you don't see this as a problem leave it.

Comments from Reviewable

@iphydf iphydf force-pushed the tes-clarification branch 2 times, most recently from d09e47d to 3e063ed Compare January 10, 2017 22:17
@iphydf
Copy link
Member Author

iphydf commented Jan 10, 2017

Review status: 0 of 2 files reviewed at latest revision, 2 unresolved discussions.

toxencryptsave/toxencryptsave.api.h, line 168 at r1 (raw file):

Previously, sudden6 wrote…

If the function throws an error when passphrase == NULL AND passphrase != 0 it's ok for me.

Actually, this is incorrect. I just checked. The API is inconsistent: it returns an error when passphrase is NULL here. tox_pass_key_derive_with_salt on the other hand accepts it. Amended.

toxencryptsave/toxencryptsave.api.h, line 204 at r1 (raw file):

Previously, sudden6 wrote…

Removing allocation from the sentence also removes the thought "are there any other failure modes I have to care for?" from the API users mind, which is IMO a good thing. But if you don't see this as a problem leave it.

Clarified.

Comments from Reviewable

@robinlinden
Copy link
Member

Reviewed 2 of 2 files at r2.
Review status: all files reviewed at latest revision, 2 unresolved discussions.

Comments from Reviewable

@sudden6
Copy link

sudden6 commented Jan 10, 2017

:lgtm_strong:

Review status: all files reviewed at latest revision, all discussions resolved.

Comments from Reviewable

@sudden6
Copy link

sudden6 commented Jan 11, 2017

Reviewed 2 of 2 files at r2.
Review status: all files reviewed at latest revision, all discussions resolved, some commit checks failed.

Comments from Reviewable

@robinlinden
Copy link
Member

:lgtm_strong:

Review status: all files reviewed at latest revision, all discussions resolved, some commit checks failed.

Comments from Reviewable

@iphydf
Clarify that the pass key new function can fail.
6480765 
Also clarify that passwords can be empty or NULL.
@iphydf iphydf merged commit 6480765 into TokTok:master Jan 12, 2017
@nurupo
Copy link
Member

nurupo commented Jan 13, 2017

:lgtm_strong:

Comments from Reviewable

@nurupo
Copy link
Member

nurupo commented Jan 13, 2017

@iphydf you forgot to reword the commit message, it still says

Also clarify that passwords can be empty or NULL.

@iphydf iphydf deleted the tes-clarification branch January 21, 2018 10:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@sudden6 sudden6

Labels
None yet
Projects
None yet
Milestone
v0.1.4
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@iphydf @GrayHatter @robinlinden @sudden6 @nurupo