2

In several Python libraries, I have seen validation functions that raise exceptions upon failure, instead of returning a boolean result. Examples include:

  • various verify functions in the Cryptography library
  • the validate_authentication method of pyftpdlib's Authorizer

These functions only serve to test whether or not the input is valid (e.g. a digital signature or a user's password), and they don't produce any data other than the result of the test (unlike, for instance, decrypting a JWT token). From my point of view, it would be more logical to output the test result as a return value.

Is there a security issue with returning a boolean? Is it safer to use exceptions instead? Or is the rationale behind that choice not security-related?

Additionally, how does this rationale apply to cryptographic libraries in other programming languages?

Improve this question
4
  • 1
    There are many conditions that could cause an exception during digital signature verification. For example, the public key provided may not be a valid public key. Commented Dec 14, 2020 at 11:38
  • 1
    I know, but this question is specifically about raising an exception to indicate that the signature/password/hash does not match the expected value. I.E. using an exception to indicate the actual result of the validation process, in a theoretically perfect (not bugged) application. Commented Dec 14, 2020 at 15:45
  • A non-verified signature (given valid inputs) is different than being unable to verify the signature (because of invalid inputs). That's why signature verification algorithms return false in the first case above, and throw an exception in the second case above. Commented Dec 14, 2020 at 16:11
  • an exception provides more room for details than 0/1 Commented Dec 14, 2020 at 18:00

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.