1

In several Python libraries, I have seen validation functions that raise exceptions upon failure, instead of returning a boolean result. Examples include:

  • various verify functions in the Cryptography library
  • the validate_authentication method of pyftpdlib's Authorizer

These functions only serve to test whether or not the input is valid (e.g. a digital signature or a user's password), and they don't produce any data other than the result of the test (unlike, for instance, decrypting a JWT token). From my point of view, it would be more logical to output the test result as a return value.

Is there a security issue with returning a boolean? Is it safer to use exceptions instead? Or is the rationale behind that choice not security-related?

Additionally, how does this rationale apply to cryptographic libraries in other programming languages?

Nathan.Eilisha Shiraini
  • 111
  • 3
  • 1
    There are many conditions that could cause an exception during digital signature verification. For example, the public key provided may not be a valid public key. – mti2935 Dec 14 '20 at 11:38
  • I know, but this question is specifically about raising an exception to indicate that the signature/password/hash does not match the expected value. I.E. using an exception to indicate the actual result of the validation process, in a theoretically perfect (not bugged) application. – Nathan.Eilisha Shiraini Dec 14 '20 at 15:45
  • A non-verified signature (given valid inputs) is different than being unable to verify the signature (because of invalid inputs). That's why signature verification algorithms return false in the first case above, and throw an exception in the second case above. – mti2935 Dec 14 '20 at 16:11
  • an exception provides more room for details than 0/1 – dandavis Dec 14 '20 at 18:00

0 Answers0