catch ValueError exception in JwtSharedkey.fromHex

2022-04-13 16:09:26 +07:00 · 2022-04-13 16:09:26 +07:00 · ee8ef7f58f
parent f37dde1177
commit ee8ef7f58f
1 changed files with 8 additions and 5 deletions
--- a/nimbus/rpc/jwt_auth.nim
+++ b/nimbus/rpc/jwt_auth.nim
@ -174,11 +174,14 @@ proc fromHex*(key: var JwtSharedkey, src: string): Result[void,JwtError] =
  ## This function is supposed to read and convert data in constant-time
  ## fashion, guarding against side channel attacks.
  # utils.fromHex() does the constant-time job
-  let secret = utils.fromHex(src)
-  if secret.len < jwtMinSecretLen:
-    return err(jwtKeyTooSmall)
-  key = toArray(JwtSharedKeyRaw.len, secret).JwtSharedKey
-  ok()
+  try:
+    let secret = utils.fromHex(src)
+    if secret.len < jwtMinSecretLen:
+      return err(jwtKeyTooSmall)
+    key = toArray(JwtSharedKeyRaw.len, secret).JwtSharedKey
+    ok()
+  except ValueError:
+    err(jwtKeyInvalidHexString)

 proc jwtGenSecret*(rng: ref BrHmacDrbgContext): JwtGenSecret =
  ## Standard shared key random generator. If a fixed key is needed, a