From ee8ef7f58f3b77cf78e7f32752a3cb38692e06e3 Mon Sep 17 00:00:00 2001
From: jangko <jangko128@gmail.com>
Date: Wed, 13 Apr 2022 16:09:26 +0700
Subject: [PATCH] catch ValueError exception in JwtSharedkey.fromHex

---
 nimbus/rpc/jwt_auth.nim | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/nimbus/rpc/jwt_auth.nim b/nimbus/rpc/jwt_auth.nim
index 50e01877c..2cacce14d 100644
--- a/nimbus/rpc/jwt_auth.nim
+++ b/nimbus/rpc/jwt_auth.nim
@@ -174,11 +174,14 @@ proc fromHex*(key: var JwtSharedkey, src: string): Result[void,JwtError] =
   ## This function is supposed to read and convert data in constant-time
   ## fashion, guarding against side channel attacks.
   # utils.fromHex() does the constant-time job
-  let secret = utils.fromHex(src)
-  if secret.len < jwtMinSecretLen:
-    return err(jwtKeyTooSmall)
-  key = toArray(JwtSharedKeyRaw.len, secret).JwtSharedKey
-  ok()
+  try:
+    let secret = utils.fromHex(src)
+    if secret.len < jwtMinSecretLen:
+      return err(jwtKeyTooSmall)
+    key = toArray(JwtSharedKeyRaw.len, secret).JwtSharedKey
+    ok()
+  except ValueError:
+    err(jwtKeyInvalidHexString)
 
 proc jwtGenSecret*(rng: ref BrHmacDrbgContext): JwtGenSecret =
   ## Standard shared key random generator. If a fixed key is needed, a