Discussion: Validation of user input #45
Comments
|
Perhaps it's best to decide that on a case-by-case basis. Off hand I am tempted to say that it would be best to keep the current model. For cases where the error message emitted by I am not opposed to basic checks as you suggested, but ultimately even those may mean a maintenance burden in the long term. E.g., if (hypothetically) we were to validate the slot count and a new hardware model would provide more slots. |
|
Does that sound reasonable? Should we compile a list of commands that accept user input that has restrictions on it and see whether the error codes are detailed enough and, if not, engage with the Nitrokey team? |
|
Yes, we can try to fix that upstream. I’ll start a wiki page for the evaluation. |
|
→ libnitrokey error handling wiki page |
Most of the user input provided via arguments or options is subject to restrictions. These restrictions can be fixed (e. g. a hexadecimal string must always have an even number of hex digits) or variable (e. g. the current Nitrokey Pro has 3 HOTP slots, but the next version might have 5). To which degree should we validate such input in nitrocli (that is also validated by libnitrokey or the firmware)?
Advantages of validation in nitrocli are better error messages and failing early. Disadvantages are that we might be less compatible or might make wrong assumptions.
Currently we perform no validation. My suggestion would be to perform basic validation on fixed restrictions (hex string), but no validation for variable restrictions (slot count) unless libnitrokey gives us the required information (e. g. a
TOTP_SLOT_COUNTconstant).Examples for the current error messages:
Invalid hex string:
Invalid slot:
The text was updated successfully, but these errors were encountered: