You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
It is not very secure by default that people are expected to check if GenerateRandomKey returns nil on an error and I've just made a friend aware of this that he missed checking it.
Describe the solution that you would like.
I would like to change the signate of GenerateRandomKey to (length int) ([]byte, err) to allow proper error checking and forwarding.
Describe alternatives you have considered.
None
Anything else?
I know that the error that could be created here is rare and unrealistic but cryptography that use nil for their secret on an error is pretty bad.
Also maybe this warrants a minor or major bump, not sure how strict the project is here.
The text was updated successfully, but these errors were encountered:
Is there an existing feature request for this?
Is your feature request related to a problem? Please describe.
It is not very secure by default that people are expected to check if GenerateRandomKey returns nil on an error and I've just made a friend aware of this that he missed checking it.
Describe the solution that you would like.
I would like to change the signate of GenerateRandomKey to
(length int) ([]byte, err)to allow proper error checking and forwarding.Describe alternatives you have considered.
None
Anything else?
I know that the error that could be created here is rare and unrealistic but cryptography that use nil for their secret on an error is pretty bad.
Also maybe this warrants a minor or major bump, not sure how strict the project is here.
The text was updated successfully, but these errors were encountered: