Provide error codes

[Jameskmonger]

It'd be good to throw some error codes, as well as the message. Identifying the wrong decryption key right now is quite difficult because you need to compare the whole string.

[perry-mitchell]

Agreed, though I would prefer to stay very vague when decryption errors occur. For example if something went wrong in the decryption, I would throw the same error if the password was wrong as well as if the HMAC failed.

Having too-specific error messages would provide a vector for easier brute-force attacks. Error messages around these security-conscious areas should be deliberately ambiguous and non-specific.

More on this: When and how would we use these error codes? Are the messages not enough? I'm not sure that we would typically be able to discern any new information from a numeric identifier.

[Jameskmonger]

That's fine, I agree with not giving the actual reason for the decryption failure.

I just think that throwing an object like this would be better:

{
    code: "DCPT",
    message: "Failed to decrypt archive\nError: Encrypted content has been tampered with"
}

That means that users wanting to display this message in their own way can just check if code === DCPT rather than having to compare the whole message at the moment.

[perry-mitchell]

Agreed - this is a sensible approach :)

[perry-mitchell]

Might be best throwing a custom error here, so that (err instanceof Error) is still correct. I don't much like throwing strings, objects etc. over using actual Errors. The code property can be part of the extended class.