added InvalidPasswordError code when password is invalid

lbry/lbry/error/Makefile

@@ -1,2 +1,5 @@
 generate:
-	python generate.py > __init__.py
+	python generate.py generate > __init__.py
+
+analyze:
+	python generate.py analyze

lbry/lbry/error/README.md

@@ -53,6 +53,7 @@ Code | Name | Message
 408 | Resolve | Failed to resolve '{url}'.
 409 | ResolveTimeout | Failed to resolve '{url}' within the timeout.
 410 | KeyFeeAboveMaxAllowed | {message}
+411 | InvalidPassword | Password is invalid.
 **5xx** | Blob | **Blobs**
 500 | BlobNotFound | Blob not found.
 501 | BlobPermissionDenied | Permission denied to read blob.

lbry/lbry/error/__init__.py

@@ -197,6 +197,12 @@ class KeyFeeAboveMaxAllowedError(WalletError):
         super().__init__(f"{message}")
 
 
+class InvalidPasswordError(WalletError):
+
+    def __init__(self):
+        super().__init__("Password is invalid.")
+
+
 class BlobError(BaseError):
     """
     **Blobs**

lbry/lbry/error/generate.py

@@ -1,4 +1,7 @@
 import re
+import sys
+import argparse
+from pathlib import Path
 from textwrap import fill, indent
 
 
@@ -75,8 +78,9 @@ class ErrorClass:
             ))
 
 
-def error_rows(lines):
+def get_errors():
-    lines = iter(lines)
+    with open('README.md', 'r') as readme:
+        lines = iter(readme.readlines())
         for line in lines:
             if line.startswith('## Exceptions Table'):
                 break
@@ -86,7 +90,7 @@ def error_rows(lines):
         for line in lines:
             if not line:
                 break
-        yield line
+            yield ErrorClass(*[c.strip() for c in line.split('|')])
 
 
 def find_parent(stack, child):
@@ -96,19 +100,50 @@ def find_parent(stack, child):
             return parent
 
 
-def main(out):
+def generate(out):
-    with open('README.md', 'r') as readme:
-        lines = readme.readlines()
     out.write('from .base import BaseError\n')
     stack = {}
-        for row in error_rows(lines):
+    for error in get_errors():
-            error = ErrorClass(*[c.strip() for c in row.split('|')])
         error.render(out, find_parent(stack, error))
         if not error.is_leaf:
             assert error.code not in stack, f"Duplicate code: {error.code}"
             stack[error.code] = error
 
 
+def analyze():
+    errors = {e.class_name: [] for e in get_errors() if e.is_leaf}
+    here = Path(__file__).absolute().parents[0]
+    module = here.parent
+    for file_path in module.glob('**/*.py'):
+        if here in file_path.parents:
+            continue
+        with open(file_path) as src_file:
+            src = src_file.read()
+            for error in errors.keys():
+                found = src.count(error)
+                if found > 0:
+                    errors[error].append((file_path, found))
+
+    print('Unused Errors:\n')
+    for error, used in errors.items():
+        if used:
+            print(f' - {error}')
+            for use in used:
+                print(f'   {use[0].relative_to(module.parent)} {use[1]}')
+            print('')
+
+    print('')
+    print('Unused Errors:')
+    for error, used in errors.items():
+        if not used:
+            print(f' - {error}')
+
+
 if __name__ == "__main__":
-    import sys
+    parser = argparse.ArgumentParser()
-    main(sys.stdout)
+    parser.add_argument("action", choices=['generate', 'analyze'])
+    args = parser.parse_args()
+    if args.action == "analyze":
+        analyze()
+    elif args.action == "generate":
+        generate(sys.stdout)

lbry/tests/integration/test_wallet_commands.py

@@ -4,6 +4,7 @@ import json
 from torba.client.wallet import ENCRYPT_ON_DISK
 from lbry.testcase import CommandTestCase
 from lbry.wallet.dewies import dict_values_to_lbc
+from lbry.error import InvalidPasswordError
 
 
 class WalletCommands(CommandTestCase):
@@ -303,7 +304,7 @@ class WalletEncryptionAndSynchronization(CommandTestCase):
         # sync_apply doesn't save password if encrypt-on-disk is False
         self.assertEqual(wallet2.encryption_password, None)
         # need to use new password2 in sync_apply
-        with self.assertRaises(ValueError):  # wrong password
+        with self.assertRaises(InvalidPasswordError):
             await daemon.jsonrpc_sync_apply('password', data=data['data'], blocking=True)
         await daemon.jsonrpc_sync_apply('password2', data=data['data'], blocking=True)
         # sync_apply with new password2 also sets it as new local password

torba/tests/client_tests/unit/test_hash.py

@@ -1,5 +1,6 @@
 from unittest import TestCase, mock
 from torba.client.hash import aes_decrypt, aes_encrypt, better_aes_decrypt, better_aes_encrypt
+from torba.client.errors import InvalidPasswordError
 
 
 class TestAESEncryptDecrypt(TestCase):
@@ -34,9 +35,20 @@ class TestAESEncryptDecrypt(TestCase):
             self.message
         )
 
+    def test_decrypt_error(self):
+        with self.assertRaises(InvalidPasswordError):
+            aes_decrypt('notbubblegum', aes_encrypt('bubblegum', self.message))
+
     def test_better_encrypt_decrypt(self):
         self.assertEqual(
             b'valuable value',
             better_aes_decrypt(
                 'super secret',
                 better_aes_encrypt('super secret', b'valuable value')))
+
+    def test_better_decrypt_error(self):
+        with self.assertRaises(InvalidPasswordError):
+            better_aes_decrypt(
+                'super secret but wrong',
+                better_aes_encrypt('super secret', b'valuable value')
+            )

torba/torba/client/errors.py

@@ -1,2 +1,8 @@
+class InvalidPasswordError(Exception):
+
+    def __init__(self):
+        super().__init__("Password is invalid.")
+
+
 class InsufficientFundsError(Exception):
     pass

torba/torba/client/hash.py

@@ -22,6 +22,7 @@ from cryptography.hazmat.backends import default_backend
 
 from torba.client.util import bytes_to_int, int_to_bytes
 from torba.client.constants import NULL_HASH32
+from torba.client.errors import InvalidPasswordError
 
 
 class TXRef:
@@ -136,6 +137,7 @@ def aes_encrypt(secret: str, value: str, init_vector: bytes = None) -> str:
 
 
 def aes_decrypt(secret: str, value: str) -> typing.Tuple[str, bytes]:
+    try:
         data = base64.b64decode(value.encode())
         key = double_sha256(secret.encode())
         init_vector, data = data[:16], data[16:]
@@ -143,6 +145,10 @@ def aes_decrypt(secret: str, value: str) -> typing.Tuple[str, bytes]:
         unpadder = PKCS7(AES.block_size).unpadder()
         result = unpadder.update(decryptor.update(data)) + unpadder.finalize()
         return result.decode(), init_vector
+    except ValueError as e:
+        if e.args[0] == 'Invalid padding bytes.':
+            raise InvalidPasswordError()
+        raise
 
 
 def better_aes_encrypt(secret: str, value: bytes) -> bytes:
@@ -156,6 +162,7 @@ def better_aes_encrypt(secret: str, value: bytes) -> bytes:
 
 
 def better_aes_decrypt(secret: str, value: bytes) -> bytes:
+    try:
         data = base64.b64decode(value)
         _, scryp_n, scrypt_r, scrypt_p, data = data.split(b':', maxsplit=4)
         init_vector, data = data[:16], data[16:]
@@ -163,6 +170,10 @@ def better_aes_decrypt(secret: str, value: bytes) -> bytes:
         decryptor = Cipher(AES(key), modes.CBC(init_vector), default_backend()).decryptor()
         unpadder = PKCS7(AES.block_size).unpadder()
         return unpadder.update(decryptor.update(data)) + unpadder.finalize()
+    except ValueError as e:
+        if e.args[0] == 'Invalid padding bytes.':
+            raise InvalidPasswordError()
+        raise
 
 
 def scrypt(passphrase, salt, scrypt_n=1<<13, scrypt_r=16, scrypt_p=1):