add lint

k-wasniowski · k-wasniowski · commit 9dd1ec206fc1 · 2026-03-16T13:52:37.000+01:00
diff --git a/include/sframe/result.h b/include/sframe/result.h
@@ -48,6 +48,11 @@ class SFrameError
   const char* message_ = nullptr;
 };
 
+#ifdef __cpp_exceptions
+void
+throw_sframe_error(const SFrameError& error);
+#endif
+
 template<typename T>
 class Result
 {
@@ -92,6 +97,17 @@ class Result
 
   bool is_err() const { return std::holds_alternative<SFrameError>(data_); }
 
+#ifdef __cpp_exceptions
+  T unwrap()
+  {
+    if (std::holds_alternative<SFrameError>(data_)) {
+      throw_sframe_error(std::get<SFrameError>(data_));
+    }
+
+    return std::move(std::get<T>(data_));
+  }
+#endif
+
 private:
   std::variant<T, SFrameError> data_;
 };
@@ -131,6 +147,15 @@ class Result<void>
 
   bool is_err() const { return error_.has_value(); }
 
+#ifdef __cpp_exceptions
+  void unwrap()
+  {
+    if (error_.has_value()) {
+      throw_sframe_error(error_.value());
+    }
+  }
+#endif
+
 private:
   std::optional<SFrameError> error_;
 };
diff --git a/include/sframe/sframe.h b/include/sframe/sframe.h
@@ -8,6 +8,10 @@
 #include <sframe/result.h>
 #include <sframe/vector.h>
 
+#ifdef __cpp_exceptions
+#include <stdexcept>
+#endif
+
 #include <namespace.h>
 
 // These constants define the size of certain internal data structures if
@@ -28,6 +32,41 @@
 
 namespace SFRAME_NAMESPACE {
 
+#ifdef __cpp_exceptions
+struct crypto_error : std::runtime_error
+{
+  crypto_error();
+};
+
+struct unsupported_ciphersuite_error : std::runtime_error
+{
+  unsupported_ciphersuite_error();
+};
+
+struct authentication_error : std::runtime_error
+{
+  authentication_error();
+};
+
+struct buffer_too_small_error : std::runtime_error
+{
+  using parent = std::runtime_error;
+  using parent::parent;
+};
+
+struct invalid_parameter_error : std::runtime_error
+{
+  using parent = std::runtime_error;
+  using parent::parent;
+};
+
+struct invalid_key_usage_error : std::runtime_error
+{
+  using parent = std::runtime_error;
+  using parent::parent;
+};
+#endif
+
 enum class CipherSuite : uint16_t
 {
   AES_128_CTR_HMAC_SHA256_80 = 1,
@@ -140,16 +179,17 @@ class MLSContext : protected Context
                                  input_bytes metadata);
 
 private:
+  // NOLINTBEGIN(clang-analyzer-core.uninitialized.Assign)
   struct EpochKeys
   {
     static constexpr size_t max_secret_size = 64;
 
-    EpochID full_epoch = 0;
+    EpochID full_epoch;
     owned_bytes<max_secret_size> sframe_epoch_secret;
-    size_t sender_bits = 0;
-    size_t context_bits = 0;
-    uint64_t max_sender_id = 0;
-    uint64_t max_context_id = 0;
+    size_t sender_bits;
+    size_t context_bits;
+    uint64_t max_sender_id;
+    uint64_t max_context_id;
 
     EpochKeys() = default;
     static Result<EpochKeys> create(EpochID full_epoch_in,
@@ -159,6 +199,7 @@ class MLSContext : protected Context
     Result<owned_bytes<max_secret_size>> base_key(CipherSuite suite,
                                                   SenderID sender_id) const;
   };
+  // NOLINTEND(clang-analyzer-core.uninitialized.Assign)
 
   void purge_epoch(EpochID epoch_id);
 
diff --git a/src/crypto_boringssl.cpp b/src/crypto_boringssl.cpp
@@ -17,6 +17,11 @@ namespace SFRAME_NAMESPACE {
 /// Convert between native identifiers / errors and OpenSSL ones
 ///
 
+crypto_error::crypto_error()
+  : std::runtime_error(ERR_error_string(ERR_get_error(), nullptr))
+{
+}
+
 static Result<const EVP_MD*>
 openssl_digest_type(CipherSuite suite)
 {
diff --git a/src/crypto_openssl11.cpp b/src/crypto_openssl11.cpp
@@ -23,6 +23,11 @@ using scoped_hmac_ctx = std::unique_ptr<HMAC_CTX, decltype(&HMAC_CTX_free)>;
 /// Convert between native identifiers / errors and OpenSSL ones
 ///
 
+crypto_error::crypto_error()
+  : std::runtime_error(ERR_error_string(ERR_get_error(), nullptr))
+{
+}
+
 static Result<const EVP_MD*>
 openssl_digest_type(CipherSuite suite)
 {
diff --git a/src/crypto_openssl3.cpp b/src/crypto_openssl3.cpp
@@ -17,6 +17,11 @@ namespace SFRAME_NAMESPACE {
 /// Convert between native identifiers / errors and OpenSSL ones
 ///
 
+crypto_error::crypto_error()
+  : std::runtime_error(ERR_error_string(ERR_get_error(), nullptr))
+{
+}
+
 static Result<const EVP_CIPHER*>
 openssl_cipher(CipherSuite suite)
 {
diff --git a/src/result.cpp b/src/result.cpp
@@ -1 +1,39 @@
-#include <sframe/result.h>
+#include <sframe/sframe.h>
+
+namespace SFRAME_NAMESPACE {
+
+#ifdef __cpp_exceptions
+unsupported_ciphersuite_error::unsupported_ciphersuite_error()
+  : std::runtime_error("Unsupported ciphersuite")
+{
+}
+
+authentication_error::authentication_error()
+  : std::runtime_error("AEAD authentication failure")
+{
+}
+
+[[noreturn]] void
+throw_sframe_error(const SFrameError& error)
+{
+  switch (error.type()) {
+    case SFrameErrorType::internal_error:
+      throw std::runtime_error(error.message() ? error.message()
+                                               : "SFrame internal error");
+    case SFrameErrorType::buffer_too_small_error:
+      throw buffer_too_small_error(error.message());
+    case SFrameErrorType::invalid_parameter_error:
+      throw invalid_parameter_error(error.message());
+    case SFrameErrorType::crypto_error:
+      throw crypto_error();
+    case SFrameErrorType::unsupported_ciphersuite_error:
+      throw unsupported_ciphersuite_error();
+    case SFrameErrorType::authentication_error:
+      throw authentication_error();
+    case SFrameErrorType::invalid_key_usage_error:
+      throw invalid_key_usage_error(error.message());
+  }
+}
+#endif
+
+} // namespace SFRAME_NAMESPACE
diff --git a/test/common.h b/test/common.h
@@ -2,22 +2,9 @@
 #include <sframe/result.h>
 #include <sframe/sframe.h>
 
-#include <stdexcept>
 #include <string>
 #include <vector>
 
-// Unwrap a Result<T> in a test context. Throws std::runtime_error on error
-// so doctest can catch and report it.
-#define UNWRAP(expr)                                                           \
-  ([&]() {                                                                     \
-    auto _r = (expr);                                                          \
-    if (_r.is_err()) {                                                         \
-      const auto* _msg = _r.error().message();                                 \
-      throw std::runtime_error(_msg ? _msg : "unwrap() on an error result");          \
-    }                                                                          \
-    return _r.value();                                                         \
-  }())
-
 using bytes = std::vector<uint8_t>;
 
 bytes
diff --git a/test/header.cpp b/test/header.cpp
@@ -38,7 +38,7 @@ TEST_CASE("Header Known-Answer")
 
   for (const auto& tc : cases) {
     // Decode
-    const auto decoded = UNWRAP(Header::parse(tc.encoding));
+    const auto decoded = Header::parse(tc.encoding).unwrap();
     REQUIRE(decoded.key_id == tc.key_id);
     REQUIRE(decoded.counter == tc.counter);
     REQUIRE(decoded.size() == tc.encoding.size());
diff --git a/test/sframe.cpp b/test/sframe.cpp
@@ -39,15 +39,15 @@ TEST_CASE("SFrame Round-Trip")
     auto& key = pair.second;
 
     auto send = Context(suite);
-    UNWRAP(send.add_key(kid, KeyUsage::protect, key));
+    send.add_key(kid, KeyUsage::protect, key).unwrap();
 
     auto recv = Context(suite);
-    UNWRAP(recv.add_key(kid, KeyUsage::unprotect, key));
+    recv.add_key(kid, KeyUsage::unprotect, key).unwrap();
 
     for (int i = 0; i < rounds; i++) {
       auto encrypted =
-        to_bytes(UNWRAP(send.protect(kid, ct_out, plaintext, {})));
-      auto decrypted = to_bytes(UNWRAP(recv.unprotect(pt_out, encrypted, {})));
+        to_bytes(send.protect(kid, ct_out, plaintext, {}).unwrap());
+      auto decrypted = to_bytes(recv.unprotect(pt_out, encrypted, {}).unwrap());
       CHECK(decrypted == plaintext);
     }
   }
@@ -82,20 +82,22 @@ TEST_CASE("MLS Round-Trip")
     for (MLSContext::EpochID epoch_id = 0; epoch_id < test_epochs; epoch_id++) {
       const auto sframe_epoch_secret = bytes(8, uint8_t(epoch_id));
 
-      UNWRAP(member_a.add_epoch(epoch_id, sframe_epoch_secret));
-      UNWRAP(member_b.add_epoch(epoch_id, sframe_epoch_secret));
+      member_a.add_epoch(epoch_id, sframe_epoch_secret).unwrap();
+      member_b.add_epoch(epoch_id, sframe_epoch_secret).unwrap();
 
       for (int i = 0; i < epoch_rounds; i++) {
-        auto encrypted_ab = UNWRAP(
-          member_a.protect(epoch_id, sender_id_a, ct_out, plaintext, metadata));
+        auto encrypted_ab =
+          member_a.protect(epoch_id, sender_id_a, ct_out, plaintext, metadata)
+            .unwrap();
         auto decrypted_ab =
-          UNWRAP(member_b.unprotect(pt_out, encrypted_ab, metadata));
+          member_b.unprotect(pt_out, encrypted_ab, metadata).unwrap();
         CHECK(plaintext == to_bytes(decrypted_ab));
 
-        auto encrypted_ba = UNWRAP(
-          member_b.protect(epoch_id, sender_id_b, ct_out, plaintext, metadata));
+        auto encrypted_ba =
+          member_b.protect(epoch_id, sender_id_b, ct_out, plaintext, metadata)
+            .unwrap();
         auto decrypted_ba =
-          UNWRAP(member_a.unprotect(pt_out, encrypted_ba, metadata));
+          member_a.unprotect(pt_out, encrypted_ba, metadata).unwrap();
         CHECK(plaintext == to_bytes(decrypted_ba));
       }
     }
@@ -135,33 +137,46 @@ TEST_CASE("MLS Round-Trip with context")
     for (MLSContext::EpochID epoch_id = 0; epoch_id < test_epochs; epoch_id++) {
       const auto sframe_epoch_secret = bytes(8, uint8_t(epoch_id));
 
-      UNWRAP(
-        member_a_0.add_epoch(epoch_id, sframe_epoch_secret, sender_id_bits));
-      UNWRAP(
-        member_a_1.add_epoch(epoch_id, sframe_epoch_secret, sender_id_bits));
-      UNWRAP(member_b.add_epoch(epoch_id, sframe_epoch_secret));
+      member_a_0.add_epoch(epoch_id, sframe_epoch_secret, sender_id_bits)
+        .unwrap();
+      member_a_1.add_epoch(epoch_id, sframe_epoch_secret, sender_id_bits)
+        .unwrap();
+      member_b.add_epoch(epoch_id, sframe_epoch_secret).unwrap();
 
       for (int i = 0; i < epoch_rounds; i++) {
-        auto encrypted_ab_0 = UNWRAP(member_a_0.protect(
-          epoch_id, sender_id_a, context_id_0, ct_out_0, plaintext, metadata));
+        auto encrypted_ab_0 = member_a_0
+                                .protect(epoch_id,
+                                         sender_id_a,
+                                         context_id_0,
+                                         ct_out_0,
+                                         plaintext,
+                                         metadata)
+                                .unwrap();
         auto decrypted_ab_0 = to_bytes(
-          UNWRAP(member_b.unprotect(pt_out, encrypted_ab_0, metadata)));
+          member_b.unprotect(pt_out, encrypted_ab_0, metadata).unwrap());
         CHECK(plaintext == decrypted_ab_0);
 
-        auto encrypted_ab_1 = UNWRAP(member_a_1.protect(
-          epoch_id, sender_id_a, context_id_1, ct_out_1, plaintext, metadata));
+        auto encrypted_ab_1 = member_a_1
+                                .protect(epoch_id,
+                                         sender_id_a,
+                                         context_id_1,
+                                         ct_out_1,
+                                         plaintext,
+                                         metadata)
+                                .unwrap();
         auto decrypted_ab_1 = to_bytes(
-          UNWRAP(member_b.unprotect(pt_out, encrypted_ab_1, metadata)));
+          member_b.unprotect(pt_out, encrypted_ab_1, metadata).unwrap());
         CHECK(plaintext == decrypted_ab_1);
 
         CHECK(to_bytes(encrypted_ab_0) != to_bytes(encrypted_ab_1));
 
-        auto encrypted_ba = UNWRAP(member_b.protect(
-          epoch_id, sender_id_b, ct_out_0, plaintext, metadata));
+        auto encrypted_ba =
+          member_b.protect(epoch_id, sender_id_b, ct_out_0, plaintext, metadata)
+            .unwrap();
         auto decrypted_ba_0 = to_bytes(
-          UNWRAP(member_a_0.unprotect(pt_out, encrypted_ba, metadata)));
+          member_a_0.unprotect(pt_out, encrypted_ba, metadata).unwrap());
         auto decrypted_ba_1 = to_bytes(
-          UNWRAP(member_a_1.unprotect(pt_out, encrypted_ba, metadata)));
+          member_a_1.unprotect(pt_out, encrypted_ba, metadata).unwrap());
         CHECK(plaintext == decrypted_ba_0);
         CHECK(plaintext == decrypted_ba_1);
       }
@@ -187,17 +202,18 @@ TEST_CASE("MLS Failure after Purge")
 
   // Install epoch 1 and create a cipihertext
   const auto epoch_id_1 = MLSContext::EpochID(1);
-  UNWRAP(member_a.add_epoch(epoch_id_1, sframe_epoch_secret_1));
-  UNWRAP(member_b.add_epoch(epoch_id_1, sframe_epoch_secret_1));
+  member_a.add_epoch(epoch_id_1, sframe_epoch_secret_1).unwrap();
+  member_b.add_epoch(epoch_id_1, sframe_epoch_secret_1).unwrap();
 
-  const auto enc_ab_1 = UNWRAP(
-    member_a.protect(epoch_id_1, sender_id_a, ct_out, plaintext, metadata));
+  const auto enc_ab_1 =
+    member_a.protect(epoch_id_1, sender_id_a, ct_out, plaintext, metadata)
+      .unwrap();
   const auto enc_ab_1_data = to_bytes(enc_ab_1);
 
   // Install epoch 2
   const auto epoch_id_2 = MLSContext::EpochID(2);
-  UNWRAP(member_a.add_epoch(epoch_id_2, sframe_epoch_secret_2));
-  UNWRAP(member_b.add_epoch(epoch_id_2, sframe_epoch_secret_2));
+  member_a.add_epoch(epoch_id_2, sframe_epoch_secret_2).unwrap();
+  member_b.add_epoch(epoch_id_2, sframe_epoch_secret_2).unwrap();
 
   // Purge epoch 1 and verify failure
   member_a.purge_before(epoch_id_2);
@@ -209,8 +225,9 @@ TEST_CASE("MLS Failure after Purge")
   CHECK(member_b.unprotect(pt_out, enc_ab_1_data, metadata).error().type() ==
         SFrameErrorType::invalid_parameter_error);
 
-  const auto enc_ab_2 = UNWRAP(
-    member_a.protect(epoch_id_2, sender_id_a, ct_out, plaintext, metadata));
-  const auto dec_ab_2 = UNWRAP(member_b.unprotect(pt_out, enc_ab_2, metadata));
+  const auto enc_ab_2 =
+    member_a.protect(epoch_id_2, sender_id_a, ct_out, plaintext, metadata)
+      .unwrap();
+  const auto dec_ab_2 = member_b.unprotect(pt_out, enc_ab_2, metadata).unwrap();
   CHECK(plaintext == to_bytes(dec_ab_2));
 }
diff --git a/test/vectors.cpp b/test/vectors.cpp
