SafeErrorMessages class
OTP Crypto – Error types and safe messages
Centralizes exception classes and user-facing safe messages so that cryptographic internals are not leaked through error text.
SECURITY NOTES:
- Never expose low-level failure reasons (e.g., "MAC mismatch at index…").
- Keep messages generic and consistent across platforms (Dart/PHP).
- Prefer throwing specific subclasses to aid debugging in logs while still returning generic messages to callers/UI.
HINT:
- Use
SafeErrorMessages
when you need a generic string for UI/log. - Catch low-level exceptions and wrap them with
OtpCryptoException.wrap(...)
. Canonical, generic messages to avoid information leakage.
Properties
- hashCode → int
-
The hash code for this object.
no setterinherited
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
Methods
-
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
toString(
) → String -
A string representation of this object.
inherited
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited
Constants
- authenticationFailed → const String
- For failed authentication/MAC verification.
- decryptionFailed → const String
- For AES decryption or padding failures.
- expiredOrNotYetValid → const String
- For messages outside the accepted time window (skew/tolerance).
- internalError → const String
- For unexpected internal errors.
- invalidMessage → const String
- For invalid wire format, version, missing fields, bad b64, etc.