Summary of What Needs to be Done:
The crypto.ts decryptToken function catches all errors and returns null, making it impossible to distinguish between missing encryption key, corrupted ciphertext, invalid IV, or other errors.
Changes that Need to be Done:
- File: src/lib/crypto.ts
- Create specific error classes (EncryptionKeyError, TokenDecryptionError)
- Throw specific errors instead of returning null for different failure modes
Impact that it would Provide:
- Improves debuggability of production issues
- Allows calling code to handle different error cases appropriately
- Better error monitoring and logging
Summary of What Needs to be Done:
The crypto.ts decryptToken function catches all errors and returns null, making it impossible to distinguish between missing encryption key, corrupted ciphertext, invalid IV, or other errors.
Changes that Need to be Done:
Impact that it would Provide: