From 655b917fa0f86b970276185ef338211a79d0e988 Mon Sep 17 00:00:00 2001
From: Lexicoding <234111021+Lexicoding-systems@users.noreply.github.com>
Date: Thu, 8 Jan 2026 00:55:24 -0500
Subject: [PATCH] Potential fix for code scanning alert no. 78: Information
 exposure through an exception

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Lexicoding <234111021+Lexicoding-systems@users.noreply.github.com>
---
 src/lexecon/security/signature_service.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/lexecon/security/signature_service.py b/src/lexecon/security/signature_service.py
index 392d029..907ac20 100644
--- a/src/lexecon/security/signature_service.py
+++ b/src/lexecon/security/signature_service.py
@@ -17,6 +17,9 @@
 from cryptography.hazmat.primitives import hashes, serialization
 from cryptography.hazmat.backends import default_backend
 from cryptography.exceptions import InvalidSignature
+import logging
+
+logger = logging.getLogger(__name__)
 
 
 class SignatureService:
@@ -192,7 +195,9 @@ def verify_signature(
         except InvalidSignature:
             return False, "Signature verification failed - packet may have been tampered with"
         except Exception as e:
-            return False, f"Verification error: {str(e)}"
+            # Log detailed error on the server, but return a generic message to the client
+            logger.exception("Unexpected error during signature verification")
+            return False, "Internal verification error"
 
     def get_public_key_pem(self) -> str:
         """Get public key in PEM format for distribution."""