Enforce 256 bit keys on raw import, support raw mobile imports #14502
Conversation
|
@ligi PTAL |
karalabe
changed the title
karalabe
changed the title
|
YAY - LGTM - Thanks! |
|
After thinking about it a bit more - perhaps also exporting should be done to get symmetric API-wise - that said for exporting I think I will in the end use JSON for making paper-wallets with WALLETH - just opened #14481 as I saw raw keys used for paper-wallets often - so I need it for importing - but otherwise I like the context that the JSON gives .. |
|
I don't think we want to support that use case tbh. Exporting unencrypted raw private keys has more dangers that benefits imho. The whole use case of exporting keys is to allow moving them to a different service/device, which is covered by the json format. |
|
Regarding generating paper wallets, I can accept to put raw keys on paper wallets, but those should be done when generating the account and not later (which is a security risk if your mobile is stolen). Similarly to how hardware wallets do the recovery mnemonics. |
|
No regression tests? |
|
@chfast Please provide a bit more detail :) |
Fixes #14481
The first commit changes our crypto API a bit so importing raw ECDSA keys are enforced to be 32 bytes in size not only for hex strings, but for raw byte slices too. The second commit surfaces importing raw keys into the mobile keystore (hence why it was important to enforce the correct bytes, to prevent users importing hex strings accidentally).