Issue/350

[Despire]

This should fix the creation of signer with an invalid key type as described in #350 . I believe that ed25519 in the description was supposed to be secp256k1.

Also simplified nalc.Decryptor as it was doing an unnecessary second key validation in decryptor.Decrypt

[golangcibot]

return statements should not be cuddled if block has more than two lines (from wsl)

[golangcibot]

if statements should only be cuddled with assignments (from wsl)

[golangcibot]

return statements should not be cuddled if block has more than two lines (from wsl)

[robdefeo]

Thanks @Despire for this PR 😄
Looks like you are actually fixing 2 issues #350 and #331 could you create a separate PR for #331 to make it clearer. That would be awesome as then its 2 PR's!!!!! 👍 👍 Thank you

[robdefeo]

Good spot!

[robdefeo]

Good spot!

[robdefeo]

I your instinct to trying and simplify this. Let me give you a bit more information on why this method returns the []byte because its not clear from the code. pk.Bytes() returns the private key bytes, however this method has multiple uses (which is a bad thing!) its used for storing the private key in the keystore, decrypting and signing private keys. This needs to be resolved in the long term and I'll create an issue around that but there is a bit of investigation needed, I''ll raise it and would be great to get your comments. This method then is responsible for ensuring the key is of a valid type but also extracting the bytes that are relevant for decryption. If [32:] is moved when calling easyOpen you have then it is not aware of what type of key it is and it may pick the incorrect bytes.

[Despire]

I see. Thanks for the clarification

[robdefeo]

Different keys may have different ranges for returning the bytes to use when decrypting. If [32:] is done here you have then it is not aware of what type of key it is and it may pick the incorrect bytes.

[robdefeo]

The changes in this file look out of scope for #350.
they appear related to #331 could you move them in to a seperate PR for that to make it clearer. That would be awesome as then its 2 PR's!!!!! 😄

[robdefeo]

The changes in this file look out of scope for #350.
they appear related to #331 could you move them in to a seperate PR for that to make it clearer. That would be awesome as then its 2 PR's!!!!! 😄

[Despire]

Thanks for the feedback!
I'm a little bit confused with issues #350 and #331, they appear same to me, with the only difference being that in the description of #350 that the public key type needs to be ed25519 and in #331 secp256k1
Also the title of #350 says to ensure valid keys are used for nacl.Decrypter isn't that already done here ?

[robdefeo]

Sorry for the lack of clarity @Despire let me add a bit more information.

• Ensure only valid keys are used to create nacl.Decrypter #350 is related encryption which is used to encrypt / decrypt messages this change is in the nacl package.
• Check private key is valid before returning signer #331 is related to the signing transactions, this change is in the ethereum package.

In the case of signing a transaction and decrypting a message the private key is required. The code that you are implementing is very similar with the main difference being using secp256k1 or ed25519.

No here is the part that's made it very confusing for which I am very sorry for! You are absolutely correct the link does make that issue redundant. I will instead open an issue for nacl.NewEncrypter() #359

[Despire]

Again thanks for the clarification 😄
I guess this PR can be closed along with issue #350.

[robdefeo]

Closing this PR as some changes moved to #358 and issue #350 has already been resolved but was left open. Issue #350 also closed now.