-
Notifications
You must be signed in to change notification settings - Fork 2.7k
inspect-key
: Adds support for expect-public
#10430
Conversation
`expect-public` can be used to check that a given secret uri corresponds to the given public key. This is mainly useful when the secret uri is protected by a password and a new derived account should be generated. With `--expect-public` the user can pass the public key/account-id of the "base" secret uri aka the one without any derivation to ensure the correct password was inserted.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure how useful this is in practice but LGTM. Is this something you need? 😜
check_cmd(&seed_with_password, &valid_public_hex_with_password, true); | ||
check_cmd(&seed_with_password, &valid_accountid_with_password, true); | ||
|
||
let seed_with_password_and_derivation = format!("{}//test//account///{}", seed, password); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not that it matters much but we could also check that providing the public key for the derived account fails (since we check against root key).
@@ -709,6 +710,104 @@ mod dummy { | |||
} | |||
} | |||
|
|||
/// A secret uri (`SURI`) that can be used to generate a key pair. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
code LGTM but I am also not sure if we cannot achieve the same with subkey inspect
?
Co-authored-by: André Silva <123550+andresilva@users.noreply.github.com>
* Introduce `SecretUri` * `inspect-key`: Adds support for `expect-public` `expect-public` can be used to check that a given secret uri corresponds to the given public key. This is mainly useful when the secret uri is protected by a password and a new derived account should be generated. With `--expect-public` the user can pass the public key/account-id of the "base" secret uri aka the one without any derivation to ensure the correct password was inserted. * Fixes * 🤦 * Apply suggestions from code review Co-authored-by: André Silva <123550+andresilva@users.noreply.github.com> * Review feedback * FMT * Bump the versions Co-authored-by: André Silva <123550+andresilva@users.noreply.github.com>
* Introduce `SecretUri` * `inspect-key`: Adds support for `expect-public` `expect-public` can be used to check that a given secret uri corresponds to the given public key. This is mainly useful when the secret uri is protected by a password and a new derived account should be generated. With `--expect-public` the user can pass the public key/account-id of the "base" secret uri aka the one without any derivation to ensure the correct password was inserted. * Fixes * 🤦 * Apply suggestions from code review Co-authored-by: André Silva <123550+andresilva@users.noreply.github.com> * Review feedback * FMT * Bump the versions Co-authored-by: André Silva <123550+andresilva@users.noreply.github.com>
* Introduce `SecretUri` * `inspect-key`: Adds support for `expect-public` `expect-public` can be used to check that a given secret uri corresponds to the given public key. This is mainly useful when the secret uri is protected by a password and a new derived account should be generated. With `--expect-public` the user can pass the public key/account-id of the "base" secret uri aka the one without any derivation to ensure the correct password was inserted. * Fixes * 🤦 * Apply suggestions from code review Co-authored-by: André Silva <123550+andresilva@users.noreply.github.com> * Review feedback * FMT * Bump the versions Co-authored-by: André Silva <123550+andresilva@users.noreply.github.com>
expect-public
can be used to check that a given secret uri corresponds to the given public key.This is mainly useful when the secret uri is protected by a password and a new derived account
should be generated. With
--expect-public
the user can pass the public key/account-id of the"base" secret uri aka the one without any derivation to ensure the correct password was inserted.