New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Merged by Bors] - Normalize keystore passwords #1972
Conversation
@kirk-baird with #1928 , we are returning an error if we try encrypting using a password with control chars.
This is what the deposit-cli seems to be doing here So if the user entered a password with control characters in the deposit-cli, it seems they would get stripped and fail with the import in lighthouse. Made c5daab7 to strip the characters instead of throwing an error. Can you please check if I understood the spec correctly here? :) |
Yep I'm happy with your interpretation to strip away any control characters rather than error. Thanks for fixing this up! I had a look through |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Happy with the changes :)
Added normalization to the |
|
||
let derived_key = derive_key(&password, &kdf)?; | ||
password.retain(|c| !is_control_character(c)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The comment at the top of this function
(Errors) if
password
uses utf-8 control characters.
Is out of date
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks really good! Just that one doc comment to fix before merge
/// Returns true if the given char is a UTF-8 control character and false otherwise. | ||
fn is_control_character(c: char) -> bool { | ||
// 0x00 - 0x1F + 0x80 - 0x9F + 0x7F | ||
c.is_control() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Having reviewed the control characters listed in UnicodeData.txt
I'm satisfied that this is equivalent to the set of control characters claimed (and required by the spec). Nice!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Haha just saw Kirk's comment. Oh well, now we've triple checked it
bors r+ |
## Issue Addressed Resolves #1879 ## Proposed Changes Do NFKD normalization for keystore passwords.
Pull request successfully merged into unstable. Build succeeded: |
Issue Addressed
Resolves #1879
Proposed Changes
Do NFKD normalization for keystore passwords.