From bb02913c3915dfb2c58866c802e202c1e77ad8a5 Mon Sep 17 00:00:00 2001 From: Anton Nikiforov Date: Fri, 16 Sep 2022 09:48:12 +0300 Subject: [PATCH] [nspcc-dev#1128] cli: Remove WIF and NEP2 support in --wallet argument Signed-off-by: Anton Nikiforov --- CHANGELOG.md | 2 +- cmd/neofs-cli/internal/commonflags/flags.go | 2 +- cmd/neofs-cli/internal/key/key_test.go | 26 +++-------- cmd/neofs-cli/internal/key/nep2.go | 26 ----------- cmd/neofs-cli/internal/key/raw.go | 49 +++++---------------- cmd/neofs-cli/internal/key/wallet.go | 3 +- 6 files changed, 23 insertions(+), 85 deletions(-) delete mode 100644 cmd/neofs-cli/internal/key/nep2.go diff --git a/CHANGELOG.md b/CHANGELOG.md index ddd7b7de0e..bf62c1dfe4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,7 +10,7 @@ Changelog for NeoFS Node ### Fixed ### Removed - +- Remove WIF and NEP2 support in `neofs-cli`'s --wallet flag (#1128) ### Updated ### Updating from v0.32.0 diff --git a/cmd/neofs-cli/internal/commonflags/flags.go b/cmd/neofs-cli/internal/commonflags/flags.go index 5d8196506b..5c6ad12b0e 100644 --- a/cmd/neofs-cli/internal/commonflags/flags.go +++ b/cmd/neofs-cli/internal/commonflags/flags.go @@ -16,7 +16,7 @@ const ( WalletPath = "wallet" WalletPathShorthand = "w" WalletPathDefault = "" - WalletPathUsage = "WIF (NEP-2) string or path to the wallet or binary key" + WalletPathUsage = "path to the wallet or binary key" Account = "address" AccountShorthand = "" diff --git a/cmd/neofs-cli/internal/key/key_test.go b/cmd/neofs-cli/internal/key/key_test.go index f0c1201697..587a838f23 100644 --- a/cmd/neofs-cli/internal/key/key_test.go +++ b/cmd/neofs-cli/internal/key/key_test.go @@ -23,6 +23,9 @@ func Test_getOrGenerate(t *testing.T) { w, err := wallet.NewWallet(wallPath) require.NoError(t, err) + badWallPath := filepath.Join(dir, "bad_wallet.json") + require.NoError(t, os.WriteFile(badWallPath, []byte("bad content"), os.ModePerm)) + acc1, err := wallet.NewAccount() require.NoError(t, err) require.NoError(t, acc1.Encrypt("pass", keys.NEP2ScryptParams())) @@ -55,7 +58,8 @@ func Test_getOrGenerate(t *testing.T) { Writer: io.Discard, }, "") - checkKeyError(t, filepath.Join(dir, "badfile"), ErrInvalidKey) + checkKeyError(t, filepath.Join(dir, "badfile"), ErrFs) + checkKeyError(t, badWallPath, ErrInvalidKey) t.Run("wallet", func(t *testing.T) { checkKeyError(t, wallPath, ErrInvalidPassword) @@ -80,27 +84,11 @@ func Test_getOrGenerate(t *testing.T) { }) t.Run("WIF", func(t *testing.T) { - checkKey(t, wifKey.WIF(), wifKey) + checkKeyError(t, wifKey.WIF(), ErrFs) }) t.Run("NEP-2", func(t *testing.T) { - checkKeyError(t, nep2, ErrInvalidPassword) - - in.WriteString("invalid\r") - checkKeyError(t, nep2, ErrInvalidPassword) - - in.WriteString("pass\r") - checkKey(t, nep2, nep2Key) - - t.Run("password from config", func(t *testing.T) { - viper.Set("password", "invalid") - in.WriteString("pass\r") - checkKeyError(t, nep2, ErrInvalidPassword) - - viper.Set("password", "pass") - in.WriteString("invalid\r") - checkKey(t, nep2, nep2Key) - }) + checkKeyError(t, nep2, ErrFs) }) t.Run("raw key", func(t *testing.T) { diff --git a/cmd/neofs-cli/internal/key/nep2.go b/cmd/neofs-cli/internal/key/nep2.go deleted file mode 100644 index ee4602774e..0000000000 --- a/cmd/neofs-cli/internal/key/nep2.go +++ /dev/null @@ -1,26 +0,0 @@ -package key - -import ( - "crypto/ecdsa" - - "github.com/nspcc-dev/neo-go/pkg/crypto/keys" -) - -const nep2Base58Length = 58 - -// FromNEP2 extracts private key from NEP2-encrypted string. -func FromNEP2(encryptedWif string) (*ecdsa.PrivateKey, error) { - pass, err := getPassword() - if err != nil { - printVerbose("Can't read password: %v", err) - return nil, ErrInvalidPassword - } - - k, err := keys.NEP2Decrypt(encryptedWif, pass, keys.NEP2ScryptParams()) - if err != nil { - printVerbose("Invalid key or password: %v", err) - return nil, ErrInvalidPassword - } - - return &k.PrivateKey, nil -} diff --git a/cmd/neofs-cli/internal/key/raw.go b/cmd/neofs-cli/internal/key/raw.go index 016706f555..27e02da646 100644 --- a/cmd/neofs-cli/internal/key/raw.go +++ b/cmd/neofs-cli/internal/key/raw.go @@ -16,13 +16,8 @@ import ( var errCantGenerateKey = errors.New("can't generate new private key") -// Get returns private key from the following sources: -// 1. WIF -// 2. Raw binary key -// 3. Wallet file -// 4. NEP-2 encrypted WIF. +// Get returns private key from wallet or binary file. // Ideally we want to touch file-system on the last step. -// However, asking for NEP-2 password seems to be confusing if we provide a wallet. // This function assumes that all flags were bind to viper in a `PersistentPreRun`. func Get(cmd *cobra.Command) *ecdsa.PrivateKey { pk, err := get() @@ -32,26 +27,20 @@ func Get(cmd *cobra.Command) *ecdsa.PrivateKey { func get() (*ecdsa.PrivateKey, error) { keyDesc := viper.GetString(commonflags.WalletPath) - priv, err := keys.NewPrivateKeyFromWIF(keyDesc) - if err == nil { - return &priv.PrivateKey, nil + data, err := os.ReadFile(keyDesc) + if err != nil { + return nil, fmt.Errorf("%w: %v", ErrFs, err) } - p, err := getKeyFromFile(keyDesc) - if err == nil { - return p, nil + priv, err := keys.NewPrivateKeyFromBytes(data) + if err != nil { + w, err := wallet.NewWalletFromFile(keyDesc) + if err == nil { + return FromWallet(w, viper.GetString(commonflags.Account)) + } + return nil, fmt.Errorf("%w: %v", ErrInvalidKey, err) } - - w, err := wallet.NewWalletFromFile(keyDesc) - if err == nil { - return FromWallet(w, viper.GetString(commonflags.Account)) - } - - if len(keyDesc) == nep2Base58Length { - return FromNEP2(keyDesc) - } - - return nil, ErrInvalidKey + return &priv.PrivateKey, nil } // GetOrGenerate is similar to get but generates a new key if commonflags.GenerateKey is set. @@ -71,17 +60,3 @@ func getOrGenerate() (*ecdsa.PrivateKey, error) { } return get() } - -func getKeyFromFile(keyPath string) (*ecdsa.PrivateKey, error) { - data, err := os.ReadFile(keyPath) - if err != nil { - return nil, fmt.Errorf("%w: %v", ErrInvalidKey, err) - } - - priv, err := keys.NewPrivateKeyFromBytes(data) - if err != nil { - return nil, fmt.Errorf("%w: %v", ErrInvalidKey, err) - } - - return &priv.PrivateKey, nil -} diff --git a/cmd/neofs-cli/internal/key/wallet.go b/cmd/neofs-cli/internal/key/wallet.go index 4ae521f559..ace54e4f66 100644 --- a/cmd/neofs-cli/internal/key/wallet.go +++ b/cmd/neofs-cli/internal/key/wallet.go @@ -15,7 +15,8 @@ import ( // Key-related errors. var ( - ErrInvalidKey = errors.New("provided key is incorrect") + ErrFs = errors.New("unable to read file from given path") + ErrInvalidKey = errors.New("provided key is incorrect, only wallet or binary key supported") ErrInvalidAddress = errors.New("--address option must be specified and valid") ErrInvalidPassword = errors.New("invalid password for the encrypted key") )