-
Notifications
You must be signed in to change notification settings - Fork 906
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
hsmtool: fix hsm_secret generation #4304
Conversation
9591be5
to
6455c90
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 6455c90
Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
Fixes ElementsProject#4302 Changelog-fixed: hsmtool: the `generatehsm` command now generates an appropriately-sized hsm_secret Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
6455c90
to
dbbcc27
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry I noticed just now, but the hsm_secret
contains 32 bytes of binary, not plaintext.
@@ -530,7 +532,9 @@ static int generate_hsm(const char *hsm_secret_path) | |||
if (fd < 0) { | |||
errx(ERROR_USAGE, "Unable to create hsm_secret file"); | |||
} | |||
if (!write_all(fd, bip32_seed, bip32_seed_len)) | |||
/* Write only the first 32 bytes, length of the (plaintext) seed in the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
plaintext?
It was meant by opposition to 'ciphertext'
…-------- Original Message --------
On Mar 9, 2021, 11:28, Ján Sáreník wrote:
@jsarenik commented on this pull request.
Sorry I noticed just now, but the hsm_secret contains 32 bytes of binary, not plaintext.
---------------------------------------------------------------
In [tools/hsmtool.c](#4304 (comment)):
> @@ -530,7 +532,9 @@ static int generate_hsm(const char *hsm_secret_path)
if (fd < 0) {
errx(ERROR_USAGE, "Unable to create hsm_secret file");
}
- if (!write_all(fd, bip32_seed, bip32_seed_len))
+ /* Write only the first 32 bytes, length of the (plaintext) seed in the
plaintext?
—
You are receiving this because you authored the thread.
Reply to this email directly, [view it on GitHub](#4304 (review)), or [unsubscribe](https://github.com/notifications/unsubscribe-auth/AFLK3F363MUOAXVVZYCGDLTTCXZ5HANCNFSM4VRNUEBQ).
|
Based on #4284 , fixes #4302 .