-
Notifications
You must be signed in to change notification settings - Fork 720
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add command for converting Byron, Icarus, and Shelley style cardano-address signing keys #1822
Conversation
a0770fa
to
8bcae8e
Compare
pKeyConvertCardanoAddressSigningKey = | ||
KeyConvertCardanoAddressSigningKey | ||
<$> pCardanoAddressKeyType | ||
<*> pSigningKeyFile Input |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps I should use an option parser whose help text specifically denotes that we expect a file containing a Bech32-encoded extended signing key.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems a good idea.
pure $ Left $ | ||
FileError fp (CardanoAddressSigningKeyBech32DecodeError err) | ||
Right (_hrPart, _dataPart, bs) -> | ||
pure $ first (FileError fp) (convertBip32SigningKey bs) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I had a go to see what an ExceptT
version would look like:
readBech32Bip32SigningKeyFile
:: SigningKeyFile
-> ExceptT (FileError CardanoAddressSigningKeyConversionError) IO Crypto.XPrv
readBech32Bip32SigningKeyFile (SigningKeyFile fp) = do
str <- readFile fp & handleIOExceptT (FileIOError fp)
(_hrPart, _dataPart, bs) <- decodeBech32 (Text.concat $ Text.words str) & except & withExceptT (FileError fp . CardanoAddressSigningKeyBech32DecodeError)
convertBip32SigningKey bs & except & withExceptT (FileError fp)
The LHS of the &
would be the business logic and the RHS of &
is all the error type mangling.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One comment, happy to approve after.
df07253
to
a7ab18a
Compare
a7ab18a
to
289de30
Compare
ItnSigningKeyDeserialisationError _sKey -> | ||
-- Sensitive data, such as the signing key, is purposely not included in | ||
-- the error message. | ||
"Error deserialising signing key." |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm curious about this concern since presumably the user has access to the key that might be printed anyway.
Might it be worthwhile printing **************suffix
to at least make it easier for the user to check if they're using the right key?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It'd be a concern if, for example, the user is redirecting stderr to some log file with more lax permissions than the signing key file itself.
I think it could be useful to print a suffix, but I wonder how many bytes of the signing key would be safe to display.
bors r+ |
1822: Add command for converting Byron, Icarus, and Shelley style cardano-address signing keys r=intricate a=intricate Closes #1756 Help text output of the new command added by this PR: ``` Usage: cardano-cli shelley key convert-cardano-address-key (--shelley-payment-key | --shelley-stake-key | --icarus-payment-key | --byron-payment-key) --signing-key-file FILE --out-file FILE Convert a cardano-address extended signing key to a corresponding Shelley-format key. Available options: --shelley-payment-key Use a Shelley-era extended payment key. --shelley-stake-key Use a Shelley-era extended stake key. --icarus-payment-key Use a Byron-era extended payment key formatted in the Icarus style. --byron-payment-key Use a Byron-era extended payment key formatted in the deprecated Byron style. --signing-key-file FILE Input filepath of the signing key. --out-file FILE The output file. ``` Co-authored-by: Luke Nadur <19835357+intricate@users.noreply.github.com>
Build failed: |
bors r+ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks plausible. How do we test this properly?
Build succeeded: |
Closes #1756
Help text output of the new command added by this PR: