Add init_api_secure function
#206
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…base64 payload for encrypted messages
…pted API error cases
yeastplume
changed the title
init_api_secure functioninit_api_secure function
|
No longer WIP and ready for review, updated description in top comment |
tests/owner_v3_init_secure.rs
Outdated
| let value: ECDHPubkey = res.unwrap(); | ||
| let shared_key = derive_ecdh_key(sec_key_str, &value.ecdh_pubkey); | ||
|
|
||
| // 12) A normal request, correct key |
controller/src/controller.rs
Outdated
| @@ -308,15 +415,54 @@ where | |||
| OwnerAPIHandlerV3 { wallet } | |||
| } | |||
|
|
|||
| //TODO: Unwraps | |||
There was a problem hiding this comment.
Has this been addressed?
There was a problem hiding this comment.
Yes, leftover reminder comment.
| where | ||
| OUT: DeserializeOwned, | ||
| { | ||
| let url = Url::parse(dest).unwrap(); |
There was a problem hiding this comment.
Should we really have all of these unwraps in send_request_enc and derive_ecdh_key? What RPC error code would be returned if these panic?
There was a problem hiding this comment.
It's just test helper code, I don't usually worry too much about unwraps there. I've been careful to ensure the server side returns proper errors for all conditions (and never unwraps)
…bility to select owner api port via command line
yyangli
pushed a commit
to mwcproject/mwc-wallet
that referenced
this pull request
May 13, 2020
* adding initial version of init_secure_api * rustfmt * fix ECDH algo * rustfmt * trying to figure out best way of doing encryption * refactor secure requests and responses into json-rpc responses, with base64 payload for encrypted messages * rustfmt * return proper errors from encrypted api, include tests covering encrypted API error cases * rustfmt * add test for normal error (unencrypted) * rustfmt * change ports for test, add foreign listener to V2 sanity tests, add ability to select owner api port via command line * rustfmt * turn it to 11 * explicit teardown after rpc tests * update tests with explicit teardowns * update tests to perform explicit teardown * fix warnings, ensure all tests teardown * log output to diagnose CI windows build failures * disable owner api doctests on windows * rustfmt
antiochp
pushed a commit
to antiochp/grin-wallet
that referenced
this pull request
Aug 7, 2020
* adding initial version of init_secure_api * rustfmt * fix ECDH algo * rustfmt * trying to figure out best way of doing encryption * refactor secure requests and responses into json-rpc responses, with base64 payload for encrypted messages * rustfmt * return proper errors from encrypted api, include tests covering encrypted API error cases * rustfmt * add test for normal error (unencrypted) * rustfmt * change ports for test, add foreign listener to V2 sanity tests, add ability to select owner api port via command line * rustfmt * turn it to 11 * explicit teardown after rpc tests * update tests with explicit teardowns * update tests to perform explicit teardown * fix warnings, ensure all tests teardown * log output to diagnose CI windows build failures * disable owner api doctests on windows * rustfmt
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
init_secure_apimust be encrypted.init_secure_apifunction to the V3 API, performs an ECDH exchange (using the usual libsecp256k1 curve, again supported by node.js), sets the shared key internally and returns the public key to the caller.