Skip to content

Commit

Permalink
Problem: no validate for malformed e2ee key in register (crypto-org-c…
Browse files Browse the repository at this point in the history
…hain#1421)

* Problem: no validate for malformed e2ee key in register

* update doc

* Apply suggestions from code review

* cleanup

---------

Co-authored-by: yihuang <[email protected]>
  • Loading branch information
mmsqe and yihuang committed May 3, 2024
1 parent ebbe148 commit bec195e
Show file tree
Hide file tree
Showing 6 changed files with 33 additions and 22 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@

* [#1413](https://github.com/crypto-org-chain/cronos/pull/1413) Add custom keyring implementation for e2ee module.
* (e2ee)[#1415](https://github.com/crypto-org-chain/cronos/pull/1415) Add batch keys query for e2ee module.
* (e2ee)[#1421](https://github.com/crypto-org-chain/cronos/pull/1421) Validate e2ee key when register.

*April 22, 2024*

Expand Down
2 changes: 1 addition & 1 deletion integration_tests/configs/default.jsonnet
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@
e2ee: {
keys: [{
address: 'crc16z0herz998946wr659lr84c8c556da55dc34hh',
key: std.base64('key'),
key: 'age1k3mpspxytgvx6e0jja0xgrtzz7vw2p00c2a3xmq5ygfzhwh4wg0s35z4c8',
}],
},
gov: {
Expand Down
8 changes: 8 additions & 0 deletions integration_tests/test_e2ee.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,14 @@
from .utils import wait_for_new_blocks


def test_register(cronos: Cronos):
cli = cronos.cosmos_cli()
pubkey0 = cli.keygen(keyring_name="key0")
rsp = cli.register_e2ee_key(pubkey0 + "malformed", _from="validator")
assert not rsp["code"]
assert not cli.query_e2ee_key(cli.address("validator"))


def gen_validator_identity(cronos: Cronos):
for i in range(len(cronos.config["validators"])):
cli = cronos.cosmos_cli(i)
Expand Down
23 changes: 15 additions & 8 deletions x/e2ee/keeper/keeper.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,16 +25,26 @@ func NewKeeper(storeKey storetypes.StoreKey) Keeper {
}
}

func (k Keeper) registerEncryptionKey(
ctx context.Context,
address string,
key []byte,
) error {
bz, err := sdk.AccAddressFromBech32(address)
if err != nil {
return err
}
sdk.UnwrapSDKContext(ctx).KVStore(k.storeKey).Set(types.KeyPrefix(bz), key)
return nil
}

func (k Keeper) RegisterEncryptionKey(
ctx context.Context,
req *types.MsgRegisterEncryptionKey,
) (*types.MsgRegisterEncryptionKeyResponse, error) {
addr, err := sdk.AccAddressFromBech32(req.Address)
if err != nil {
if err := k.registerEncryptionKey(ctx, req.Address, []byte(req.Key)); err != nil {
return nil, err
}
sdkCtx := sdk.UnwrapSDKContext(ctx)
sdkCtx.KVStore(k.storeKey).Set(types.KeyPrefix(addr), []byte(req.Key))
return &types.MsgRegisterEncryptionKeyResponse{}, nil
}

Expand All @@ -43,10 +53,7 @@ func (k Keeper) InitGenesis(
state *types.GenesisState,
) error {
for _, key := range state.Keys {
if _, err := k.RegisterEncryptionKey(ctx, &types.MsgRegisterEncryptionKey{
Address: key.Address,
Key: key.Key,
}); err != nil {
if err := k.registerEncryptionKey(ctx, key.Address, []byte(key.Key)); err != nil {
return err
}
}
Expand Down
7 changes: 1 addition & 6 deletions x/e2ee/types/keys.go
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
package types

import (
"errors"

sdk "github.com/cosmos/cosmos-sdk/types"
)

Expand Down Expand Up @@ -39,8 +37,5 @@ func (e EncryptionKeyEntry) Validate() error {
if _, err := sdk.AccAddressFromBech32(e.Address); err != nil {
return err
}
if len(e.Key) == 0 {
return errors.New("key can't be nil")
}
return nil
return ValidateRecipientKey(e.Key)
}
14 changes: 7 additions & 7 deletions x/e2ee/types/msg.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,23 +3,23 @@ package types
import (
fmt "fmt"

"filippo.io/age"
sdk "github.com/cosmos/cosmos-sdk/types"
)

var _ sdk.Msg = (*MsgRegisterEncryptionKey)(nil)

func (m *MsgRegisterEncryptionKey) ValidateBasic() error {
if m.Address == "" {
return fmt.Errorf("address cannot be empty")
}
if len(m.Key) == 0 {
return fmt.Errorf("key cannot be nil")
}
// validate bech32 format of Address
if _, err := sdk.AccAddressFromBech32(m.Address); err != nil {
return fmt.Errorf("invalid address: %s", err)
}
return nil
return ValidateRecipientKey(m.Key)
}

func ValidateRecipientKey(key string) error {
_, err := age.ParseX25519Recipient(key)
return err
}

func (m *MsgRegisterEncryptionKey) GetSigners() []sdk.AccAddress {
Expand Down

0 comments on commit bec195e

Please sign in to comment.