keyfork-mnemonic-util::generate_seed: return const size array
This commit is contained in:
parent
536e6da5ad
commit
02e5b545a4
|
@ -57,7 +57,7 @@ pub async fn start_and_run_server_on(
|
||||||
let service = ServiceBuilder::new()
|
let service = ServiceBuilder::new()
|
||||||
.layer(middleware::BincodeLayer::new())
|
.layer(middleware::BincodeLayer::new())
|
||||||
// TODO: passphrase support and/or store passphrase with mnemonic
|
// TODO: passphrase support and/or store passphrase with mnemonic
|
||||||
.service(Keyforkd::new(mnemonic.generate_seed(None)));
|
.service(Keyforkd::new(mnemonic.generate_seed(None).to_vec()));
|
||||||
|
|
||||||
let mut server = match UnixServer::bind(socket_path) {
|
let mut server = match UnixServer::bind(socket_path) {
|
||||||
Ok(s) => s,
|
Ok(s) => s,
|
||||||
|
|
|
@ -14,7 +14,7 @@ use keyfork_derive_openpgp::{
|
||||||
openpgp::{self, packet::UserID, types::KeyFlags, Cert, serialize::Marshal, armor::{Writer, Kind}},
|
openpgp::{self, packet::UserID, types::KeyFlags, Cert, serialize::Marshal, armor::{Writer, Kind}},
|
||||||
XPrv,
|
XPrv,
|
||||||
};
|
};
|
||||||
use keyfork_derive_util::{DerivationIndex, DerivationPath, VariableLengthSeed};
|
use keyfork_derive_util::{DerivationIndex, DerivationPath};
|
||||||
use keyfork_prompt::{
|
use keyfork_prompt::{
|
||||||
default_terminal,
|
default_terminal,
|
||||||
validators::{SecurePinValidator, Validator},
|
validators::{SecurePinValidator, Validator},
|
||||||
|
@ -196,7 +196,6 @@ fn generate_shard_secret(
|
||||||
fn bottoms_up(key_discovery: &Path, threshold: u8, output_shardfile: &Path, output_cert: &Path, user_id: &str,) -> Result<()> {
|
fn bottoms_up(key_discovery: &Path, threshold: u8, output_shardfile: &Path, output_cert: &Path, user_id: &str,) -> Result<()> {
|
||||||
let entropy = keyfork_entropy::generate_entropy_of_const_size::<{ 256 / 8 }>()?;
|
let entropy = keyfork_entropy::generate_entropy_of_const_size::<{ 256 / 8 }>()?;
|
||||||
let mnemonic = Mnemonic::from_nonstandard_bytes(entropy);
|
let mnemonic = Mnemonic::from_nonstandard_bytes(entropy);
|
||||||
// TODO: make this return const size, since is hash based
|
|
||||||
let seed = mnemonic.generate_seed(None);
|
let seed = mnemonic.generate_seed(None);
|
||||||
|
|
||||||
// TODO: should this allow for customizing the account index from 0? Potential for key reuse
|
// TODO: should this allow for customizing the account index from 0? Potential for key reuse
|
||||||
|
@ -213,7 +212,7 @@ fn bottoms_up(key_discovery: &Path, threshold: u8, output_shardfile: &Path, outp
|
||||||
.set_storage_encryption(),
|
.set_storage_encryption(),
|
||||||
KeyFlags::empty().set_authentication(),
|
KeyFlags::empty().set_authentication(),
|
||||||
];
|
];
|
||||||
let xprv = XPrv::new(VariableLengthSeed::new(&seed))
|
let xprv = XPrv::new(seed)
|
||||||
.expect("could not construct master key from seed")
|
.expect("could not construct master key from seed")
|
||||||
.derive_path(&path)?;
|
.derive_path(&path)?;
|
||||||
let userid = UserID::from(user_id);
|
let userid = UserID::from(user_id);
|
||||||
|
|
|
@ -408,7 +408,7 @@ where
|
||||||
&self,
|
&self,
|
||||||
passphrase: impl Into<Option<&'a str>>,
|
passphrase: impl Into<Option<&'a str>>,
|
||||||
) -> Result<Vec<u8>, MnemonicGenerationError> {
|
) -> Result<Vec<u8>, MnemonicGenerationError> {
|
||||||
Ok(self.generate_seed(passphrase))
|
Ok(self.generate_seed(passphrase).to_vec())
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Create a BIP-0032 seed from the provided data and an optional passphrase.
|
/// Create a BIP-0032 seed from the provided data and an optional passphrase.
|
||||||
|
@ -416,8 +416,7 @@ where
|
||||||
/// # Panics
|
/// # Panics
|
||||||
/// The function may panic if the HmacSha512 function returns an error. The only error the
|
/// The function may panic if the HmacSha512 function returns an error. The only error the
|
||||||
/// HmacSha512 function should return is an invalid length, which should not be possible.
|
/// HmacSha512 function should return is an invalid length, which should not be possible.
|
||||||
///
|
pub fn generate_seed<'a>(&self, passphrase: impl Into<Option<&'a str>>) -> [u8; 64] {
|
||||||
pub fn generate_seed<'a>(&self, passphrase: impl Into<Option<&'a str>>) -> Vec<u8> {
|
|
||||||
let passphrase = passphrase.into();
|
let passphrase = passphrase.into();
|
||||||
|
|
||||||
let mut seed = [0u8; 64];
|
let mut seed = [0u8; 64];
|
||||||
|
@ -425,7 +424,7 @@ where
|
||||||
let salt = ["mnemonic", passphrase.unwrap_or("")].join("");
|
let salt = ["mnemonic", passphrase.unwrap_or("")].join("");
|
||||||
pbkdf2::<Hmac<Sha512>>(mnemonic.as_bytes(), salt.as_bytes(), 2048, &mut seed)
|
pbkdf2::<Hmac<Sha512>>(mnemonic.as_bytes(), salt.as_bytes(), 2048, &mut seed)
|
||||||
.expect(bug!("HmacSha512 InvalidLength should be infallible"));
|
.expect(bug!("HmacSha512 InvalidLength should be infallible"));
|
||||||
seed.to_vec()
|
seed
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Encode the mnemonic into a list of integers 11 bits in length, matching the length of a
|
/// Encode the mnemonic into a list of integers 11 bits in length, matching the length of a
|
||||||
|
|
Loading…
Reference in New Issue