Enhance sanity check for keys returned from getRequiredKey #83

anguyenqd · 2019-05-20T14:00:02Z

In TransactionProcessor#createSignatureRequest method, we have a sanity check whether the list of keys returned from backend by calling getRequiredKeys is a subset of provided available keys.

Check the part "Subset of keys returned in GetRequiredKeysResponse.requiredKeys ?" at
EOSIO-java v 1.7.1 - createSignatureRequest workflow.pdf

The problem happens when input user's SECP256K1 public key format in available keys is not the same with SECP256K1 public key format returned from backend. Example : EOSXXXX.. vs PUB_K1_XXXX. The sanity check will fail the process and throw exception because it is using String comparison.

So far, there are 2 solutions for that:

Remove the sanity check.
Enhance the sanity check by using PEM format comparison instead of String comparison.

The text was updated successfully, but these errors were encountered:

anguyenqd added the enhancement New feature or request label May 20, 2019

anguyenqd mentioned this issue May 22, 2019

Feature/better handle k1 public key format on signing EOSIO/eosio-java-softkey-signature-provider#30

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Enhance sanity check for keys returned from getRequiredKey #83

Enhance sanity check for keys returned from getRequiredKey #83

anguyenqd commented May 20, 2019

Enhance sanity check for keys returned from getRequiredKey #83

Enhance sanity check for keys returned from getRequiredKey #83

Comments

anguyenqd commented May 20, 2019