Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Key Manager] CryptoJS.AES #9

Merged
merged 1 commit into from
Jan 31, 2024
Merged

[Key Manager] CryptoJS.AES #9

merged 1 commit into from
Jan 31, 2024

Conversation

bh2smith
Copy link
Contributor

@bh2smith bh2smith commented Jan 31, 2024
edited
Loading

Here is an example using a different encryption engine. This one does not make use of a nonce.

Closes #6

Test Plan

New e2e test.

@bh2smith bh2smith requested a review from tifrel January 31, 2024 13:15
@bh2smith bh2smith changed the title [Key Manager] CryptoJs.AES [Key Manager] CryptoJS.AES Jan 31, 2024
@bh2smith bh2smith mentioned this pull request Jan 31, 2024
Merged
Base automatically changed from expand-ts-lib to main January 31, 2024 13:37
tifrel
tifrel requested changes Jan 31, 2024
View reviewed changes
ts-lib/src/encryption/cryptojs.ts
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we plan to offer multiple encryption options? I think that makes it a lot more complicated...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, I am just testing our options at the moment.

However, I do think that having the interface and some indication of the encryption algorithm used would be good for upgrades and backwards compatibility.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Captured by #11

ts-lib/tests/contract.test.ts

await keyManager.encryptAndSetKey(ethWallet, privateKey);

const decryptedKey = await keyManager.retrieveAndDecryptKey({
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's make this API "symmetrical", so if we pass EthWallet to encryptAndSet, we should get back EthWallet from retrieveAndDecrypt, same for the XSalsa encryption

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a good idea. Lets see if there is a way to construct an EthWallet object from just a private key.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will have to do a bit here to determine exactly what should be passed in and out of this function.

calling ethers.Wallet.createRandom() comes with a lot more info that just new ethers.Wallet(privateKey)

Example

    Before HDNodeWallet {
      provider: null,
      address: '0xF3ddfF45A25C9464c0489dD88dbF74BbF18Bf175',
      publicKey: '0x02a7f5e094f538b2676cc306e536035880bd24d785073769a4a9c862e31700d6da',
      fingerprint: '0xe6c847e5',
      parentFingerprint: '0x60194bc1',
      mnemonic: Mnemonic {
        phrase: 'leader film divide garage trust venture produce when remind become clog skate',
        password: '',
        wordlist: LangEn { locale: 'en' },
        entropy: '0x7e8ac8ffafbe9be4aaefd1b5c27cae65'
      },
      chainCode: '0xfe609a47f6a94ebbdedc28df21d285e883616fef683d0f841478e788f4880a4b',
      path: "m/44'/60'/0'/0/0",
      index: 0,
      depth: 5
    }

    After Wallet {
      provider: null,
      address: '0xF3ddfF45A25C9464c0489dD88dbF74BbF18Bf175'
    }

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What might be better is not passing ethers.Wallet object, but merely the privateKey. Then we can easily assert the length and format as well. Currently the decryption method returns only the privateKey anyway.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this suggestion would be more suitable to change after this PR is merged (since everything is working as expected and its going to be a bigger change).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please see #10 for changes related to this.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since the linked PR was approved, I will assume this is ok too.

@bh2smith bh2smith requested a review from tifrel January 31, 2024 14:08
@bh2smith bh2smith mentioned this pull request Jan 31, 2024
Open
@bh2smith bh2smith merged commit 455100a into main Jan 31, 2024
2 checks passed
@bh2smith bh2smith deleted the crypto-js branch January 31, 2024 18:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tifrel tifrel Awaiting requested review from tifrel

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Evaluate CryptoJS as Encryption Library
2 participants
@bh2smith @tifrel