From c070fcbdebc237eae47f37fe7f2f50004b9010af Mon Sep 17 00:00:00 2001 From: buttercat1791 Date: Fri, 31 May 2024 08:15:48 -0500 Subject: Loop key generation until validation succeeds --- src/signer/noscrypt_signer.cpp | 51 +++++++++++++++++------------------------- 1 file changed, 20 insertions(+), 31 deletions(-) (limited to 'src') diff --git a/src/signer/noscrypt_signer.cpp b/src/signer/noscrypt_signer.cpp index 5d966ba..6bc9af0 100644 --- a/src/signer/noscrypt_signer.cpp +++ b/src/signer/noscrypt_signer.cpp @@ -122,13 +122,19 @@ tuple nostr::signer::NoscryptSigner::_createLocalKeypair() random_device rd; mt19937 gen(rd()); - uniform_int_distribution<> dist(0, NC_SEC_KEY_SIZE); - generate_n(secretKey.get()->key, NC_SEC_KEY_SIZE, [&]() { return dist(gen); }); + uniform_int_distribution<> dist(0, sizeof(NCSecretKey)); - // Check the validity of the secret key. - NCResult secretValidationResult = NCValidateSecretKey(this->_noscryptContext.get(), secretKey.get()); - this->_logNoscryptSecretValidationResult(secretValidationResult); + // Loop attempts to generate a secret key until a valid key is produced. + // Limit the number of attempts to prevent resource exhaustion in the event of a failure. + NCResult secretValidationResult; + int loopCount = 0; + do + { + generate_n(secretKey.get()->key, sizeof(NCSecretKey), [&]() { return dist(gen); }); + secretValidationResult = NCValidateSecretKey(this->_noscryptContext.get(), secretKey.get()); + } while (secretValidationResult != NC_SUCCESS && ++loopCount < 1024); + this->_logNoscryptSecretValidationResult(secretValidationResult); if (secretValidationResult != NC_SUCCESS) { // Return empty strings if the secret key generation fails. @@ -137,7 +143,7 @@ tuple nostr::signer::NoscryptSigner::_createLocalKeypair() // Convert the buffer into a hex string for a more human-friendly representation. stringstream secretKeyStream; - for (int i = 0; i < NC_SEC_KEY_SIZE; i++) + for (int i = 0; i < sizeof(NCSecretKey); i++) { secretKeyStream << hex << setw(2) << setfill('0') << static_cast(secretKey->key[i]); } @@ -160,7 +166,7 @@ tuple nostr::signer::NoscryptSigner::_createLocalKeypair() // Convert the now-populated pubkey buffer into a hex string for the pubkey representation // used by Nostr events. stringstream pubkeyStream; - for (int i = 0; i < NC_SEC_KEY_SIZE; i++) + for (int i = 0; i < sizeof(NCPublicKey); i++) { pubkeyStream << hex << setw(2) << setfill('0') << static_cast(pubkey->key[i]); } @@ -202,30 +208,13 @@ void nostr::signer::NoscryptSigner::_logNoscryptInitResult(NCResult initResult) void nostr::signer::NoscryptSigner::_logNoscryptSecretValidationResult(NCResult secretValidationResult) { - switch (secretValidationResult) { - case NC_SUCCESS: - PLOG_INFO << "noscrypt - success: Generated a valid secret key."; - break; - - case E_NULL_PTR: - PLOG_ERROR << "noscrypt - error: A null pointer was passed to the secret key validation function."; - break; - - case E_INVALID_ARG: - PLOG_ERROR << "noscrypt - error: An invalid argument was passed to the secret key validation function."; - break; - - case E_INVALID_CONTEXT: - PLOG_ERROR << "noscrypt - error: The NCContext struct is in an invalid state."; - break; - - case E_ARGUMENT_OUT_OF_RANGE: - PLOG_ERROR << "noscrypt - error: An argument was outside the range of acceptable values."; - break; - - case E_OPERATION_FAILED: - PLOG_ERROR << "noscrypt - error: Failed to validate the generated secret key."; - break; + if (secretValidationResult == NC_SUCCESS) + { + PLOG_INFO << "noscrypt_signer - success: Generated a valid secret key."; + } + else + { + PLOG_ERROR << "noscrypt_signer - error: Failed to generate a valid secret key."; } }; -- cgit