Skip to content

Commit 614b1a4

Browse files
Federico2014Federico2014
committed
strengthen the private key validation
1 parent 3b6fe6c commit 614b1a4

File tree

3 files changed

+96
-4
lines changed

3 files changed

+96
-4
lines changed

chainbase/src/main/java/org/tron/common/utils/LocalWitnesses.java

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -85,11 +85,15 @@ private void validate(String privateKey) {
8585
privateKey = privateKey.substring(2);
8686
}
8787

88-
if (StringUtils.isBlank(privateKey) || (StringUtils.isNotBlank(privateKey)
89-
&& privateKey.length() != ChainConstant.PRIVATE_KEY_LENGTH)) {
88+
if (StringUtils.isBlank(privateKey)
89+
|| privateKey.length() != ChainConstant.PRIVATE_KEY_LENGTH) {
9090
throw new IllegalArgumentException(
91-
String.format("private key must be %d-bits hex string, actual: %d",
92-
ChainConstant.PRIVATE_KEY_LENGTH, privateKey.length()));
91+
String.format("private key must be %d hex string, actual: %d",
92+
ChainConstant.PRIVATE_KEY_LENGTH,
93+
StringUtils.isBlank(privateKey) ? 0 : privateKey.length()));
94+
}
95+
if (!StringUtil.isHexadecimal(privateKey)) {
96+
throw new IllegalArgumentException("private key must be hex string");
9397
}
9498
}
9599

common/src/main/java/org/tron/common/utils/StringUtil.java

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,4 +44,14 @@ public static String createReadableString(ByteString string) {
4444
public static ByteString hexString2ByteString(String hexString) {
4545
return ByteString.copyFrom(ByteArray.fromHexString(hexString));
4646
}
47+
48+
public static boolean isHexadecimal(String str) {
49+
for (int i = 0; i < str.length(); i++) {
50+
char c = str.charAt(i);
51+
if (!((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F'))) {
52+
return false;
53+
}
54+
}
55+
return true;
56+
}
4757
}

framework/src/test/java/org/tron/core/config/args/LocalWitnessTest.java

Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,84 @@ public void whenSetPrefixPrivateKey() {
7474
Assert.assertNotNull(localWitness.getPrivateKey());
7575
}
7676

77+
@Test
78+
public void testValidPrivateKey() {
79+
LocalWitnesses localWitnesses = new LocalWitnesses();
80+
81+
try {
82+
localWitnesses.addPrivateKeys(PRIVATE_KEY);
83+
Assert.assertEquals(1, localWitnesses.getPrivateKeys().size());
84+
Assert.assertEquals(PRIVATE_KEY, localWitnesses.getPrivateKeys().get(0));
85+
} catch (Exception e) {
86+
fail(e.getMessage());
87+
}
88+
}
89+
90+
@Test
91+
public void testValidPrivateKeyWithPrefix() {
92+
LocalWitnesses localWitnesses = new LocalWitnesses();
93+
94+
try {
95+
localWitnesses.addPrivateKeys("0x" + PRIVATE_KEY);
96+
Assert.assertEquals(1, localWitnesses.getPrivateKeys().size());
97+
Assert.assertEquals("0x" + PRIVATE_KEY, localWitnesses.getPrivateKeys().get(0));
98+
} catch (Exception e) {
99+
fail(e.getMessage());
100+
}
101+
}
102+
103+
@Test
104+
public void testInvalidPrivateKey() {
105+
LocalWitnesses localWitnesses = new LocalWitnesses();
106+
107+
try {
108+
localWitnesses.addPrivateKeys(null);
109+
fail("should throw IllegalArgumentException");
110+
} catch (IllegalArgumentException e) {
111+
Assert.assertTrue(e.getMessage().contains("private key must be"));
112+
} catch (Exception e) {
113+
fail("should IllegalArgumentException,actual exception: " + e.getClass().getSimpleName());
114+
}
115+
116+
try {
117+
localWitnesses.addPrivateKeys("");
118+
fail("should throw IllegalArgumentException");
119+
} catch (IllegalArgumentException e) {
120+
Assert.assertTrue(e.getMessage().contains("private key must be"));
121+
} catch (Exception e) {
122+
fail("should IllegalArgumentException,actual exception: " + e.getClass().getSimpleName());
123+
}
124+
125+
try {
126+
localWitnesses.addPrivateKeys(" ");
127+
fail("should throw IllegalArgumentException");
128+
} catch (IllegalArgumentException e) {
129+
Assert.assertTrue(e.getMessage().contains("private key must be"));
130+
} catch (Exception e) {
131+
fail("should IllegalArgumentException,actual exception: " + e.getClass().getSimpleName());
132+
}
133+
134+
try {
135+
String privateKey = "11111111111111111111111111111111111111111111111111111111111111 ";
136+
localWitnesses.addPrivateKeys(privateKey);
137+
fail("should throw IllegalArgumentException");
138+
} catch (IllegalArgumentException e) {
139+
Assert.assertTrue(e.getMessage().contains("private key must be hex string"));
140+
} catch (Exception e) {
141+
fail("should IllegalArgumentException,actual exception: " + e.getClass().getSimpleName());
142+
}
143+
144+
try {
145+
String privateKey = "xy11111111111111111111111111111111111111111111111111111111111111";
146+
localWitnesses.addPrivateKeys(privateKey);
147+
fail("should throw IllegalArgumentException");
148+
} catch (IllegalArgumentException e) {
149+
Assert.assertTrue(e.getMessage().contains("private key must be hex string"));
150+
} catch (Exception e) {
151+
fail("should IllegalArgumentException,actual exception: " + e.getClass().getSimpleName());
152+
}
153+
}
154+
77155
@Test
78156
public void getPrivateKey() {
79157
Assert.assertEquals(Lists

0 commit comments

Comments
 (0)