Improve bls::SecretKey privacy (#1164)

* Improve bls::SecretKey privacy * Add missed file * Remove more methods from bls::SecretKey * Add as_bytes() to SecretKey, remove as_raw * Remove as_raw * Add back as_raw * Address review comments
2026-04-26 01:03:40 +00:00 · 2020-05-19 11:23:08 +10:00
parent 314fae41fe
commit c93f9c351b
26 changed files with 102 additions and 295 deletions
--- a/crypto/eth2_wallet/tests/tests.rs
+++ b/crypto/eth2_wallet/tests/tests.rs
@@ -4,7 +4,6 @@ use eth2_wallet::{
    bip39::{Language, Mnemonic, Seed},
    recover_validator_secret, DerivedKey, Error, KeyType, KeystoreError, Wallet, WalletBuilder,
 };
-use ssz::Encode;
 use std::fs::OpenOptions;
 use tempfile::tempdir;

@@ -243,14 +242,14 @@ fn key_derivation_from_seed() {
            .expect("should decrypt voting keypair");

        assert_eq!(
-            voting_keypair.sk.as_ssz_bytes(),
-            manually_derived_voting_key(i),
+            voting_keypair.sk.as_bytes().as_ref(),
+            &manually_derived_voting_key(i)[..],
            "voting secret should match manually derived"
        );

        assert_eq!(
-            voting_keypair.sk.as_ssz_bytes(),
-            recovered_voting_key(&wallet, i),
+            voting_keypair.sk.as_bytes().as_ref(),
+            &recovered_voting_key(&wallet, i)[..],
            "voting secret should match recovered"
        );

@@ -260,20 +259,20 @@ fn key_derivation_from_seed() {
            .expect("should decrypt withdrawal keypair");

        assert_eq!(
-            withdrawal_keypair.sk.as_ssz_bytes(),
-            manually_derived_withdrawal_key(i),
+            withdrawal_keypair.sk.as_bytes().as_ref(),
+            &manually_derived_withdrawal_key(i)[..],
            "withdrawal secret should match manually derived"
        );

        assert_eq!(
-            withdrawal_keypair.sk.as_ssz_bytes(),
-            recovered_withdrawal_key(&wallet, i),
+            withdrawal_keypair.sk.as_bytes().as_ref(),
+            &recovered_withdrawal_key(&wallet, i)[..],
            "withdrawal secret should match recovered"
        );

        assert_ne!(
-            withdrawal_keypair.sk.as_ssz_bytes(),
-            voting_keypair.sk.as_ssz_bytes(),
+            withdrawal_keypair.sk.as_bytes().as_ref(),
+            voting_keypair.sk.as_bytes().as_bytes(),
            "voting and withdrawal keypairs should be distinct"
        );