[refactor] hyperledger-iroha#3240: Guard against secrets leakage

Signed-off-by: Dmitry Murzin <[email protected]>
dima74 · Apr 17, 2024 · ae088ba · ae088ba
1 parent 2cece35
commit ae088ba
Show file tree

Hide file tree

Showing 7 changed files with 230 additions and 56 deletions.
diff --git a/cli/src/lib.rs b/cli/src/lib.rs
@@ -649,6 +649,19 @@ mod tests {
             base
         }
 
+        fn config_to_toml_value(config: PartialUserConfig) -> Result<toml::Value> {
+            let private_key = config.private_key.as_ref().unwrap().clone();
+            let mut result = toml::Value::try_from(config)?;
+
+            // private key will be serialized as "[REDACTED]" so need to restore it
+            let private_key = iroha_crypto::ExposedPrivateKey(private_key);
+            let private_key = toml::Value::try_from(private_key)?;
+            result["private_key"] = private_key.clone();
+            result["genesis"]["private_key"] = private_key;
+
+            Ok(result)
+        }
+
         #[test]
         fn relative_file_paths_resolution() -> Result<()> {
             // Given
@@ -663,7 +676,7 @@ mod tests {
                 cfg.kura.store_dir.set("../storage".into());
                 cfg.snapshot.store_dir.set("../snapshots".into());
                 cfg.dev_telemetry.out_file.set("../logs/telemetry".into());
-                toml::Value::try_from(cfg)?
+                config_to_toml_value(cfg)?
             };
 
             let dir = tempfile::tempdir()?;
@@ -722,7 +735,7 @@ mod tests {
             let config = {
                 let mut cfg = config_factory();
                 cfg.genesis.file.set("./genesis.json".into());
-                toml::Value::try_from(cfg)?
+                config_to_toml_value(cfg)?
             };
 
             let dir = tempfile::tempdir()?;

diff --git a/config/tests/fixtures.rs b/config/tests/fixtures.rs
@@ -63,9 +63,7 @@ fn minimal_config_snapshot() -> Result<()> {
                             "ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB",
                         ),
                     ),
-                    private_key: ed25519(
-                        "8F4C15E5D664DA3F13778801D23D4E89B76E94C1B94B389544168B6CB894F84F8BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB",
-                    ),
+                    private_key: "[REDACTED PrivateKey]",
                 },
                 p2p_address: 127.0.0.1:1337,
             },
@@ -309,9 +307,7 @@ fn full_envs_set_is_consumed() -> Result<()> {
                 ),
             ),
             private_key: Some(
-                ed25519(
-                    "8F4C15E5D664DA3F13778801D23D4E89B76E94C1B94B389544168B6CB894F84F8BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB",
-                ),
+                "[REDACTED PrivateKey]",
             ),
             genesis: GenesisPartial {
                 public_key: Some(
@@ -322,9 +318,7 @@ fn full_envs_set_is_consumed() -> Result<()> {
                     ),
                 ),
                 private_key: Some(
-                    ed25519(
-                        "8F4C15E5D664DA3F13778801D23D4E89B76E94C1B94B389544168B6CB894F84F8BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB",
-                    ),
+                    "[REDACTED PrivateKey]",
                 ),
                 file: None,
             },