5.4.5.0, 2023-04-23, leisure

This is an _important_ leisure release and follows right on the heals of 5.4.4.0, because we fixed one thing only to break another in a worse way. By worse I mean that some people with old keys could get a corrupt wallet message on startup. In troubleshooting this issue, as it turns out, there is more to the story than just the compressed flag not being set properly. Gridcoin has been around a long time. A number of older wallets may have keys generated by openssl that aren't handled correctly by the secp256k1 DER parser. We switched over to secp256k1 from openssl for keys in 5.4.0.0, to align with Bitcoin upstream. It is not entirely clear why Bitcoin does not see this issue with old keys. Regardless, to be safe, we have disabled the ability to import HEX formatted keps with importprivkey. This loss of HEX import functionality should affect essentially no one, since the Base58, WIF, form is what everybody uses. *It is highly recommended that EVERYONE upgrade to this release.* Added none Changed none Removed none Fixed - key, rpc: fix key parsing #2682 (@div72)
gridcoin-community · Apr 23, 2023 · 1c6227b · 1c6227b
2 parents d655ee5 + 0868881
commit 1c6227b
Show file tree

Hide file tree

Showing 5 changed files with 55 additions and 20 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,20 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](https://semver.org/).
 
+## [5.4.5.0] 2023-04-23, leisure
+
+### Added
+none
+
+### Changed
+none
+
+### Removed
+none
+
+### Fixed
+ - key, rpc: fix key parsing #2682 (@div72)
+
 ## [5.4.4.0] 2023-04-21, leisure
 
 ### Added

diff --git a/configure.ac b/configure.ac
@@ -2,7 +2,7 @@ dnl require autoconf 2.60 (AS_ECHO/AS_ECHO_N)
 AC_PREREQ([2.60])
 define(_CLIENT_VERSION_MAJOR, 5)
 define(_CLIENT_VERSION_MINOR, 4)
-define(_CLIENT_VERSION_REVISION, 4)
+define(_CLIENT_VERSION_REVISION, 5)
 define(_CLIENT_VERSION_BUILD, 0)
 define(_CLIENT_VERSION_IS_RELEASE, true)
 define(_COPYRIGHT_YEAR, 2023)

diff --git a/src/key.cpp b/src/key.cpp
@@ -284,7 +284,7 @@ bool CKey::SignCompact(const uint256 &hash, std::vector<unsigned char>& vchSig)
 bool CKey::Load(const CPrivKey &seckey, const CPubKey &vchPubKey, bool fSkipCheck=false) {
     if (!ec_seckey_import_der(secp256k1_context_sign, (unsigned char*)begin(), seckey.data(), seckey.size()))
         return false;
-    fCompressed = seckey.size() == CKey::COMPRESSED_SIZE;
+    fCompressed = vchPubKey.IsCompressed();
     fValid = true;
 
     if (fSkipCheck)

diff --git a/src/rpc/net.cpp b/src/rpc/net.cpp
@@ -490,7 +490,7 @@ UniValue sendalert(const UniValue& params, bool fHelp)
             "sendalert <message> <privatekey> <minver> <maxver> <priority> <id> [cancelupto]\n"
             "\n"
             "<message> ----> is the alert text message\n"
-            "<privatekey> -> is hex string of alert master private key\n"
+            "<privatekey> -> is WIF encoded alert master private key\n"
             "<minver> -----> is the minimum applicable internal client version\n"
             "<maxver> -----> is the maximum applicable internal client version\n"
             "<priority> ---> is integer priority number\n"
@@ -517,8 +517,20 @@ UniValue sendalert(const UniValue& params, bool fHelp)
     sMsg << (CUnsignedAlert)alert;
     alert.vchMsg = vector<unsigned char>((unsigned char*)&sMsg.begin()[0], (unsigned char*)&sMsg.end()[0]);
 
-    vector<unsigned char> vchPrivKey = ParseHex(params[1].get_str());
-    key.Load(CPrivKey(vchPrivKey.begin(), vchPrivKey.end()), CPubKey(), true);
+    CBitcoinSecret vchSecret;
+
+    if (!vchSecret.SetString(params[0].get_str())) {
+        throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key");
+    }
+
+    bool fCompressed;
+    CSecret secret = vchSecret.GetSecret(fCompressed);
+    key.Set(secret.begin(), secret.end(), fCompressed);
+
+    if (!key.IsValid()) {
+        throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key");
+    }
+
     if (!key.Sign(Hash(alert.vchMsg), alert.vchSig))
         throw runtime_error(
             "Unable to sign alert, check private key?\n");
@@ -551,7 +563,7 @@ UniValue sendalert2(const UniValue& params, bool fHelp)
             //          0            1    2            3            4        5          6
             "sendalert2 <privatekey> <id> <subverlist> <cancellist> <expire> <priority> <message>\n"
             "\n"
-            "<privatekey> -> is hex string of alert master private key\n"
+            "<privatekey> -> is WIF encoded alert master private key\n"
             "<id> ---------> is the unique alert number\n"
             "<subverlist> -> comma separated list of versions warning applies to\n"
             "<cancellist> -> comma separated ids of alerts to cancel\n"
@@ -591,8 +603,20 @@ UniValue sendalert2(const UniValue& params, bool fHelp)
     sMsg << (CUnsignedAlert)alert;
     alert.vchMsg = vector<unsigned char>((unsigned char*)&sMsg.begin()[0], (unsigned char*)&sMsg.end()[0]);
 
-    vector<unsigned char> vchPrivKey = ParseHex(params[0].get_str());
-    key.Load(CPrivKey(vchPrivKey.begin(), vchPrivKey.end()), CPubKey(), true);
+    CBitcoinSecret vchSecret;
+
+    if (!vchSecret.SetString(params[0].get_str())) {
+        throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key");
+    }
+
+    bool fCompressed;
+    CSecret secret = vchSecret.GetSecret(fCompressed);
+    key.Set(secret.begin(), secret.end(), fCompressed);
+
+    if (!key.IsValid()) {
+        throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key");
+    }
+
     if (!key.Sign(Hash(alert.vchMsg), alert.vchSig))
         throw runtime_error(
             "Unable to sign alert, check private key?\n");

diff --git a/src/wallet/rpcdump.cpp b/src/wallet/rpcdump.cpp
@@ -125,20 +125,17 @@ UniValue importprivkey(const UniValue& params, bool fHelp)
 
     CBitcoinSecret vchSecret;
     CKey key;
-    bool fGood = vchSecret.SetString(strSecret);
 
-    // If CBitcoinSecret key decode failed, try to decode the key as hex
-    if(!fGood)
-    {
-        auto vecsecret = ParseHex(strSecret);
-        if (!key.Load(CPrivKey(vecsecret.begin(), vecsecret.end()), CPubKey(), /*fSkipCheck=*/true))
-            throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key");
+    if (!vchSecret.SetString(strSecret)) {
+        throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key.");
     }
-    else
-    {
-        bool fCompressed;
-        CSecret secret = vchSecret.GetSecret(fCompressed);
-        key.Set(secret.begin(), secret.end(), fCompressed);
+
+    bool fCompressed;
+    CSecret secret = vchSecret.GetSecret(fCompressed);
+    key.Set(secret.begin(), secret.end(), fCompressed);
+
+    if (!key.IsValid()) {
+        throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key.");
     }
 
     if (fWalletUnlockStakingOnly)