def test_import_custom_keystore(tmpdir):
# Too short - 32 bytes is required
custom_secret = b'tooshort'
with pytest.raises(ValueError, match=f'Entropy bytes bust be exactly {SecretKey.serialized_size()}.'):
_keystore = Keystore.import_secure(key_material=custom_secret,
password=INSECURE_DEVELOPMENT_PASSWORD,
keystore_dir=tmpdir)
# Too short - 32 bytes is required
custom_secret = b'thisisabunchofbytesthatisabittoolong'
with pytest.raises(ValueError, match=f'Entropy bytes bust be exactly {SecretKey.serialized_size()}.'):
_keystore = Keystore.import_secure(key_material=custom_secret,
password=INSECURE_DEVELOPMENT_PASSWORD,
keystore_dir=tmpdir)
# Import private key
custom_secret = os.urandom(SecretKey.serialized_size()) # insecure but works
keystore = Keystore.import_secure(key_material=custom_secret,
password=INSECURE_DEVELOPMENT_PASSWORD,
keystore_dir=tmpdir)
keystore.unlock(password=INSECURE_DEVELOPMENT_PASSWORD)
assert keystore._Keystore__secret == custom_secret
keystore.lock()
path = keystore.keystore_path
del keystore
# Restore custom secret from encrypted keystore file
keystore = Keystore(keystore_path=path)
keystore.unlock(password=INSECURE_DEVELOPMENT_PASSWORD)
assert keystore._Keystore__secret == custom_secret
def import_secure(cls,
key_material: bytes,
password: str,
keystore_dir: Optional[Path] = None) -> 'Keystore':
"""
Generate a Keystore using a a custom pre-secured entropy blob.
This method of keystore creation does not generate a mnemonic phrase - it is assumed
that the provided blob is recoverable and secure.
"""
emitter = StdoutEmitter()
emitter.message(
f'WARNING: Key importing assumes that you have already secured your secret '
f'and can recover it. No mnemonic will be generated.\n',
color='yellow')
if len(key_material) != SecretKey.serialized_size():
raise ValueError(
f'Entropy bytes bust be exactly {SecretKey.serialized_size()}.'
)
path = Keystore.__save(secret=key_material,
password=password,
keystore_dir=keystore_dir)
keystore = cls(keystore_path=path)
return keystore