WIP: trade-bot: add xprv validation method to BTC class and use that for API call /crosschain/tradebot/respond instead of vague byte-length check

2020-07-29 18:11:47 +01:00 · 2020-07-29 18:11:47 +01:00 · d85b746021
commit d85b746021
parent e2dc91c1ea
2 changed files with 10 additions and 8 deletions
--- a/src/main/java/org/qortal/api/resource/CrossChainResource.java
+++ b/src/main/java/org/qortal/api/resource/CrossChainResource.java
@ -1028,15 +1028,8 @@ public class CrossChainResource {
 		if (atAddress == null || !Crypto.isValidAtAddress(atAddress))
 			throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.INVALID_ADDRESS);

-		final byte[] xprv;
-		try {
-			xprv = Base58.decode(tradeBotRespondRequest.xprv58);
-
-			if (xprv.length != 4 + 1 + 4 + 4 + 32 + 33 + 4)
-				throw  ApiExceptionFactory.INSTANCE.createException(request, ApiError.INVALID_PRIVATE_KEY);
-		} catch (NumberFormatException e) {
+		if (!BTC.getInstance().isValidXprv(tradeBotRespondRequest.xprv58))
 			throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.INVALID_PRIVATE_KEY);
-		}

 		// Extract data from cross-chain trading AT
 		try (final Repository repository = RepositoryManager.getRepository()) {
--- a/src/main/java/org/qortal/crosschain/BTC.java
+++ b/src/main/java/org/qortal/crosschain/BTC.java
@ -117,6 +117,15 @@ public class BTC {
 		return format(Coin.valueOf(amount));
 	}

+	public boolean isValidXprv(String xprv58) {
+		try {
+			DeterministicKey.deserializeB58(null, xprv58, this.params);
+			return true;
+		} catch (IllegalArgumentException e) {
+			return false;
+		}
+	}
+
 	/** Returns P2PKH Bitcoin address using passed public key hash. */
 	public String pkhToAddress(byte[] publicKeyHash) {
 		return LegacyAddress.fromPubKeyHash(this.params, publicKeyHash).toString();