tyiu/damus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add alert to warn against posting nsec1 private keys

Browse Source 
Changelog-Added: Warn when attempting to post an nsec key
Closes: #498
This commit is contained in:
Terry Yiu
2023-02-02 23:27:37 -05:00
committed by William Casarin
parent 1e44d97a97
commit 852609ee30
4 changed files with 48 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
damus/Util/Keys.swift
View File

@@ -158,6 +158,20 @@ func get_saved_privkey() -> String? {
return mkey.map { $0.trimmingCharacters(in: .whitespaces) }
}
/**
Detects whether a string might contain an nsec1 prefixed private key.
It does not determine if it's the current user's private key and does not verify if it is properly encoded or has the right length.
*/
func contentContainsPrivateKey(_ content: String) -> Bool {
if #available(iOS 16.0, *) {
return content.contains(/nsec1[02-9ac-z]+/)
} else {
let regex = try! NSRegularExpression(pattern: "nsec1[02-9ac-z]+")
return (regex.firstMatch(in: content, range: NSRange(location: 0, length: content.count)) != nil)
}
}
fileprivate func removePrivateKeyFromUserDefaults() throws {
guard let privKey = UserDefaults.standard.string(forKey: "privkey") else { return }
try save_privkey(privkey: privKey)