hsmtool: only write 32 bytes to hsm_secret on generatehsm

Fixes #4302 Changelog-fixed: hsmtool: the `generatehsm` command now generates an appropriately-sized hsm_secret Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
2025-02-21 14:24:09 +01:00 · 2021-01-03 00:52:33 +01:00 · 2021-01-03 00:52:33 +01:00 · 19afe15968
commit 19afe15968
parent aa2586a45a
2 changed files with 3 additions and 2 deletions
--- a/tests/test_wallet.py
+++ b/tests/test_wallet.py
@ -1097,7 +1097,6 @@ def test_hsmtool_dump_descriptors(node_factory, bitcoind):
    assert len(bitcoind.rpc.listunspent(1, 1, [addr])) == 1


-@pytest.mark.xfail(strict=True)
@unittest.skipIf(VALGRIND, "It does not play well with prompt and key derivation.")
 def test_hsmtool_generatehsm(node_factory):
    l1 = node_factory.get_node()
--- a/tools/hsmtool.c
+++ b/tools/hsmtool.c
@ -532,7 +532,9 @@ static int generate_hsm(const char *hsm_secret_path)
 	if (fd < 0) {
 		errx(ERROR_USAGE, "Unable to create hsm_secret file");
 	}
-	if (!write_all(fd, bip32_seed, bip32_seed_len))
+	/* Write only the first 32 bytes, length of the (plaintext) seed in the
+	 * hsm_secret. */
+	if (!write_all(fd, bip32_seed, 32))
 		errx(ERROR_USAGE, "Error writing secret to hsm_secret file");

 	if (fsync(fd) != 0)