aboutsummaryrefslogtreecommitdiffstats
path: root/accounts
diff options
context:
space:
mode:
authorMatthew Wampler-Doty <matthew.wampler.doty@gmail.com>2015-02-28 05:13:31 +0800
committerMatthew Wampler-Doty <matthew.wampler.doty@gmail.com>2015-02-28 05:13:31 +0800
commit3820a65299831331f215e158d287fe3df3b69ea6 (patch)
treecf7b435109c646aac576ed98eefefb57e1f27223 /accounts
parent8653db6df0018d08212493e3a3df4677162bdd8f (diff)
parent0efd6a881afac0b3082f3b1e8780e3438eea5b02 (diff)
downloaddexon-3820a65299831331f215e158d287fe3df3b69ea6.tar
dexon-3820a65299831331f215e158d287fe3df3b69ea6.tar.gz
dexon-3820a65299831331f215e158d287fe3df3b69ea6.tar.bz2
dexon-3820a65299831331f215e158d287fe3df3b69ea6.tar.lz
dexon-3820a65299831331f215e158d287fe3df3b69ea6.tar.xz
dexon-3820a65299831331f215e158d287fe3df3b69ea6.tar.zst
dexon-3820a65299831331f215e158d287fe3df3b69ea6.zip
Merge branch 'publictests' of github.com:ebuchman/go-ethereum into ethash_pow
Diffstat (limited to 'accounts')
-rw-r--r--accounts/account_manager.go55
-rw-r--r--accounts/accounts_test.go68
2 files changed, 111 insertions, 12 deletions
diff --git a/accounts/account_manager.go b/accounts/account_manager.go
index da0bd8900..3e9fa7799 100644
--- a/accounts/account_manager.go
+++ b/accounts/account_manager.go
@@ -34,33 +34,62 @@ package accounts
import (
crand "crypto/rand"
+
+ "errors"
+ "sync"
+ "time"
+
"github.com/ethereum/go-ethereum/crypto"
)
+var ErrLocked = errors.New("account is locked; please request passphrase")
+
// TODO: better name for this struct?
type Account struct {
Address []byte
}
type AccountManager struct {
- keyStore crypto.KeyStore2
+ keyStore crypto.KeyStore2
+ unlockedKeys map[string]crypto.Key
+ unlockMilliseconds time.Duration
+ mutex sync.RWMutex
}
-// TODO: get key by addr - modify KeyStore2 GetKey to work with addr
-
-// TODO: pass through passphrase for APIs which require access to private key?
-func NewAccountManager(keyStore crypto.KeyStore2) AccountManager {
+func NewAccountManager(keyStore crypto.KeyStore2, unlockMilliseconds time.Duration) AccountManager {
+ keysMap := make(map[string]crypto.Key)
am := &AccountManager{
- keyStore: keyStore,
+ keyStore: keyStore,
+ unlockedKeys: keysMap,
+ unlockMilliseconds: unlockMilliseconds,
}
return *am
}
-func (am *AccountManager) Sign(fromAccount *Account, keyAuth string, toSign []byte) (signature []byte, err error) {
+func (am AccountManager) DeleteAccount(address []byte, auth string) error {
+ return am.keyStore.DeleteKey(address, auth)
+}
+
+func (am *AccountManager) Sign(fromAccount *Account, toSign []byte) (signature []byte, err error) {
+ am.mutex.RLock()
+ unlockedKey := am.unlockedKeys[string(fromAccount.Address)]
+ am.mutex.RUnlock()
+ if unlockedKey.Address == nil {
+ return nil, ErrLocked
+ }
+ signature, err = crypto.Sign(toSign, unlockedKey.PrivateKey)
+ return signature, err
+}
+
+func (am *AccountManager) SignLocked(fromAccount *Account, keyAuth string, toSign []byte) (signature []byte, err error) {
key, err := am.keyStore.GetKey(fromAccount.Address, keyAuth)
if err != nil {
return nil, err
}
+ am.mutex.RLock()
+ am.unlockedKeys[string(fromAccount.Address)] = *key
+ am.mutex.RUnlock()
+ go unlockLater(am, fromAccount.Address)
signature, err = crypto.Sign(toSign, key.PrivateKey)
return signature, err
}
@@ -76,8 +105,6 @@ func (am AccountManager) NewAccount(auth string) (*Account, error) {
return ua, err
}
-// set of accounts == set of keys in given key store
-// TODO: do we need persistence of accounts as well?
func (am *AccountManager) Accounts() ([]Account, error) {
addresses, err := am.keyStore.GetKeyAddresses()
if err != nil {
@@ -93,3 +120,13 @@ func (am *AccountManager) Accounts() ([]Account, error) {
}
return accounts, err
}
+
+func unlockLater(am *AccountManager, addr []byte) {
+ select {
+ case <-time.After(time.Millisecond * am.unlockMilliseconds):
+ }
+ am.mutex.RLock()
+ // TODO: how do we know the key is actually gone from memory?
+ delete(am.unlockedKeys, string(addr))
+ am.mutex.RUnlock()
+}
diff --git a/accounts/accounts_test.go b/accounts/accounts_test.go
index 30e8c6285..44d1d72f1 100644
--- a/accounts/accounts_test.go
+++ b/accounts/accounts_test.go
@@ -5,16 +5,78 @@ import (
"github.com/ethereum/go-ethereum/crypto"
"github.com/ethereum/go-ethereum/crypto/randentropy"
+ "github.com/ethereum/go-ethereum/ethutil"
+ "time"
)
func TestAccountManager(t *testing.T) {
- ks := crypto.NewKeyStorePlain(crypto.DefaultDataDir())
- am := NewAccountManager(ks)
+ ks := crypto.NewKeyStorePlain(ethutil.DefaultDataDir() + "/testaccounts")
+ am := NewAccountManager(ks, 100)
pass := "" // not used but required by API
a1, err := am.NewAccount(pass)
toSign := randentropy.GetEntropyCSPRNG(32)
- _, err = am.Sign(a1, pass, toSign)
+ _, err = am.SignLocked(a1, pass, toSign)
if err != nil {
t.Fatal(err)
}
+
+ // Cleanup
+ time.Sleep(time.Millisecond * 150) // wait for locking
+
+ accounts, err := am.Accounts()
+ if err != nil {
+ t.Fatal(err)
+ }
+ for _, account := range accounts {
+ err := am.DeleteAccount(account.Address, pass)
+ if err != nil {
+ t.Fatal(err)
+ }
+ }
+}
+
+func TestAccountManagerLocking(t *testing.T) {
+ ks := crypto.NewKeyStorePassphrase(ethutil.DefaultDataDir() + "/testaccounts")
+ am := NewAccountManager(ks, 200)
+ pass := "foo"
+ a1, err := am.NewAccount(pass)
+ toSign := randentropy.GetEntropyCSPRNG(32)
+
+ // Signing without passphrase fails because account is locked
+ _, err = am.Sign(a1, toSign)
+ if err != ErrLocked {
+ t.Fatal(err)
+ }
+
+ // Signing with passphrase works
+ _, err = am.SignLocked(a1, pass, toSign)
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ // Signing without passphrase works because account is temp unlocked
+ _, err = am.Sign(a1, toSign)
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ // Signing without passphrase fails after automatic locking
+ time.Sleep(time.Millisecond * time.Duration(250))
+
+ _, err = am.Sign(a1, toSign)
+ if err != ErrLocked {
+ t.Fatal(err)
+ }
+
+ // Cleanup
+ accounts, err := am.Accounts()
+ if err != nil {
+ t.Fatal(err)
+ }
+ for _, account := range accounts {
+ err := am.DeleteAccount(account.Address, pass)
+ if err != nil {
+ t.Fatal(err)
+ }
+ }
}