diff options
author | Drake Burroughs <wildfyre@hotmail.com> | 2015-10-23 22:49:36 +0800 |
---|---|---|
committer | Drake Burroughs <wildfyre@hotmail.com> | 2015-10-29 01:46:39 +0800 |
commit | 05ea8926c32a97d9f193a69076037b7a704d6d92 (patch) | |
tree | 704b8897b7a0751fb6e7043bc8cc2baec923a496 /crypto | |
parent | 6b5a42a15ca54749d41c0b29b4a26ebb3a1a53f0 (diff) | |
download | dexon-05ea8926c32a97d9f193a69076037b7a704d6d92.tar dexon-05ea8926c32a97d9f193a69076037b7a704d6d92.tar.gz dexon-05ea8926c32a97d9f193a69076037b7a704d6d92.tar.bz2 dexon-05ea8926c32a97d9f193a69076037b7a704d6d92.tar.lz dexon-05ea8926c32a97d9f193a69076037b7a704d6d92.tar.xz dexon-05ea8926c32a97d9f193a69076037b7a704d6d92.tar.zst dexon-05ea8926c32a97d9f193a69076037b7a704d6d92.zip |
cmd/utils, crypto: add --lightkdf flag for lighter KDF
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/crypto.go | 2 | ||||
-rw-r--r-- | crypto/key_store_passphrase.go | 35 | ||||
-rw-r--r-- | crypto/key_store_test.go | 8 |
3 files changed, 27 insertions, 18 deletions
diff --git a/crypto/crypto.go b/crypto/crypto.go index 035d2ab80..8685d62d3 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -215,7 +215,7 @@ func Decrypt(prv *ecdsa.PrivateKey, ct []byte) ([]byte, error) { // Used only by block tests. func ImportBlockTestKey(privKeyBytes []byte) error { - ks := NewKeyStorePassphrase(common.DefaultDataDir() + "/keystore") + ks := NewKeyStorePassphrase(common.DefaultDataDir()+"/keystore", LightScryptN, LightScryptP) ecKey := ToECDSA(privKeyBytes) key := &Key{ Id: uuid.NewRandom(), diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index c7ee00987..94411d2f9 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -45,19 +45,29 @@ import ( const ( keyHeaderKDF = "scrypt" - // 2^18 / 8 / 1 uses 256MB memory and approx 1s CPU time on a modern CPU. - scryptN = 1 << 18 - scryptr = 8 - scryptp = 1 - scryptdkLen = 32 + + // n,r,p = 2^18, 8, 1 uses 256MB memory and approx 1s CPU time on a modern CPU. + StandardScryptN = 1 << 18 + StandardScryptP = 1 + + // n,r,p = 2^12, 8, 6 uses 4MB memory and approx 100ms CPU time on a modern CPU. + LightScryptN = 1 << 12 + LightScryptP = 6 + + scryptR = 8 + scryptDKLen = 32 ) type keyStorePassphrase struct { keysDirPath string + scryptN int + scryptP int + scryptR int + scryptDKLen int } -func NewKeyStorePassphrase(path string) KeyStore { - return &keyStorePassphrase{path} +func NewKeyStorePassphrase(path string, scryptN int, scryptP int) KeyStore { + return &keyStorePassphrase{path, scryptN, scryptP, scryptR, scryptDKLen} } func (ks keyStorePassphrase) GenerateNewKey(rand io.Reader, auth string) (key *Key, err error) { @@ -87,11 +97,10 @@ func (ks keyStorePassphrase) GetKeyAddresses() (addresses []common.Address, err func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { authArray := []byte(auth) salt := randentropy.GetEntropyCSPRNG(32) - derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen) + derivedKey, err := scrypt.Key(authArray, salt, ks.scryptN, ks.scryptR, ks.scryptP, ks.scryptDKLen) if err != nil { return err } - encryptKey := derivedKey[:16] keyBytes := FromECDSA(key.PrivateKey) @@ -104,10 +113,10 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { mac := Sha3(derivedKey[16:32], cipherText) scryptParamsJSON := make(map[string]interface{}, 5) - scryptParamsJSON["n"] = scryptN - scryptParamsJSON["r"] = scryptr - scryptParamsJSON["p"] = scryptp - scryptParamsJSON["dklen"] = scryptdkLen + scryptParamsJSON["n"] = ks.scryptN + scryptParamsJSON["r"] = ks.scryptR + scryptParamsJSON["p"] = ks.scryptP + scryptParamsJSON["dklen"] = ks.scryptDKLen scryptParamsJSON["salt"] = hex.EncodeToString(salt) cipherParamsJSON := cipherparamsJSON{ diff --git a/crypto/key_store_test.go b/crypto/key_store_test.go index de4a21dcf..5a44a6026 100644 --- a/crypto/key_store_test.go +++ b/crypto/key_store_test.go @@ -56,7 +56,7 @@ func TestKeyStorePlain(t *testing.T) { } func TestKeyStorePassphrase(t *testing.T) { - ks := NewKeyStorePassphrase(common.DefaultDataDir()) + ks := NewKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP) pass := "foo" k1, err := ks.GenerateNewKey(randentropy.Reader, pass) if err != nil { @@ -82,7 +82,7 @@ func TestKeyStorePassphrase(t *testing.T) { } func TestKeyStorePassphraseDecryptionFail(t *testing.T) { - ks := NewKeyStorePassphrase(common.DefaultDataDir()) + ks := NewKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP) pass := "foo" k1, err := ks.GenerateNewKey(randentropy.Reader, pass) if err != nil { @@ -110,7 +110,7 @@ func TestImportPreSaleKey(t *testing.T) { // python pyethsaletool.py genwallet // with password "foo" fileContent := "{\"encseed\": \"26d87f5f2bf9835f9a47eefae571bc09f9107bb13d54ff12a4ec095d01f83897494cf34f7bed2ed34126ecba9db7b62de56c9d7cd136520a0427bfb11b8954ba7ac39b90d4650d3448e31185affcd74226a68f1e94b1108e6e0a4a91cdd83eba\", \"ethaddr\": \"d4584b5f6229b7be90727b0fc8c6b91bb427821f\", \"email\": \"gustav.simonsson@gmail.com\", \"btcaddr\": \"1EVknXyFC68kKNLkh6YnKzW41svSRoaAcx\"}" - ks := NewKeyStorePassphrase(common.DefaultDataDir()) + ks := NewKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP) pass := "foo" _, err := ImportPreSaleKey(ks, []byte(fileContent), pass) if err != nil { @@ -168,7 +168,7 @@ func TestV1_1(t *testing.T) { } func TestV1_2(t *testing.T) { - ks := NewKeyStorePassphrase("tests/v1") + ks := NewKeyStorePassphrase("tests/v1", LightScryptN, LightScryptP) addr := common.HexToAddress("cb61d5a9c4896fb9658090b597ef0e7be6f7b67e") k, err := ks.GetKey(addr, "g") if err != nil { |