From 0969b35eec7b1e4a514b9fb3d659706d9f09ee2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Szil=C3=A1gyi?= Date: Wed, 17 Feb 2016 00:38:34 +0200 Subject: crypto: code polish + ensure key file contents match with name --- crypto/key_store_passphrase.go | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 1e8d5509b..2700b0f1c 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -34,7 +34,6 @@ import ( "errors" "fmt" "io" - "reflect" "github.com/ethereum/go-ethereum/common" "github.com/ethereum/go-ethereum/crypto/randentropy" @@ -157,8 +156,7 @@ func DecryptKey(keyjson []byte, auth string) (*Key, error) { keyBytes, keyId []byte err error ) - v := reflect.ValueOf(m["version"]) - if v.Kind() == reflect.String && v.String() == "1" { + if version, ok := m["version"].(string); ok && version == "1" { k := new(encryptedKeyJSONV1) if err := json.Unmarshal(keyjson, k); err != nil { return nil, err @@ -183,12 +181,21 @@ func DecryptKey(keyjson []byte, auth string) (*Key, error) { }, nil } -func decryptKeyFromFile(keysDirPath string, keyAddr common.Address, auth string) (key *Key, err error) { +func decryptKeyFromFile(keysDirPath string, keyAddr common.Address, auth string) (*Key, error) { + // Load the key from the keystore and decrypt its contents keyjson, err := getKeyFile(keysDirPath, keyAddr) if err != nil { return nil, err } - return DecryptKey(keyjson, auth) + key, err := DecryptKey(keyjson, auth) + if err != nil { + return nil, err + } + // Make sure we're really operating on the requested key (no swap attacks) + if keyAddr != key.Address { + return nil, fmt.Errorf("key content mismatch: have account %x, want %x", key.Address, keyAddr) + } + return key, nil } func decryptKeyV3(keyProtected *encryptedKeyJSONV3, auth string) (keyBytes []byte, keyId []byte, err error) { -- cgit v1.2.3