accounts, crypto: move keystore to package accounts

The account management API was originally implemented as a thin layer
around crypto.KeyStore, on the grounds that several kinds of key stores
would be implemented later on. It turns out that this won't happen so
KeyStore is a superflous abstraction.

In this commit crypto.KeyStore and everything related to it moves to
package accounts and is unexported.

13 files changed, 1242 insertions, 52 deletions

diff --git a/accounts/abi/bind/auth.go b/accounts/abi/bind/auth.go
index 624f995b0..2cf22768c 100644
--- a/accounts/abi/bind/auth.go
+++ b/accounts/abi/bind/auth.go
@@ -17,10 +17,12 @@
 package bind
 
 import (
+	"crypto/ecdsa"
 	"errors"
 	"io"
 	"io/ioutil"
 
+	"github.com/ethereum/go-ethereum/accounts"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/core/types"
 	"github.com/ethereum/go-ethereum/crypto"
@@ -33,23 +35,24 @@ func NewTransactor(keyin io.Reader, passphrase string) (*TransactOpts, error) {
 	if err != nil {
 		return nil, err
 	}
-	key, err := crypto.DecryptKey(json, passphrase)
+	key, err := accounts.DecryptKey(json, passphrase)
 	if err != nil {
 		return nil, err
 	}
-	return NewKeyedTransactor(key), nil
+	return NewKeyedTransactor(key.PrivateKey), nil
 }
 
 // NewKeyedTransactor is a utility method to easily create a transaction signer
-// from a plain go-ethereum crypto key.
-func NewKeyedTransactor(key *crypto.Key) *TransactOpts {
+// from a single private key.
+func NewKeyedTransactor(key *ecdsa.PrivateKey) *TransactOpts {
+	keyAddr := crypto.PubkeyToAddress(key.PublicKey)
 	return &TransactOpts{
-		From: key.Address,
+		From: keyAddr,
 		Signer: func(address common.Address, tx *types.Transaction) (*types.Transaction, error) {
-			if address != key.Address {
+			if address != keyAddr {
 				return nil, errors.New("not authorized to sign this account")
 			}
-			signature, err := crypto.Sign(tx.SigHash().Bytes(), key.PrivateKey)
+			signature, err := crypto.Sign(tx.SigHash().Bytes(), key)
 			if err != nil {
 				return nil, err
 			}
diff --git a/accounts/abi/bind/bind_test.go b/accounts/abi/bind/bind_test.go
index 3f02af017..5c36bc48f 100644
--- a/accounts/abi/bind/bind_test.go
+++ b/accounts/abi/bind/bind_test.go
@@ -167,11 +167,9 @@ var bindTests = []struct {
 		`[{"constant":true,"inputs":[],"name":"transactString","outputs":[{"name":"","type":"string"}],"type":"function"},{"constant":true,"inputs":[],"name":"deployString","outputs":[{"name":"","type":"string"}],"type":"function"},{"constant":false,"inputs":[{"name":"str","type":"string"}],"name":"transact","outputs":[],"type":"function"},{"inputs":[{"name":"str","type":"string"}],"type":"constructor"}]`,
 		`
 			// Generate a new random account and a funded simulator
-			key := crypto.NewKey(rand.Reader)
-			sim := backends.NewSimulatedBackend(core.GenesisAccount{Address: key.Address, Balance: big.NewInt(10000000000)})
-
-			// Convert the tester key to an authorized transactor for ease of use
+			key, _ := crypto.GenerateKey()
 			auth := bind.NewKeyedTransactor(key)
+			sim := backends.NewSimulatedBackend(core.GenesisAccount{Address: auth.From, Balance: big.NewInt(10000000000)})
 
 			// Deploy an interaction tester contract and call a transaction on it
 			_, _, interactor, err := DeployInteractor(auth, sim, "Deploy string")
@@ -210,11 +208,9 @@ var bindTests = []struct {
 		`[{"constant":true,"inputs":[],"name":"tuple","outputs":[{"name":"a","type":"string"},{"name":"b","type":"int256"},{"name":"c","type":"bytes32"}],"type":"function"}]`,
 		`
 			// Generate a new random account and a funded simulator
-			key := crypto.NewKey(rand.Reader)
-			sim := backends.NewSimulatedBackend(core.GenesisAccount{Address: key.Address, Balance: big.NewInt(10000000000)})
-
-			// Convert the tester key to an authorized transactor for ease of use
+			key, _ := crypto.GenerateKey()
 			auth := bind.NewKeyedTransactor(key)
+			sim := backends.NewSimulatedBackend(core.GenesisAccount{Address: auth.From, Balance: big.NewInt(10000000000)})
 
 			// Deploy a tuple tester contract and execute a structured call on it
 			_, _, tupler, err := DeployTupler(auth, sim)
@@ -252,11 +248,9 @@ var bindTests = []struct {
 		`[{"constant":true,"inputs":[{"name":"input","type":"address[]"}],"name":"echoAddresses","outputs":[{"name":"output","type":"address[]"}],"type":"function"},{"constant":true,"inputs":[{"name":"input","type":"uint24[23]"}],"name":"echoFancyInts","outputs":[{"name":"output","type":"uint24[23]"}],"type":"function"},{"constant":true,"inputs":[{"name":"input","type":"int256[]"}],"name":"echoInts","outputs":[{"name":"output","type":"int256[]"}],"type":"function"},{"constant":true,"inputs":[{"name":"input","type":"bool[]"}],"name":"echoBools","outputs":[{"name":"output","type":"bool[]"}],"type":"function"}]`,
 		`
 			// Generate a new random account and a funded simulator
-			key := crypto.NewKey(rand.Reader)
-			sim := backends.NewSimulatedBackend(core.GenesisAccount{Address: key.Address, Balance: big.NewInt(10000000000)})
-
-			// Convert the tester key to an authorized transactor for ease of use
+			key, _ := crypto.GenerateKey()
 			auth := bind.NewKeyedTransactor(key)
+			sim := backends.NewSimulatedBackend(core.GenesisAccount{Address: auth.From, Balance: big.NewInt(10000000000)})
 
 			// Deploy a slice tester contract and execute a n array call on it
 			_, _, slicer, err := DeploySlicer(auth, sim)
@@ -265,10 +259,10 @@ var bindTests = []struct {
 			}
 			sim.Commit()
 
-			if out, err := slicer.EchoAddresses(nil, []common.Address{key.Address, common.Address{}}); err != nil {
+			if out, err := slicer.EchoAddresses(nil, []common.Address{auth.From, common.Address{}}); err != nil {
 					t.Fatalf("Failed to call slice echoer: %v", err)
-			} else if !reflect.DeepEqual(out, []common.Address{key.Address, common.Address{}}) {
-					t.Fatalf("Slice return mismatch: have %v, want %v", out, []common.Address{key.Address, common.Address{}})
+			} else if !reflect.DeepEqual(out, []common.Address{auth.From, common.Address{}}) {
+					t.Fatalf("Slice return mismatch: have %v, want %v", out, []common.Address{auth.From, common.Address{}})
 			}
 		`,
 	},
@@ -288,11 +282,9 @@ var bindTests = []struct {
 		`[{"constant":true,"inputs":[],"name":"caller","outputs":[{"name":"","type":"address"}],"type":"function"}]`,
 		`
 			// Generate a new random account and a funded simulator
-			key := crypto.NewKey(rand.Reader)
-			sim := backends.NewSimulatedBackend(core.GenesisAccount{Address: key.Address, Balance: big.NewInt(10000000000)})
-
-			// Convert the tester key to an authorized transactor for ease of use
+			key, _ := crypto.GenerateKey()
 			auth := bind.NewKeyedTransactor(key)
+			sim := backends.NewSimulatedBackend(core.GenesisAccount{Address: auth.From, Balance: big.NewInt(10000000000)})
 
 			// Deploy a default method invoker contract and execute its default method
 			_, _, defaulter, err := DeployDefaulter(auth, sim)
@@ -306,8 +298,8 @@ var bindTests = []struct {
 
 			if caller, err := defaulter.Caller(nil); err != nil {
 				t.Fatalf("Failed to call address retriever: %v", err)
-			} else if (caller != key.Address) {
-				t.Fatalf("Address mismatch: have %v, want %v", caller, key.Address)
+			} else if (caller != auth.From) {
+				t.Fatalf("Address mismatch: have %v, want %v", caller, auth.From)
 			}
 		`,
 	},
diff --git a/accounts/account_manager.go b/accounts/account_manager.go
index 34cf0fa53..c85304066 100644
--- a/accounts/account_manager.go
+++ b/accounts/account_manager.go
@@ -19,9 +19,6 @@
 // This abstracts part of a user's interaction with an account she controls.
 package accounts
 
-// Currently this is pretty much a passthrough to the KeyStore interface,
-// and accounts persistence is derived from stored keys' addresses
-
 import (
 	"crypto/ecdsa"
 	crand "crypto/rand"
@@ -49,19 +46,26 @@ func (acc *Account) MarshalJSON() ([]byte, error) {
 }
 
 type Manager struct {
-	keyStore crypto.KeyStore
+	keyStore keyStore
 	unlocked map[common.Address]*unlocked
 	mutex    sync.RWMutex
 }
 
 type unlocked struct {
-	*crypto.Key
+	*Key
 	abort chan struct{}
 }
 
-func NewManager(keyStore crypto.KeyStore) *Manager {
+func NewManager(keydir string, scryptN, scryptP int) *Manager {
+	return &Manager{
+		keyStore: newKeyStorePassphrase(keydir, scryptN, scryptP),
+		unlocked: make(map[common.Address]*unlocked),
+	}
+}
+
+func NewPlaintextManager(keydir string) *Manager {
 	return &Manager{
-		keyStore: keyStore,
+		keyStore: newKeyStorePlain(keydir),
 		unlocked: make(map[common.Address]*unlocked),
 	}
 }
@@ -216,19 +220,23 @@ func (am *Manager) Export(path string, addr common.Address, keyAuth string) erro
 }
 
 func (am *Manager) Import(path string, keyAuth string) (Account, error) {
-	privateKeyECDSA, err := crypto.LoadECDSA(path)
+	priv, err := crypto.LoadECDSA(path)
 	if err != nil {
 		return Account{}, err
 	}
-	key := crypto.NewKeyFromECDSA(privateKeyECDSA)
-	if err = am.keyStore.StoreKey(key, keyAuth); err != nil {
+	return am.ImportECDSA(priv, keyAuth)
+}
+
+func (am *Manager) ImportECDSA(priv *ecdsa.PrivateKey, keyAuth string) (Account, error) {
+	key := newKeyFromECDSA(priv)
+	if err := am.keyStore.StoreKey(key, keyAuth); err != nil {
 		return Account{}, err
 	}
 	return Account{Address: key.Address}, nil
 }
 
 func (am *Manager) Update(addr common.Address, authFrom, authTo string) (err error) {
-	var key *crypto.Key
+	var key *Key
 	key, err = am.keyStore.GetKey(addr, authFrom)
 
 	if err == nil {
@@ -241,8 +249,8 @@ func (am *Manager) Update(addr common.Address, authFrom, authTo string) (err err
 }
 
 func (am *Manager) ImportPreSaleKey(keyJSON []byte, password string) (acc Account, err error) {
-	var key *crypto.Key
-	key, err = crypto.ImportPreSaleKey(am.keyStore, keyJSON, password)
+	var key *Key
+	key, err = importPreSaleKey(am.keyStore, keyJSON, password)
 	if err != nil {
 		return
 	}
diff --git a/accounts/accounts_test.go b/accounts/accounts_test.go
index 55ddecdea..02dd74c8a 100644
--- a/accounts/accounts_test.go
+++ b/accounts/accounts_test.go
@@ -21,17 +21,14 @@ import (
 	"os"
 	"testing"
 	"time"
-
-	"github.com/ethereum/go-ethereum/crypto"
 )
 
 var testSigData = make([]byte, 32)
 
 func TestSign(t *testing.T) {
-	dir, ks := tmpKeyStore(t, crypto.NewKeyStorePlain)
+	dir, am := tmpManager(t, false)
 	defer os.RemoveAll(dir)
 
-	am := NewManager(ks)
 	pass := "" // not used but required by API
 	a1, err := am.NewAccount(pass)
 	am.Unlock(a1.Address, "")
@@ -43,10 +40,9 @@ func TestSign(t *testing.T) {
 }
 
 func TestTimedUnlock(t *testing.T) {
-	dir, ks := tmpKeyStore(t, crypto.NewKeyStorePlain)
+	dir, am := tmpManager(t, false)
 	defer os.RemoveAll(dir)
 
-	am := NewManager(ks)
 	pass := "foo"
 	a1, err := am.NewAccount(pass)
 
@@ -76,10 +72,9 @@ func TestTimedUnlock(t *testing.T) {
 }
 
 func TestOverrideUnlock(t *testing.T) {
-	dir, ks := tmpKeyStore(t, crypto.NewKeyStorePlain)
+	dir, am := tmpManager(t, false)
 	defer os.RemoveAll(dir)
 
-	am := NewManager(ks)
 	pass := "foo"
 	a1, err := am.NewAccount(pass)
 
@@ -115,11 +110,10 @@ func TestOverrideUnlock(t *testing.T) {
 
 // This test should fail under -race if signing races the expiration goroutine.
 func TestSignRace(t *testing.T) {
-	dir, ks := tmpKeyStore(t, crypto.NewKeyStorePlain)
+	dir, am := tmpManager(t, false)
 	defer os.RemoveAll(dir)
 
 	// Create a test account.
-	am := NewManager(ks)
 	a1, err := am.NewAccount("")
 	if err != nil {
 		t.Fatal("could not create the test account", err)
@@ -141,10 +135,14 @@ func TestSignRace(t *testing.T) {
 	t.Errorf("Account did not lock within the timeout")
 }
 
-func tmpKeyStore(t *testing.T, new func(string) crypto.KeyStore) (string, crypto.KeyStore) {
+func tmpManager(t *testing.T, encrypted bool) (string, *Manager) {
 	d, err := ioutil.TempDir("", "eth-keystore-test")
 	if err != nil {
 		t.Fatal(err)
 	}
+	new := NewPlaintextManager
+	if encrypted {
+		new = func(kd string) *Manager { return NewManager(kd, LightScryptN, LightScryptP) }
+	}
 	return d, new(d)
 }
diff --git a/accounts/key.go b/accounts/key.go
new file mode 100644
index 000000000..34fefa27c
--- /dev/null
+++ b/accounts/key.go
@@ -0,0 +1,179 @@
+// Copyright 2014 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package accounts
+
+import (
+	"bytes"
+	"crypto/ecdsa"
+	"encoding/hex"
+	"encoding/json"
+	"io"
+	"strings"
+
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/ethereum/go-ethereum/crypto/secp256k1"
+	"github.com/pborman/uuid"
+)
+
+const (
+	version = 3
+)
+
+type Key struct {
+	Id uuid.UUID // Version 4 "random" for unique id not derived from key data
+	// to simplify lookups we also store the address
+	Address common.Address
+	// we only store privkey as pubkey/address can be derived from it
+	// privkey in this struct is always in plaintext
+	PrivateKey *ecdsa.PrivateKey
+}
+
+type keyStore interface {
+	// create new key using io.Reader entropy source and optionally using auth string
+	GenerateNewKey(io.Reader, string) (*Key, error)
+	GetKey(common.Address, string) (*Key, error) // get key from addr and auth string
+	GetKeyAddresses() ([]common.Address, error)  // get all addresses
+	StoreKey(*Key, string) error                 // store key optionally using auth string
+	DeleteKey(common.Address, string) error      // delete key by addr and auth string
+	Cleanup(keyAddr common.Address) (err error)
+}
+
+type plainKeyJSON struct {
+	Address    string `json:"address"`
+	PrivateKey string `json:"privatekey"`
+	Id         string `json:"id"`
+	Version    int    `json:"version"`
+}
+
+type encryptedKeyJSONV3 struct {
+	Address string     `json:"address"`
+	Crypto  cryptoJSON `json:"crypto"`
+	Id      string     `json:"id"`
+	Version int        `json:"version"`
+}
+
+type encryptedKeyJSONV1 struct {
+	Address string     `json:"address"`
+	Crypto  cryptoJSON `json:"crypto"`
+	Id      string     `json:"id"`
+	Version string     `json:"version"`
+}
+
+type cryptoJSON struct {
+	Cipher       string                 `json:"cipher"`
+	CipherText   string                 `json:"ciphertext"`
+	CipherParams cipherparamsJSON       `json:"cipherparams"`
+	KDF          string                 `json:"kdf"`
+	KDFParams    map[string]interface{} `json:"kdfparams"`
+	MAC          string                 `json:"mac"`
+}
+
+type cipherparamsJSON struct {
+	IV string `json:"iv"`
+}
+
+type scryptParamsJSON struct {
+	N     int    `json:"n"`
+	R     int    `json:"r"`
+	P     int    `json:"p"`
+	DkLen int    `json:"dklen"`
+	Salt  string `json:"salt"`
+}
+
+func (k *Key) MarshalJSON() (j []byte, err error) {
+	jStruct := plainKeyJSON{
+		hex.EncodeToString(k.Address[:]),
+		hex.EncodeToString(crypto.FromECDSA(k.PrivateKey)),
+		k.Id.String(),
+		version,
+	}
+	j, err = json.Marshal(jStruct)
+	return j, err
+}
+
+func (k *Key) UnmarshalJSON(j []byte) (err error) {
+	keyJSON := new(plainKeyJSON)
+	err = json.Unmarshal(j, &keyJSON)
+	if err != nil {
+		return err
+	}
+
+	u := new(uuid.UUID)
+	*u = uuid.Parse(keyJSON.Id)
+	k.Id = *u
+	addr, err := hex.DecodeString(keyJSON.Address)
+	if err != nil {
+		return err
+	}
+
+	privkey, err := hex.DecodeString(keyJSON.PrivateKey)
+	if err != nil {
+		return err
+	}
+
+	k.Address = common.BytesToAddress(addr)
+	k.PrivateKey = crypto.ToECDSA(privkey)
+
+	return nil
+}
+
+func newKeyFromECDSA(privateKeyECDSA *ecdsa.PrivateKey) *Key {
+	id := uuid.NewRandom()
+	key := &Key{
+		Id:         id,
+		Address:    crypto.PubkeyToAddress(privateKeyECDSA.PublicKey),
+		PrivateKey: privateKeyECDSA,
+	}
+	return key
+}
+
+func NewKey(rand io.Reader) *Key {
+	randBytes := make([]byte, 64)
+	_, err := rand.Read(randBytes)
+	if err != nil {
+		panic("key generation: could not read from random source: " + err.Error())
+	}
+	reader := bytes.NewReader(randBytes)
+	privateKeyECDSA, err := ecdsa.GenerateKey(secp256k1.S256(), reader)
+	if err != nil {
+		panic("key generation: ecdsa.GenerateKey failed: " + err.Error())
+	}
+
+	return newKeyFromECDSA(privateKeyECDSA)
+}
+
+// generate key whose address fits into < 155 bits so it can fit into
+// the Direct ICAP spec. for simplicity and easier compatibility with
+// other libs, we retry until the first byte is 0.
+func NewKeyForDirectICAP(rand io.Reader) *Key {
+	randBytes := make([]byte, 64)
+	_, err := rand.Read(randBytes)
+	if err != nil {
+		panic("key generation: could not read from random source: " + err.Error())
+	}
+	reader := bytes.NewReader(randBytes)
+	privateKeyECDSA, err := ecdsa.GenerateKey(secp256k1.S256(), reader)
+	if err != nil {
+		panic("key generation: ecdsa.GenerateKey failed: " + err.Error())
+	}
+	key := newKeyFromECDSA(privateKeyECDSA)
+	if !strings.HasPrefix(key.Address.Hex(), "0x00") {
+		return NewKeyForDirectICAP(rand)
+	}
+	return key
+}
diff --git a/accounts/key_store_passphrase.go b/accounts/key_store_passphrase.go
new file mode 100644
index 000000000..cb00b90af
--- /dev/null
+++ b/accounts/key_store_passphrase.go
@@ -0,0 +1,316 @@
+// Copyright 2014 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+/*
+
+This key store behaves as KeyStorePlain with the difference that
+the private key is encrypted and on disk uses another JSON encoding.
+
+The crypto is documented at https://github.com/ethereum/wiki/wiki/Web3-Secret-Storage-Definition
+
+*/
+
+package accounts
+
+import (
+	"bytes"
+	"crypto/aes"
+	"crypto/sha256"
+	"encoding/hex"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/ethereum/go-ethereum/crypto/randentropy"
+	"github.com/pborman/uuid"
+	"golang.org/x/crypto/pbkdf2"
+	"golang.org/x/crypto/scrypt"
+)
+
+const (
+	keyHeaderKDF = "scrypt"
+
+	// n,r,p = 2^18, 8, 1 uses 256MB memory and approx 1s CPU time on a modern CPU.
+	StandardScryptN = 1 << 18
+	StandardScryptP = 1
+
+	// n,r,p = 2^12, 8, 6 uses 4MB memory and approx 100ms CPU time on a modern CPU.
+	LightScryptN = 1 << 12
+	LightScryptP = 6
+
+	scryptR     = 8
+	scryptDKLen = 32
+)
+
+type keyStorePassphrase struct {
+	keysDirPath string
+	scryptN     int
+	scryptP     int
+}
+
+func newKeyStorePassphrase(path string, scryptN int, scryptP int) keyStore {
+	return &keyStorePassphrase{path, scryptN, scryptP}
+}
+
+func (ks keyStorePassphrase) GenerateNewKey(rand io.Reader, auth string) (key *Key, err error) {
+	return generateNewKeyDefault(ks, rand, auth)
+}
+
+func (ks keyStorePassphrase) GetKey(keyAddr common.Address, auth string) (key *Key, err error) {
+	return decryptKeyFromFile(ks.keysDirPath, keyAddr, auth)
+}
+
+func (ks keyStorePassphrase) Cleanup(keyAddr common.Address) (err error) {
+	return cleanup(ks.keysDirPath, keyAddr)
+}
+
+func (ks keyStorePassphrase) GetKeyAddresses() (addresses []common.Address, err error) {
+	return getKeyAddresses(ks.keysDirPath)
+}
+
+func (ks keyStorePassphrase) StoreKey(key *Key, auth string) error {
+	keyjson, err := EncryptKey(key, auth, ks.scryptN, ks.scryptP)
+	if err != nil {
+		return err
+	}
+	return writeKeyFile(key.Address, ks.keysDirPath, keyjson)
+}
+
+// EncryptKey encrypts a key using the specified scrypt parameters into a json
+// blob that can be decrypted later on.
+func EncryptKey(key *Key, auth string, scryptN, scryptP int) ([]byte, error) {
+	authArray := []byte(auth)
+	salt := randentropy.GetEntropyCSPRNG(32)
+	derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptR, scryptP, scryptDKLen)
+	if err != nil {
+		return nil, err
+	}
+	encryptKey := derivedKey[:16]
+	keyBytes := crypto.FromECDSA(key.PrivateKey)
+
+	iv := randentropy.GetEntropyCSPRNG(aes.BlockSize) // 16
+	cipherText, err := aesCTRXOR(encryptKey, keyBytes, iv)
+	if err != nil {
+		return nil, err
+	}
+	mac := crypto.Keccak256(derivedKey[16:32], cipherText)
+
+	scryptParamsJSON := make(map[string]interface{}, 5)
+	scryptParamsJSON["n"] = scryptN
+	scryptParamsJSON["r"] = scryptR
+	scryptParamsJSON["p"] = scryptP
+	scryptParamsJSON["dklen"] = scryptDKLen
+	scryptParamsJSON["salt"] = hex.EncodeToString(salt)
+
+	cipherParamsJSON := cipherparamsJSON{
+		IV: hex.EncodeToString(iv),
+	}
+
+	cryptoStruct := cryptoJSON{
+		Cipher:       "aes-128-ctr",
+		CipherText:   hex.EncodeToString(cipherText),
+		CipherParams: cipherParamsJSON,
+		KDF:          "scrypt",
+		KDFParams:    scryptParamsJSON,
+		MAC:          hex.EncodeToString(mac),
+	}
+	encryptedKeyJSONV3 := encryptedKeyJSONV3{
+		hex.EncodeToString(key.Address[:]),
+		cryptoStruct,
+		key.Id.String(),
+		version,
+	}
+	return json.Marshal(encryptedKeyJSONV3)
+}
+
+func (ks keyStorePassphrase) DeleteKey(keyAddr common.Address, auth string) error {
+	// only delete if correct passphrase is given
+	if _, err := decryptKeyFromFile(ks.keysDirPath, keyAddr, auth); err != nil {
+		return err
+	}
+	return deleteKey(ks.keysDirPath, keyAddr)
+}
+
+// DecryptKey decrypts a key from a json blob, returning the private key itself.
+func DecryptKey(keyjson []byte, auth string) (*Key, error) {
+	// Parse the json into a simple map to fetch the key version
+	m := make(map[string]interface{})
+	if err := json.Unmarshal(keyjson, &m); err != nil {
+		return nil, err
+	}
+	// Depending on the version try to parse one way or another
+	var (
+		keyBytes, keyId []byte
+		err             error
+	)
+	if version, ok := m["version"].(string); ok && version == "1" {
+		k := new(encryptedKeyJSONV1)
+		if err := json.Unmarshal(keyjson, k); err != nil {
+			return nil, err
+		}
+		keyBytes, keyId, err = decryptKeyV1(k, auth)
+	} else {
+		k := new(encryptedKeyJSONV3)
+		if err := json.Unmarshal(keyjson, k); err != nil {
+			return nil, err
+		}
+		keyBytes, keyId, err = decryptKeyV3(k, auth)
+	}
+	// Handle any decryption errors and return the key
+	if err != nil {
+		return nil, err
+	}
+	key := crypto.ToECDSA(keyBytes)
+	return &Key{
+		Id:         uuid.UUID(keyId),
+		Address:    crypto.PubkeyToAddress(key.PublicKey),
+		PrivateKey: key,
+	}, nil
+}
+
+func decryptKeyFromFile(keysDirPath string, keyAddr common.Address, auth string) (*Key, error) {
+	// Load the key from the keystore and decrypt its contents
+	keyjson, err := getKeyFile(keysDirPath, keyAddr)
+	if err != nil {
+		return nil, err
+	}
+	key, err := DecryptKey(keyjson, auth)
+	if err != nil {
+		return nil, err
+	}
+	// Make sure we're really operating on the requested key (no swap attacks)
+	if keyAddr != key.Address {
+		return nil, fmt.Errorf("key content mismatch: have account %x, want %x", key.Address, keyAddr)
+	}
+	return key, nil
+}
+
+func decryptKeyV3(keyProtected *encryptedKeyJSONV3, auth string) (keyBytes []byte, keyId []byte, err error) {
+	if keyProtected.Version != version {
+		return nil, nil, fmt.Errorf("Version not supported: %v", keyProtected.Version)
+	}
+
+	if keyProtected.Crypto.Cipher != "aes-128-ctr" {
+		return nil, nil, fmt.Errorf("Cipher not supported: %v", keyProtected.Crypto.Cipher)
+	}
+
+	keyId = uuid.Parse(keyProtected.Id)
+	mac, err := hex.DecodeString(keyProtected.Crypto.MAC)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	iv, err := hex.DecodeString(keyProtected.Crypto.CipherParams.IV)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	cipherText, err := hex.DecodeString(keyProtected.Crypto.CipherText)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	derivedKey, err := getKDFKey(keyProtected.Crypto, auth)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	calculatedMAC := crypto.Keccak256(derivedKey[16:32], cipherText)
+	if !bytes.Equal(calculatedMAC, mac) {
+		return nil, nil, errors.New("Decryption failed: MAC mismatch")
+	}
+
+	plainText, err := aesCTRXOR(derivedKey[:16], cipherText, iv)
+	if err != nil {
+		return nil, nil, err
+	}
+	return plainText, keyId, err
+}
+
+func decryptKeyV1(keyProtected *encryptedKeyJSONV1, auth string) (keyBytes []byte, keyId []byte, err error) {
+	keyId = uuid.Parse(keyProtected.Id)
+	mac, err := hex.DecodeString(keyProtected.Crypto.MAC)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	iv, err := hex.DecodeString(keyProtected.Crypto.CipherParams.IV)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	cipherText, err := hex.DecodeString(keyProtected.Crypto.CipherText)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	derivedKey, err := getKDFKey(keyProtected.Crypto, auth)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	calculatedMAC := crypto.Keccak256(derivedKey[16:32], cipherText)
+	if !bytes.Equal(calculatedMAC, mac) {
+		return nil, nil, errors.New("Decryption failed: MAC mismatch")
+	}
+
+	plainText, err := aesCBCDecrypt(crypto.Keccak256(derivedKey[:16])[:16], cipherText, iv)
+	if err != nil {
+		return nil, nil, err
+	}
+	return plainText, keyId, err
+}
+
+func getKDFKey(cryptoJSON cryptoJSON, auth string) ([]byte, error) {
+	authArray := []byte(auth)
+	salt, err := hex.DecodeString(cryptoJSON.KDFParams["salt"].(string))
+	if err != nil {
+		return nil, err
+	}
+	dkLen := ensureInt(cryptoJSON.KDFParams["dklen"])
+
+	if cryptoJSON.KDF == "scrypt" {
+		n := ensureInt(cryptoJSON.KDFParams["n"])
+		r := ensureInt(cryptoJSON.KDFParams["r"])
+		p := ensureInt(cryptoJSON.KDFParams["p"])
+		return scrypt.Key(authArray, salt, n, r, p, dkLen)
+
+	} else if cryptoJSON.KDF == "pbkdf2" {
+		c := ensureInt(cryptoJSON.KDFParams["c"])
+		prf := cryptoJSON.KDFParams["prf"].(string)
+		if prf != "hmac-sha256" {
+			return nil, fmt.Errorf("Unsupported PBKDF2 PRF: ", prf)
+		}
+		key := pbkdf2.Key(authArray, salt, c, dkLen, sha256.New)
+		return key, nil
+	}
+
+	return nil, fmt.Errorf("Unsupported KDF: ", cryptoJSON.KDF)
+}
+
+// TODO: can we do without this when unmarshalling dynamic JSON?
+// why do integers in KDF params end up as float64 and not int after
+// unmarshal?
+func ensureInt(x interface{}) int {
+	res, ok := x.(int)
+	if !ok {
+		res = int(x.(float64))
+	}
+	return res
+}
diff --git a/accounts/key_store_passphrase_test.go b/accounts/key_store_passphrase_test.go
new file mode 100644
index 000000000..afa751d44
--- /dev/null
+++ b/accounts/key_store_passphrase_test.go
@@ -0,0 +1,51 @@
+// Copyright 2016 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package accounts
+
+import (
+	"testing"
+
+	"github.com/ethereum/go-ethereum/common"
+)
+
+// Tests that a json key file can be decrypted and encrypted in multiple rounds.
+func TestKeyEncryptDecrypt(t *testing.T) {
+	address := common.HexToAddress("f626acac23772cbe04dd578bee681b06bdefb9fa")
+	keyjson := []byte("{\"address\":\"f626acac23772cbe04dd578bee681b06bdefb9fa\",\"crypto\":{\"cipher\":\"aes-128-ctr\",\"ciphertext\":\"1bcf0ab9b14459795ce59f63e63255ffd84dc38d31614a5a78e37144d7e4a17f\",\"cipherparams\":{\"iv\":\"df4c7e225ee2d81adef522013e3fbe24\"},\"kdf\":\"scrypt\",\"kdfparams\":{\"dklen\":32,\"n\":262144,\"p\":1,\"r\":8,\"salt\":\"2909a99dd2bfa7079a4b40991773b1083f8512c0c55b9b63402ab0e3dc8db8b3\"},\"mac\":\"4ecf6a4ad92ae2c016cb7c44abade74799480c3303eb024661270dfefdbc7510\"},\"id\":\"b4718210-9a30-4883-b8a6-dbdd08bd0ceb\",\"version\":3}")
+	password := ""
+
+	// Do a few rounds of decryption and encryption
+	for i := 0; i < 3; i++ {
+		// Try a bad password first
+		if _, err := DecryptKey(keyjson, password+"bad"); err == nil {
+			t.Error("test %d: json key decrypted with bad password", i)
+		}
+		// Decrypt with the correct password
+		key, err := DecryptKey(keyjson, password)
+		if err != nil {
+			t.Errorf("test %d: json key failed to decrypt: %v", i, err)
+		}
+		if key.Address != address {
+			t.Errorf("test %d: key address mismatch: have %x, want %x", i, key.Address, address)
+		}
+		// Recrypt with a new password and start over
+		password += "new data appended"
+		if keyjson, err = EncryptKey(key, password, LightScryptN, LightScryptP); err != nil {
+			t.Errorf("test %d: failed to recrypt key %v", err)
+		}
+	}
+}
diff --git a/accounts/key_store_plain.go b/accounts/key_store_plain.go
new file mode 100644
index 000000000..ca1d89757
--- /dev/null
+++ b/accounts/key_store_plain.go
@@ -0,0 +1,199 @@
+// Copyright 2014 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package accounts
+
+import (
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/ethereum/go-ethereum/common"
+)
+
+type keyStorePlain struct {
+	keysDirPath string
+}
+
+func newKeyStorePlain(path string) keyStore {
+	return &keyStorePlain{path}
+}
+
+func (ks keyStorePlain) GenerateNewKey(rand io.Reader, auth string) (key *Key, err error) {
+	return generateNewKeyDefault(ks, rand, auth)
+}
+
+func generateNewKeyDefault(ks keyStore, rand io.Reader, auth string) (key *Key, err error) {
+	defer func() {
+		if r := recover(); r != nil {
+			err = fmt.Errorf("GenerateNewKey error: %v", r)
+		}
+	}()
+	key = NewKey(rand)
+	err = ks.StoreKey(key, auth)
+	return key, err
+}
+
+func (ks keyStorePlain) GetKey(keyAddr common.Address, auth string) (*Key, error) {
+	keyjson, err := getKeyFile(ks.keysDirPath, keyAddr)
+	if err != nil {
+		return nil, err
+	}
+	key := new(Key)
+	if err := json.Unmarshal(keyjson, key); err != nil {
+		return nil, err
+	}
+	return key, nil
+}
+
+func (ks keyStorePlain) GetKeyAddresses() (addresses []common.Address, err error) {
+	return getKeyAddresses(ks.keysDirPath)
+}
+
+func (ks keyStorePlain) Cleanup(keyAddr common.Address) (err error) {
+	return cleanup(ks.keysDirPath, keyAddr)
+}
+
+func (ks keyStorePlain) StoreKey(key *Key, auth string) (err error) {
+	keyJSON, err := json.Marshal(key)
+	if err != nil {
+		return
+	}
+	err = writeKeyFile(key.Address, ks.keysDirPath, keyJSON)
+	return
+}
+
+func (ks keyStorePlain) DeleteKey(keyAddr common.Address, auth string) (err error) {
+	return deleteKey(ks.keysDirPath, keyAddr)
+}
+
+func deleteKey(keysDirPath string, keyAddr common.Address) (err error) {
+	var path string
+	path, err = getKeyFilePath(keysDirPath, keyAddr)
+	if err == nil {
+		addrHex := hex.EncodeToString(keyAddr[:])
+		if path == filepath.Join(keysDirPath, addrHex, addrHex) {
+			path = filepath.Join(keysDirPath, addrHex)
+		}
+		err = os.RemoveAll(path)
+	}
+	return
+}
+
+func getKeyFilePath(keysDirPath string, keyAddr common.Address) (keyFilePath string, err error) {
+	addrHex := hex.EncodeToString(keyAddr[:])
+	matches, err := filepath.Glob(filepath.Join(keysDirPath, fmt.Sprintf("*--%s", addrHex)))
+	if len(matches) > 0 {
+		if err == nil {
+			keyFilePath = matches[len(matches)-1]
+		}
+		return
+	}
+	keyFilePath = filepath.Join(keysDirPath, addrHex, addrHex)
+	_, err = os.Stat(keyFilePath)
+	return
+}
+
+func cleanup(keysDirPath string, keyAddr common.Address) (err error) {
+	fileInfos, err := ioutil.ReadDir(keysDirPath)
+	if err != nil {
+		return
+	}
+	var paths []string
+	account := hex.EncodeToString(keyAddr[:])
+	for _, fileInfo := range fileInfos {
+		path := filepath.Join(keysDirPath, fileInfo.Name())
+		if len(path) >= 40 {
+			addr := path[len(path)-40 : len(path)]
+			if addr == account {
+				if path == filepath.Join(keysDirPath, addr, addr) {
+					path = filepath.Join(keysDirPath, addr)
+				}
+				paths = append(paths, path)
+			}
+		}
+	}
+	if len(paths) > 1 {
+		for i := 0; err == nil && i < len(paths)-1; i++ {
+			err = os.RemoveAll(paths[i])
+			if err != nil {
+				break
+			}
+		}
+	}
+	return
+}
+
+func getKeyFile(keysDirPath string, keyAddr common.Address) (fileContent []byte, err error) {
+	var keyFilePath string
+	keyFilePath, err = getKeyFilePath(keysDirPath, keyAddr)
+	if err == nil {
+		fileContent, err = ioutil.ReadFile(keyFilePath)
+	}
+	return
+}
+
+func writeKeyFile(addr common.Address, keysDirPath string, content []byte) (err error) {
+	filename := keyFileName(addr)
+	// read, write and dir search for user
+	err = os.MkdirAll(keysDirPath, 0700)
+	if err != nil {
+		return err
+	}
+	// read, write for user
+	return ioutil.WriteFile(filepath.Join(keysDirPath, filename), content, 0600)
+}
+
+// keyFilePath implements the naming convention for keyfiles:
+// UTC--<created_at UTC ISO8601>-<address hex>
+func keyFileName(keyAddr common.Address) string {
+	ts := time.Now().UTC()
+	return fmt.Sprintf("UTC--%s--%s", toISO8601(ts), hex.EncodeToString(keyAddr[:]))
+}
+
+func toISO8601(t time.Time) string {
+	var tz string
+	name, offset := t.Zone()
+	if name == "UTC" {
+		tz = "Z"
+	} else {
+		tz = fmt.Sprintf("%03d00", offset/3600)
+	}
+	return fmt.Sprintf("%04d-%02d-%02dT%02d-%02d-%02d.%09d%s", t.Year(), t.Month(), t.Day(), t.Hour(), t.Minute(), t.Second(), t.Nanosecond(), tz)
+}
+
+func getKeyAddresses(keysDirPath string) (addresses []common.Address, err error) {
+	fileInfos, err := ioutil.ReadDir(keysDirPath)
+	if err != nil {
+		return nil, err
+	}
+	for _, fileInfo := range fileInfos {
+		filename := fileInfo.Name()
+		if len(filename) >= 40 {
+			addr := filename[len(filename)-40 : len(filename)]
+			address, err := hex.DecodeString(addr)
+			if err == nil {
+				addresses = append(addresses, common.BytesToAddress(address))
+			}
+		}
+	}
+	return addresses, err
+}
diff --git a/accounts/key_store_test.go b/accounts/key_store_test.go
new file mode 100644
index 000000000..62ace3720
--- /dev/null
+++ b/accounts/key_store_test.go
@@ -0,0 +1,234 @@
+// Copyright 2014 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package accounts
+
+import (
+	"encoding/hex"
+	"fmt"
+	"reflect"
+	"strings"
+	"testing"
+
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/ethereum/go-ethereum/crypto/randentropy"
+)
+
+func TestKeyStorePlain(t *testing.T) {
+	ks := newKeyStorePlain(common.DefaultDataDir())
+	pass := "" // not used but required by API
+	k1, err := ks.GenerateNewKey(randentropy.Reader, pass)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	k2 := new(Key)
+	k2, err = ks.GetKey(k1.Address, pass)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if !reflect.DeepEqual(k1.Address, k2.Address) {
+		t.Fatal(err)
+	}
+
+	if !reflect.DeepEqual(k1.PrivateKey, k2.PrivateKey) {
+		t.Fatal(err)
+	}
+
+	err = ks.DeleteKey(k2.Address, pass)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestKeyStorePassphrase(t *testing.T) {
+	ks := newKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP)
+	pass := "foo"
+	k1, err := ks.GenerateNewKey(randentropy.Reader, pass)
+	if err != nil {
+		t.Fatal(err)
+	}
+	k2 := new(Key)
+	k2, err = ks.GetKey(k1.Address, pass)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !reflect.DeepEqual(k1.Address, k2.Address) {
+		t.Fatal(err)
+	}
+
+	if !reflect.DeepEqual(k1.PrivateKey, k2.PrivateKey) {
+		t.Fatal(err)
+	}
+
+	err = ks.DeleteKey(k2.Address, pass) // also to clean up created files
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestKeyStorePassphraseDecryptionFail(t *testing.T) {
+	ks := newKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP)
+	pass := "foo"
+	k1, err := ks.GenerateNewKey(randentropy.Reader, pass)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = ks.GetKey(k1.Address, "bar") // wrong passphrase
+	if err == nil {
+		t.Fatal(err)
+	}
+
+	err = ks.DeleteKey(k1.Address, "bar") // wrong passphrase
+	if err == nil {
+		t.Fatal(err)
+	}
+
+	err = ks.DeleteKey(k1.Address, pass) // to clean up
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestImportPreSaleKey(t *testing.T) {
+	// file content of a presale key file generated with:
+	// python pyethsaletool.py genwallet
+	// with password "foo"
+	fileContent := "{\"encseed\": \"26d87f5f2bf9835f9a47eefae571bc09f9107bb13d54ff12a4ec095d01f83897494cf34f7bed2ed34126ecba9db7b62de56c9d7cd136520a0427bfb11b8954ba7ac39b90d4650d3448e31185affcd74226a68f1e94b1108e6e0a4a91cdd83eba\", \"ethaddr\": \"d4584b5f6229b7be90727b0fc8c6b91bb427821f\", \"email\": \"gustav.simonsson@gmail.com\", \"btcaddr\": \"1EVknXyFC68kKNLkh6YnKzW41svSRoaAcx\"}"
+	ks := newKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP)
+	pass := "foo"
+	_, err := importPreSaleKey(ks, []byte(fileContent), pass)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+// Test and utils for the key store tests in the Ethereum JSON tests;
+// testdataKeyStoreTests/basic_tests.json
+type KeyStoreTestV3 struct {
+	Json     encryptedKeyJSONV3
+	Password string
+	Priv     string
+}
+
+type KeyStoreTestV1 struct {
+	Json     encryptedKeyJSONV1
+	Password string
+	Priv     string
+}
+
+func TestV3_PBKDF2_1(t *testing.T) {
+	tests := loadKeyStoreTestV3("testdata/v3_test_vector.json", t)
+	testDecryptV3(tests["wikipage_test_vector_pbkdf2"], t)
+}
+
+func TestV3_PBKDF2_2(t *testing.T) {
+	tests := loadKeyStoreTestV3("../tests/files/KeyStoreTests/basic_tests.json", t)
+	testDecryptV3(tests["test1"], t)
+}
+
+func TestV3_PBKDF2_3(t *testing.T) {
+	tests := loadKeyStoreTestV3("../tests/files/KeyStoreTests/basic_tests.json", t)
+	testDecryptV3(tests["python_generated_test_with_odd_iv"], t)
+}
+
+func TestV3_PBKDF2_4(t *testing.T) {
+	tests := loadKeyStoreTestV3("../tests/files/KeyStoreTests/basic_tests.json", t)
+	testDecryptV3(tests["evilnonce"], t)
+}
+
+func TestV3_Scrypt_1(t *testing.T) {
+	tests := loadKeyStoreTestV3("testdata/v3_test_vector.json", t)
+	testDecryptV3(tests["wikipage_test_vector_scrypt"], t)
+}
+
+func TestV3_Scrypt_2(t *testing.T) {
+	tests := loadKeyStoreTestV3("../tests/files/KeyStoreTests/basic_tests.json", t)
+	testDecryptV3(tests["test2"], t)
+}
+
+func TestV1_1(t *testing.T) {
+	tests := loadKeyStoreTestV1("testdata/v1_test_vector.json", t)
+	testDecryptV1(tests["test1"], t)
+}
+
+func TestV1_2(t *testing.T) {
+	ks := newKeyStorePassphrase("testdata/v1", LightScryptN, LightScryptP)
+	addr := common.HexToAddress("cb61d5a9c4896fb9658090b597ef0e7be6f7b67e")
+	k, err := ks.GetKey(addr, "g")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if k.Address != addr {
+		t.Fatal(fmt.Errorf("Unexpected address: %v, expected %v", k.Address, addr))
+	}
+
+	privHex := hex.EncodeToString(crypto.FromECDSA(k.PrivateKey))
+	expectedHex := "d1b1178d3529626a1a93e073f65028370d14c7eb0936eb42abef05db6f37ad7d"
+	if privHex != expectedHex {
+		t.Fatal(fmt.Errorf("Unexpected privkey: %v, expected %v", privHex, expectedHex))
+	}
+}
+
+func testDecryptV3(test KeyStoreTestV3, t *testing.T) {
+	privBytes, _, err := decryptKeyV3(&test.Json, test.Password)
+	if err != nil {
+		t.Fatal(err)
+	}
+	privHex := hex.EncodeToString(privBytes)
+	if test.Priv != privHex {
+		t.Fatal(fmt.Errorf("Decrypted bytes not equal to test, expected %v have %v", test.Priv, privHex))
+	}
+}
+
+func testDecryptV1(test KeyStoreTestV1, t *testing.T) {
+	privBytes, _, err := decryptKeyV1(&test.Json, test.Password)
+	if err != nil {
+		t.Fatal(err)
+	}
+	privHex := hex.EncodeToString(privBytes)
+	if test.Priv != privHex {
+		t.Fatal(fmt.Errorf("Decrypted bytes not equal to test, expected %v have %v", test.Priv, privHex))
+	}
+}
+
+func loadKeyStoreTestV3(file string, t *testing.T) map[string]KeyStoreTestV3 {
+	tests := make(map[string]KeyStoreTestV3)
+	err := common.LoadJSON(file, &tests)
+	if err != nil {
+		t.Fatal(err)
+	}
+	return tests
+}
+
+func loadKeyStoreTestV1(file string, t *testing.T) map[string]KeyStoreTestV1 {
+	tests := make(map[string]KeyStoreTestV1)
+	err := common.LoadJSON(file, &tests)
+	if err != nil {
+		t.Fatal(err)
+	}
+	return tests
+}
+
+func TestKeyForDirectICAP(t *testing.T) {
+	key := NewKeyForDirectICAP(randentropy.Reader)
+	if !strings.HasPrefix(key.Address.Hex(), "0x00") {
+		t.Errorf("Expected first address byte to be zero, have: %s", key.Address.Hex())
+	}
+}
diff --git a/accounts/presale.go b/accounts/presale.go
new file mode 100644
index 000000000..8faa98558
--- /dev/null
+++ b/accounts/presale.go
@@ -0,0 +1,132 @@
+// Copyright 2016 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package accounts
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/sha256"
+	"encoding/hex"
+	"encoding/json"
+	"errors"
+	"fmt"
+
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/pborman/uuid"
+	"golang.org/x/crypto/pbkdf2"
+)
+
+// creates a Key and stores that in the given KeyStore by decrypting a presale key JSON
+func importPreSaleKey(keyStore keyStore, keyJSON []byte, password string) (*Key, error) {
+	key, err := decryptPreSaleKey(keyJSON, password)
+	if err != nil {
+		return nil, err
+	}
+	key.Id = uuid.NewRandom()
+	err = keyStore.StoreKey(key, password)
+	return key, err
+}
+
+func decryptPreSaleKey(fileContent []byte, password string) (key *Key, err error) {
+	preSaleKeyStruct := struct {
+		EncSeed string
+		EthAddr string
+		Email   string
+		BtcAddr string
+	}{}
+	err = json.Unmarshal(fileContent, &preSaleKeyStruct)
+	if err != nil {
+		return nil, err
+	}
+	encSeedBytes, err := hex.DecodeString(preSaleKeyStruct.EncSeed)
+	iv := encSeedBytes[:16]
+	cipherText := encSeedBytes[16:]
+	/*
+		See https://github.com/ethereum/pyethsaletool
+
+		pyethsaletool generates the encryption key from password by
+		2000 rounds of PBKDF2 with HMAC-SHA-256 using password as salt (:().
+		16 byte key length within PBKDF2 and resulting key is used as AES key
+	*/
+	passBytes := []byte(password)
+	derivedKey := pbkdf2.Key(passBytes, passBytes, 2000, 16, sha256.New)
+	plainText, err := aesCBCDecrypt(derivedKey, cipherText, iv)
+	if err != nil {
+		return nil, err
+	}
+	ethPriv := crypto.Keccak256(plainText)
+	ecKey := crypto.ToECDSA(ethPriv)
+	key = &Key{
+		Id:         nil,
+		Address:    crypto.PubkeyToAddress(ecKey.PublicKey),
+		PrivateKey: ecKey,
+	}
+	derivedAddr := hex.EncodeToString(key.Address.Bytes()) // needed because .Hex() gives leading "0x"
+	expectedAddr := preSaleKeyStruct.EthAddr
+	if derivedAddr != expectedAddr {
+		err = fmt.Errorf("decrypted addr '%s' not equal to expected addr '%s'", derivedAddr, expectedAddr)
+	}
+	return key, err
+}
+
+func aesCTRXOR(key, inText, iv []byte) ([]byte, error) {
+	// AES-128 is selected due to size of encryptKey.
+	aesBlock, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	stream := cipher.NewCTR(aesBlock, iv)
+	outText := make([]byte, len(inText))
+	stream.XORKeyStream(outText, inText)
+	return outText, err
+}
+
+func aesCBCDecrypt(key, cipherText, iv []byte) ([]byte, error) {
+	aesBlock, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	decrypter := cipher.NewCBCDecrypter(aesBlock, iv)
+	paddedPlaintext := make([]byte, len(cipherText))
+	decrypter.CryptBlocks(paddedPlaintext, cipherText)
+	plaintext := pkcs7Unpad(paddedPlaintext)
+	if plaintext == nil {
+		err = errors.New("Decryption failed: PKCS7Unpad failed after AES decryption")
+	}
+	return plaintext, err
+}
+
+// From https://leanpub.com/gocrypto/read#leanpub-auto-block-cipher-modes
+func pkcs7Unpad(in []byte) []byte {
+	if len(in) == 0 {
+		return nil
+	}
+
+	padding := in[len(in)-1]
+	if int(padding) > len(in) || padding > aes.BlockSize {
+		return nil
+	} else if padding == 0 {
+		return nil
+	}
+
+	for i := len(in) - 1; i > len(in)-int(padding)-1; i-- {
+		if in[i] != padding {
+			return nil
+		}
+	}
+	return in[:len(in)-int(padding)]
+}
diff --git a/accounts/testdata/v1/cb61d5a9c4896fb9658090b597ef0e7be6f7b67e/cb61d5a9c4896fb9658090b597ef0e7be6f7b67e b/accounts/testdata/v1/cb61d5a9c4896fb9658090b597ef0e7be6f7b67e/cb61d5a9c4896fb9658090b597ef0e7be6f7b67e
new file mode 100644
index 000000000..498d8131e
--- /dev/null
+++ b/accounts/testdata/v1/cb61d5a9c4896fb9658090b597ef0e7be6f7b67e/cb61d5a9c4896fb9658090b597ef0e7be6f7b67e
@@ -0,0 +1 @@
+{"address":"cb61d5a9c4896fb9658090b597ef0e7be6f7b67e","Crypto":{"cipher":"aes-128-cbc","ciphertext":"6143d3192db8b66eabd693d9c4e414dcfaee52abda451af79ccf474dafb35f1bfc7ea013aa9d2ee35969a1a2e8d752d0","cipherparams":{"iv":"35337770fc2117994ecdcad026bccff4"},"kdf":"scrypt","kdfparams":{"n":262144,"r":8,"p":1,"dklen":32,"salt":"9afcddebca541253a2f4053391c673ff9fe23097cd8555d149d929e4ccf1257f"},"mac":"3f3d5af884b17a100b0b3232c0636c230a54dc2ac8d986227219b0dd89197644","version":"1"},"id":"e25f7c1f-d318-4f29-b62c-687190d4d299","version":"1"}
\ No newline at end of file
diff --git a/accounts/testdata/v1_test_vector.json b/accounts/testdata/v1_test_vector.json
new file mode 100644
index 000000000..3d09b55b5
--- /dev/null
+++ b/accounts/testdata/v1_test_vector.json
@@ -0,0 +1,28 @@
+{
+    "test1": {
+        "json": {
+            "Crypto": {
+                "cipher": "aes-128-cbc",
+                "cipherparams": {
+                    "iv": "35337770fc2117994ecdcad026bccff4"
+                },
+                "ciphertext": "6143d3192db8b66eabd693d9c4e414dcfaee52abda451af79ccf474dafb35f1bfc7ea013aa9d2ee35969a1a2e8d752d0",
+                "kdf": "scrypt",
+                "kdfparams": {
+                    "dklen": 32,
+                    "n": 262144,
+                    "p": 1,
+                    "r": 8,
+                    "salt": "9afcddebca541253a2f4053391c673ff9fe23097cd8555d149d929e4ccf1257f"
+                },
+                "mac": "3f3d5af884b17a100b0b3232c0636c230a54dc2ac8d986227219b0dd89197644",
+                "version": "1"
+            },
+            "address": "cb61d5a9c4896fb9658090b597ef0e7be6f7b67e",
+            "id": "e25f7c1f-d318-4f29-b62c-687190d4d299",
+            "version": "1"
+        },
+        "password": "g",
+        "priv": "d1b1178d3529626a1a93e073f65028370d14c7eb0936eb42abef05db6f37ad7d"
+    }
+}
diff --git a/accounts/testdata/v3_test_vector.json b/accounts/testdata/v3_test_vector.json
new file mode 100644
index 000000000..e9d7b62f0
--- /dev/null
+++ b/accounts/testdata/v3_test_vector.json
@@ -0,0 +1,49 @@
+{
+    "wikipage_test_vector_scrypt": {
+        "json": {
+            "crypto" : {
+                "cipher" : "aes-128-ctr",
+                "cipherparams" : {
+                    "iv" : "83dbcc02d8ccb40e466191a123791e0e"
+                },
+                "ciphertext" : "d172bf743a674da9cdad04534d56926ef8358534d458fffccd4e6ad2fbde479c",
+                "kdf" : "scrypt",
+                "kdfparams" : {
+                    "dklen" : 32,
+                    "n" : 262144,
+                    "r" : 1,
+                    "p" : 8,
+                    "salt" : "ab0c7876052600dd703518d6fc3fe8984592145b591fc8fb5c6d43190334ba19"
+                },
+                "mac" : "2103ac29920d71da29f15d75b4a16dbe95cfd7ff8faea1056c33131d846e3097"
+            },
+            "id" : "3198bc9c-6672-5ab3-d995-4942343ae5b6",
+            "version" : 3
+        },
+        "password": "testpassword",
+        "priv": "7a28b5ba57c53603b0b07b56bba752f7784bf506fa95edc395f5cf6c7514fe9d"
+    },
+    "wikipage_test_vector_pbkdf2": {
+        "json": {
+            "crypto" : {
+                "cipher" : "aes-128-ctr",
+                "cipherparams" : {
+                    "iv" : "6087dab2f9fdbbfaddc31a909735c1e6"
+                },
+                "ciphertext" : "5318b4d5bcd28de64ee5559e671353e16f075ecae9f99c7a79a38af5f869aa46",
+                "kdf" : "pbkdf2",
+                "kdfparams" : {
+                    "c" : 262144,
+                    "dklen" : 32,
+                    "prf" : "hmac-sha256",
+                    "salt" : "ae3cd4e7013836a3df6bd7241b12db061dbe2c6785853cce422d148a624ce0bd"
+                },
+                "mac" : "517ead924a9d0dc3124507e3393d175ce3ff7c1e96529c6c555ce9e51205e9b2"
+            },
+            "id" : "3198bc9c-6672-5ab3-d995-4942343ae5b6",
+            "version" : 3
+        },
+        "password": "testpassword",
+        "priv": "7a28b5ba57c53603b0b07b56bba752f7784bf506fa95edc395f5cf6c7514fe9d"
+    }
+}