From b79dd188d916da7adbf448dc27b0c59a04e0938d Mon Sep 17 00:00:00 2001 From: Bas van Kervel Date: Tue, 12 May 2015 14:24:11 +0200 Subject: replaced several path.* with filepath.* which is platform independent --- crypto/key_store_passphrase.go | 4 ++-- crypto/key_store_plain.go | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) (limited to 'crypto') diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 7d21b6604..9d36d7b03 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -72,7 +72,7 @@ import ( "errors" "io" "os" - "path" + "path/filepath" "code.google.com/p/go-uuid/uuid" "github.com/ethereum/go-ethereum/crypto/randentropy" @@ -163,7 +163,7 @@ func (ks keyStorePassphrase) DeleteKey(keyAddr []byte, auth string) (err error) return err } - keyDirPath := path.Join(ks.keysDirPath, hex.EncodeToString(keyAddr)) + keyDirPath := filepath.Join(ks.keysDirPath, hex.EncodeToString(keyAddr)) return os.RemoveAll(keyDirPath) } diff --git a/crypto/key_store_plain.go b/crypto/key_store_plain.go index 9bbaf1c15..581968d7c 100644 --- a/crypto/key_store_plain.go +++ b/crypto/key_store_plain.go @@ -30,7 +30,7 @@ import ( "io" "io/ioutil" "os" - "path" + "path/filepath" ) // TODO: rename to KeyStore when replacing existing KeyStore @@ -91,20 +91,20 @@ func (ks keyStorePlain) StoreKey(key *Key, auth string) (err error) { } func (ks keyStorePlain) DeleteKey(keyAddr []byte, auth string) (err error) { - keyDirPath := path.Join(ks.keysDirPath, hex.EncodeToString(keyAddr)) + keyDirPath := filepath.Join(ks.keysDirPath, hex.EncodeToString(keyAddr)) err = os.RemoveAll(keyDirPath) return err } func GetKeyFile(keysDirPath string, keyAddr []byte) (fileContent []byte, err error) { fileName := hex.EncodeToString(keyAddr) - return ioutil.ReadFile(path.Join(keysDirPath, fileName, fileName)) + return ioutil.ReadFile(filepath.Join(keysDirPath, fileName, fileName)) } func WriteKeyFile(addr []byte, keysDirPath string, content []byte) (err error) { addrHex := hex.EncodeToString(addr) - keyDirPath := path.Join(keysDirPath, addrHex) - keyFilePath := path.Join(keyDirPath, addrHex) + keyDirPath := filepath.Join(keysDirPath, addrHex) + keyFilePath := filepath.Join(keyDirPath, addrHex) err = os.MkdirAll(keyDirPath, 0700) // read, write and dir search for user if err != nil { return err -- cgit v1.2.3 From 9918b6c84e2547f3d24a6cfeb97cfcbd6cb4dc98 Mon Sep 17 00:00:00 2001 From: Gustav Simonsson Date: Thu, 2 Apr 2015 17:02:56 +0200 Subject: Remove the awesome, ever misunderstood entropy mixing --- crypto/key_store_passphrase.go | 4 +-- crypto/randentropy/rand_entropy.go | 51 +------------------------------------- crypto/secp256k1/secp256.go | 4 +-- crypto/secp256k1/secp256_test.go | 20 +++++++-------- 4 files changed, 15 insertions(+), 64 deletions(-) (limited to 'crypto') diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 9d36d7b03..ee383584c 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -118,7 +118,7 @@ func (ks keyStorePassphrase) GetKeyAddresses() (addresses [][]byte, err error) { func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { authArray := []byte(auth) - salt := randentropy.GetEntropyMixed(32) + salt := randentropy.GetEntropyCSPRNG(32) derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen) if err != nil { return err @@ -133,7 +133,7 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { return err } - iv := randentropy.GetEntropyMixed(aes.BlockSize) // 16 + iv := randentropy.GetEntropyCSPRNG(aes.BlockSize) // 16 AES256CBCEncrypter := cipher.NewCBCEncrypter(AES256Block, iv) cipherText := make([]byte, len(toEncrypt)) AES256CBCEncrypter.CryptBlocks(cipherText, toEncrypt) diff --git a/crypto/randentropy/rand_entropy.go b/crypto/randentropy/rand_entropy.go index b87fa564e..68bb8808b 100644 --- a/crypto/randentropy/rand_entropy.go +++ b/crypto/randentropy/rand_entropy.go @@ -2,12 +2,8 @@ package randentropy import ( crand "crypto/rand" - "encoding/binary" "github.com/ethereum/go-ethereum/crypto/sha3" "io" - "os" - "strings" - "time" ) var Reader io.Reader = &randEntropy{} @@ -16,7 +12,7 @@ type randEntropy struct { } func (*randEntropy) Read(bytes []byte) (n int, err error) { - readBytes := GetEntropyMixed(len(bytes)) + readBytes := GetEntropyCSPRNG(len(bytes)) copy(bytes, readBytes) return len(bytes), nil } @@ -29,40 +25,6 @@ func Sha3(data []byte) []byte { return d.Sum(nil) } -// TODO: verify. this needs to be audited -// we start with crypt/rand, then XOR in additional entropy from OS -func GetEntropyMixed(n int) []byte { - startTime := time.Now().UnixNano() - // for each source, we take SHA3 of the source and use it as seed to math/rand - // then read bytes from it and XOR them onto the bytes read from crypto/rand - mainBuff := GetEntropyCSPRNG(n) - // 1. OS entropy sources - startTimeBytes := make([]byte, 32) - binary.PutVarint(startTimeBytes, startTime) - startTimeHash := Sha3(startTimeBytes) - mixBytes(mainBuff, startTimeHash) - - pid := os.Getpid() - pidBytes := make([]byte, 32) - binary.PutUvarint(pidBytes, uint64(pid)) - pidHash := Sha3(pidBytes) - mixBytes(mainBuff, pidHash) - - osEnv := os.Environ() - osEnvBytes := []byte(strings.Join(osEnv, "")) - osEnvHash := Sha3(osEnvBytes) - mixBytes(mainBuff, osEnvHash) - - // not all OS have hostname in env variables - osHostName, err := os.Hostname() - if err != nil { - osHostNameBytes := []byte(osHostName) - osHostNameHash := Sha3(osHostNameBytes) - mixBytes(mainBuff, osHostNameHash) - } - return mainBuff -} - func GetEntropyCSPRNG(n int) []byte { mainBuff := make([]byte, n) _, err := io.ReadFull(crand.Reader, mainBuff) @@ -71,14 +33,3 @@ func GetEntropyCSPRNG(n int) []byte { } return mainBuff } - -func mixBytes(buff []byte, mixBuff []byte) []byte { - bytesToMix := len(buff) - if bytesToMix > 32 { - bytesToMix = 32 - } - for i := 0; i < bytesToMix; i++ { - buff[i] ^= mixBuff[i] - } - return buff -} diff --git a/crypto/secp256k1/secp256.go b/crypto/secp256k1/secp256.go index f8cc60e82..8ed81a1ed 100644 --- a/crypto/secp256k1/secp256.go +++ b/crypto/secp256k1/secp256.go @@ -59,7 +59,7 @@ func GenerateKeyPair() ([]byte, []byte) { const seckey_len = 32 var pubkey []byte = make([]byte, pubkey_len) - var seckey []byte = randentropy.GetEntropyMixed(seckey_len) + var seckey []byte = randentropy.GetEntropyCSPRNG(seckey_len) var pubkey_ptr *C.uchar = (*C.uchar)(unsafe.Pointer(&pubkey[0])) var seckey_ptr *C.uchar = (*C.uchar)(unsafe.Pointer(&seckey[0])) @@ -99,7 +99,7 @@ func GeneratePubKey(seckey []byte) ([]byte, error) { } func Sign(msg []byte, seckey []byte) ([]byte, error) { - nonce := randentropy.GetEntropyMixed(32) + nonce := randentropy.GetEntropyCSPRNG(32) var sig []byte = make([]byte, 65) var recid C.int diff --git a/crypto/secp256k1/secp256_test.go b/crypto/secp256k1/secp256_test.go index 3599fde38..14d260beb 100644 --- a/crypto/secp256k1/secp256_test.go +++ b/crypto/secp256k1/secp256_test.go @@ -14,7 +14,7 @@ const SigSize = 65 //64+1 func Test_Secp256_00(t *testing.T) { - var nonce []byte = randentropy.GetEntropyMixed(32) //going to get bitcoins stolen! + var nonce []byte = randentropy.GetEntropyCSPRNG(32) //going to get bitcoins stolen! if len(nonce) != 32 { t.Fatal() @@ -52,7 +52,7 @@ func Test_Secp256_01(t *testing.T) { //test size of messages func Test_Secp256_02s(t *testing.T) { pubkey, seckey := GenerateKeyPair() - msg := randentropy.GetEntropyMixed(32) + msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) CompactSigTest(sig) if sig == nil { @@ -75,7 +75,7 @@ func Test_Secp256_02s(t *testing.T) { //test signing message func Test_Secp256_02(t *testing.T) { pubkey1, seckey := GenerateKeyPair() - msg := randentropy.GetEntropyMixed(32) + msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) if sig == nil { t.Fatal("Signature nil") @@ -98,7 +98,7 @@ func Test_Secp256_02(t *testing.T) { //test pubkey recovery func Test_Secp256_02a(t *testing.T) { pubkey1, seckey1 := GenerateKeyPair() - msg := randentropy.GetEntropyMixed(32) + msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey1) if sig == nil { @@ -127,7 +127,7 @@ func Test_Secp256_02a(t *testing.T) { func Test_Secp256_03(t *testing.T) { _, seckey := GenerateKeyPair() for i := 0; i < TESTS; i++ { - msg := randentropy.GetEntropyMixed(32) + msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) CompactSigTest(sig) @@ -143,7 +143,7 @@ func Test_Secp256_03(t *testing.T) { func Test_Secp256_04(t *testing.T) { for i := 0; i < TESTS; i++ { pubkey1, seckey := GenerateKeyPair() - msg := randentropy.GetEntropyMixed(32) + msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) CompactSigTest(sig) @@ -166,7 +166,7 @@ func Test_Secp256_04(t *testing.T) { // -SIPA look at this func randSig() []byte { - sig := randentropy.GetEntropyMixed(65) + sig := randentropy.GetEntropyCSPRNG(65) sig[32] &= 0x70 sig[64] %= 4 return sig @@ -174,7 +174,7 @@ func randSig() []byte { func Test_Secp256_06a_alt0(t *testing.T) { pubkey1, seckey := GenerateKeyPair() - msg := randentropy.GetEntropyMixed(32) + msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) if sig == nil { @@ -205,12 +205,12 @@ func Test_Secp256_06a_alt0(t *testing.T) { func Test_Secp256_06b(t *testing.T) { pubkey1, seckey := GenerateKeyPair() - msg := randentropy.GetEntropyMixed(32) + msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) fail_count := 0 for i := 0; i < TESTS; i++ { - msg = randentropy.GetEntropyMixed(32) + msg = randentropy.GetEntropyCSPRNG(32) pubkey2, _ := RecoverPubkey(msg, sig) if bytes.Equal(pubkey1, pubkey2) == true { t.Fail() -- cgit v1.2.3 From 6b23094cff77d7e485e0a2ae5698884f63c87ce7 Mon Sep 17 00:00:00 2001 From: Gustav Simonsson Date: Thu, 2 Apr 2015 18:15:58 +0200 Subject: Improve key store passphrase crypto * Change MAC-then-Encrypt to Encrypt-then-MAC * Change AES256 to AES128 * Use first 16 bytes of KDF derived key for AES and remaining 16 for MAC --- crypto/crypto.go | 2 +- crypto/key.go | 1 + crypto/key_store_passphrase.go | 49 ++++++++++++++++++++++++------------------ crypto/key_store_test.go | 2 +- 4 files changed, 31 insertions(+), 23 deletions(-) (limited to 'crypto') diff --git a/crypto/crypto.go b/crypto/crypto.go index 3c5783014..6fc5bfd36 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -252,7 +252,7 @@ func aesCBCDecrypt(key []byte, cipherText []byte, iv []byte) (plainText []byte, decrypter.CryptBlocks(paddedPlainText, cipherText) plainText = PKCS7Unpad(paddedPlainText) if plainText == nil { - err = errors.New("Decryption failed: PKCS7Unpad failed after decryption") + err = errors.New("Decryption failed: PKCS7Unpad failed after AES decryption") } return plainText, err } diff --git a/crypto/key.go b/crypto/key.go index 0b84bfec1..654d9e83d 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -48,6 +48,7 @@ type plainKeyJSON struct { } type cipherJSON struct { + MAC []byte Salt []byte IV []byte CipherText []byte diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index ee383584c..4cfb1851b 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -28,24 +28,25 @@ the private key is encrypted and on disk uses another JSON encoding. Cryptography: -1. Encryption key is scrypt derived key from user passphrase. Scrypt parameters +1. Encryption key is first 16 bytes of SHA3-256 of first 16 bytes of + scrypt derived key from user passphrase. Scrypt parameters (work factors) [1][2] are defined as constants below. -2. Scrypt salt is 32 random bytes from CSPRNG. It is appended to ciphertext. -3. Checksum is SHA3 of the private key bytes. -4. Plaintext is concatenation of private key bytes and checksum. -5. Encryption algo is AES 256 CBC [3][4] -6. CBC IV is 16 random bytes from CSPRNG. It is appended to ciphertext. +2. Scrypt salt is 32 random bytes from CSPRNG. + It's stored in plain next to ciphertext in key file. +3. MAC is SHA3-256 of concatenation of ciphertext and last 16 bytes of scrypt derived key. +4. Plaintext is the EC private key bytes. +5. Encryption algo is AES 128 CBC [3][4] +6. CBC IV is 16 random bytes from CSPRNG. + It's stored in plain next to ciphertext in key file. 7. Plaintext padding is PKCS #7 [5][6] Encoding: -1. On disk, ciphertext, salt and IV are encoded in a nested JSON object. +1. On disk, the ciphertext, MAC, salt and IV are encoded in a nested JSON object. cat a key file to see the structure. 2. byte arrays are base64 JSON strings. 3. The EC private key bytes are in uncompressed form [7]. They are a big-endian byte slice of the absolute value of D [8][9]. -4. The checksum is the last 32 bytes of the plaintext byte array and the - private key is the preceeding bytes. References: @@ -124,21 +125,25 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { return err } + encryptKey := Sha3(derivedKey[:16])[:16] + keyBytes := FromECDSA(key.PrivateKey) - keyBytesHash := Sha3(keyBytes) - toEncrypt := PKCS7Pad(append(keyBytes, keyBytesHash...)) + toEncrypt := PKCS7Pad(keyBytes) - AES256Block, err := aes.NewCipher(derivedKey) + AES128Block, err := aes.NewCipher(encryptKey) if err != nil { return err } iv := randentropy.GetEntropyCSPRNG(aes.BlockSize) // 16 - AES256CBCEncrypter := cipher.NewCBCEncrypter(AES256Block, iv) + AES128CBCEncrypter := cipher.NewCBCEncrypter(AES128Block, iv) cipherText := make([]byte, len(toEncrypt)) - AES256CBCEncrypter.CryptBlocks(cipherText, toEncrypt) + AES128CBCEncrypter.CryptBlocks(cipherText, toEncrypt) + + mac := Sha3(derivedKey[16:32], cipherText) cipherStruct := cipherJSON{ + mac, salt, iv, cipherText, @@ -177,6 +182,7 @@ func DecryptKey(ks keyStorePassphrase, keyAddr []byte, auth string) (keyBytes [] err = json.Unmarshal(fileContent, keyProtected) keyId = keyProtected.Id + mac := keyProtected.Crypto.MAC salt := keyProtected.Crypto.Salt iv := keyProtected.Crypto.IV cipherText := keyProtected.Crypto.CipherText @@ -186,15 +192,16 @@ func DecryptKey(ks keyStorePassphrase, keyAddr []byte, auth string) (keyBytes [] if err != nil { return nil, nil, err } - plainText, err := aesCBCDecrypt(derivedKey, cipherText, iv) - if err != nil { + + calculatedMAC := Sha3(derivedKey[16:32], cipherText) + if !bytes.Equal(calculatedMAC, mac) { + err = errors.New("Decryption failed: MAC mismatch") return nil, nil, err } - keyBytes = plainText[:len(plainText)-32] - keyBytesHash := plainText[len(plainText)-32:] - if !bytes.Equal(Sha3(keyBytes), keyBytesHash) { - err = errors.New("Decryption failed: checksum mismatch") + + plainText, err := aesCBCDecrypt(Sha3(derivedKey[:16])[:16], cipherText, iv) + if err != nil { return nil, nil, err } - return keyBytes, keyId, err + return plainText, keyId, err } diff --git a/crypto/key_store_test.go b/crypto/key_store_test.go index f0a1e567b..6e50afe34 100644 --- a/crypto/key_store_test.go +++ b/crypto/key_store_test.go @@ -1,8 +1,8 @@ package crypto import ( - "github.com/ethereum/go-ethereum/crypto/randentropy" "github.com/ethereum/go-ethereum/common" + "github.com/ethereum/go-ethereum/crypto/randentropy" "reflect" "testing" ) -- cgit v1.2.3 From da9fe951da4005761a014316c46771d628dc058e Mon Sep 17 00:00:00 2001 From: Gustav Simonsson Date: Thu, 2 Apr 2015 21:14:25 +0200 Subject: Use common.Address type for accounts.Address --- crypto/crypto.go | 6 +++--- crypto/key.go | 9 +++++---- crypto/key_store_passphrase.go | 14 +++++++------- crypto/key_store_plain.go | 29 +++++++++++++++-------------- 4 files changed, 30 insertions(+), 28 deletions(-) (limited to 'crypto') diff --git a/crypto/crypto.go b/crypto/crypto.go index 6fc5bfd36..2b1628124 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -231,13 +231,13 @@ func decryptPreSaleKey(fileContent []byte, password string) (key *Key, err error ecKey := ToECDSA(ethPriv) key = &Key{ Id: nil, - Address: PubkeyToAddress(ecKey.PublicKey), + Address: common.BytesToAddress(PubkeyToAddress(ecKey.PublicKey)), PrivateKey: ecKey, } - derivedAddr := common.Bytes2Hex(key.Address) + derivedAddr := hex.EncodeToString(key.Address.Bytes()) // needed because .Hex() gives leading "0x" expectedAddr := preSaleKeyStruct.EthAddr if derivedAddr != expectedAddr { - err = errors.New("decrypted addr not equal to expected addr") + err = errors.New(fmt.Sprintf("decrypted addr not equal to expected addr ", derivedAddr, expectedAddr)) } return key, err } diff --git a/crypto/key.go b/crypto/key.go index 654d9e83d..5e1f3637e 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -30,12 +30,13 @@ import ( "io" "code.google.com/p/go-uuid/uuid" + "github.com/ethereum/go-ethereum/common" ) type Key struct { Id uuid.UUID // Version 4 "random" for unique id not derived from key data // to simplify lookups we also store the address - Address []byte + Address common.Address // we only store privkey as pubkey/address can be derived from it // privkey in this struct is always in plaintext PrivateKey *ecdsa.PrivateKey @@ -63,7 +64,7 @@ type encryptedKeyJSON struct { func (k *Key) MarshalJSON() (j []byte, err error) { jStruct := plainKeyJSON{ k.Id, - k.Address, + k.Address.Bytes(), FromECDSA(k.PrivateKey), } j, err = json.Marshal(jStruct) @@ -80,7 +81,7 @@ func (k *Key) UnmarshalJSON(j []byte) (err error) { u := new(uuid.UUID) *u = keyJSON.Id k.Id = *u - k.Address = keyJSON.Address + k.Address = common.BytesToAddress(keyJSON.Address) k.PrivateKey = ToECDSA(keyJSON.PrivateKey) return err @@ -90,7 +91,7 @@ func NewKeyFromECDSA(privateKeyECDSA *ecdsa.PrivateKey) *Key { id := uuid.NewRandom() key := &Key{ Id: id, - Address: PubkeyToAddress(privateKeyECDSA.PublicKey), + Address: common.BytesToAddress(PubkeyToAddress(privateKeyECDSA.PublicKey)), PrivateKey: privateKeyECDSA, } return key diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 4cfb1851b..739483d9f 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -68,7 +68,6 @@ import ( "bytes" "crypto/aes" "crypto/cipher" - "encoding/hex" "encoding/json" "errors" "io" @@ -76,6 +75,7 @@ import ( "path/filepath" "code.google.com/p/go-uuid/uuid" + "github.com/ethereum/go-ethereum/common" "github.com/ethereum/go-ethereum/crypto/randentropy" "golang.org/x/crypto/scrypt" ) @@ -100,7 +100,7 @@ func (ks keyStorePassphrase) GenerateNewKey(rand io.Reader, auth string) (key *K return GenerateNewKeyDefault(ks, rand, auth) } -func (ks keyStorePassphrase) GetKey(keyAddr []byte, auth string) (key *Key, err error) { +func (ks keyStorePassphrase) GetKey(keyAddr common.Address, auth string) (key *Key, err error) { keyBytes, keyId, err := DecryptKey(ks, keyAddr, auth) if err != nil { return nil, err @@ -113,7 +113,7 @@ func (ks keyStorePassphrase) GetKey(keyAddr []byte, auth string) (key *Key, err return key, err } -func (ks keyStorePassphrase) GetKeyAddresses() (addresses [][]byte, err error) { +func (ks keyStorePassphrase) GetKeyAddresses() (addresses []common.Address, err error) { return GetKeyAddresses(ks.keysDirPath) } @@ -150,7 +150,7 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { } keyStruct := encryptedKeyJSON{ key.Id, - key.Address, + key.Address.Bytes(), cipherStruct, } keyJSON, err := json.Marshal(keyStruct) @@ -161,18 +161,18 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { return WriteKeyFile(key.Address, ks.keysDirPath, keyJSON) } -func (ks keyStorePassphrase) DeleteKey(keyAddr []byte, auth string) (err error) { +func (ks keyStorePassphrase) DeleteKey(keyAddr common.Address, auth string) (err error) { // only delete if correct passphrase is given _, _, err = DecryptKey(ks, keyAddr, auth) if err != nil { return err } - keyDirPath := filepath.Join(ks.keysDirPath, hex.EncodeToString(keyAddr)) + keyDirPath := filepath.Join(ks.keysDirPath, keyAddr.Hex()) return os.RemoveAll(keyDirPath) } -func DecryptKey(ks keyStorePassphrase, keyAddr []byte, auth string) (keyBytes []byte, keyId []byte, err error) { +func DecryptKey(ks keyStorePassphrase, keyAddr common.Address, auth string) (keyBytes []byte, keyId []byte, err error) { fileContent, err := GetKeyFile(ks.keysDirPath, keyAddr) if err != nil { return nil, nil, err diff --git a/crypto/key_store_plain.go b/crypto/key_store_plain.go index 581968d7c..2ade11985 100644 --- a/crypto/key_store_plain.go +++ b/crypto/key_store_plain.go @@ -27,6 +27,7 @@ import ( "encoding/hex" "encoding/json" "fmt" + "github.com/ethereum/go-ethereum/common" "io" "io/ioutil" "os" @@ -37,10 +38,10 @@ import ( type KeyStore2 interface { // create new key using io.Reader entropy source and optionally using auth string GenerateNewKey(io.Reader, string) (*Key, error) - GetKey([]byte, string) (*Key, error) // key from addr and auth string - GetKeyAddresses() ([][]byte, error) // get all addresses - StoreKey(*Key, string) error // store key optionally using auth string - DeleteKey([]byte, string) error // delete key by addr and auth string + GetKey(common.Address, string) (*Key, error) // key from addr and auth string + GetKeyAddresses() ([]common.Address, error) // get all addresses + StoreKey(*Key, string) error // store key optionally using auth string + DeleteKey(common.Address, string) error // delete key by addr and auth string } type keyStorePlain struct { @@ -66,7 +67,7 @@ func GenerateNewKeyDefault(ks KeyStore2, rand io.Reader, auth string) (key *Key, return key, err } -func (ks keyStorePlain) GetKey(keyAddr []byte, auth string) (key *Key, err error) { +func (ks keyStorePlain) GetKey(keyAddr common.Address, auth string) (key *Key, err error) { fileContent, err := GetKeyFile(ks.keysDirPath, keyAddr) if err != nil { return nil, err @@ -77,7 +78,7 @@ func (ks keyStorePlain) GetKey(keyAddr []byte, auth string) (key *Key, err error return key, err } -func (ks keyStorePlain) GetKeyAddresses() (addresses [][]byte, err error) { +func (ks keyStorePlain) GetKeyAddresses() (addresses []common.Address, err error) { return GetKeyAddresses(ks.keysDirPath) } @@ -90,19 +91,19 @@ func (ks keyStorePlain) StoreKey(key *Key, auth string) (err error) { return err } -func (ks keyStorePlain) DeleteKey(keyAddr []byte, auth string) (err error) { - keyDirPath := filepath.Join(ks.keysDirPath, hex.EncodeToString(keyAddr)) +func (ks keyStorePlain) DeleteKey(keyAddr common.Address, auth string) (err error) { + keyDirPath := filepath.Join(ks.keysDirPath, keyAddr.Hex()) err = os.RemoveAll(keyDirPath) return err } -func GetKeyFile(keysDirPath string, keyAddr []byte) (fileContent []byte, err error) { - fileName := hex.EncodeToString(keyAddr) +func GetKeyFile(keysDirPath string, keyAddr common.Address) (fileContent []byte, err error) { + fileName := keyAddr.Hex() return ioutil.ReadFile(filepath.Join(keysDirPath, fileName, fileName)) } -func WriteKeyFile(addr []byte, keysDirPath string, content []byte) (err error) { - addrHex := hex.EncodeToString(addr) +func WriteKeyFile(addr common.Address, keysDirPath string, content []byte) (err error) { + addrHex := addr.Hex() keyDirPath := filepath.Join(keysDirPath, addrHex) keyFilePath := filepath.Join(keyDirPath, addrHex) err = os.MkdirAll(keyDirPath, 0700) // read, write and dir search for user @@ -112,7 +113,7 @@ func WriteKeyFile(addr []byte, keysDirPath string, content []byte) (err error) { return ioutil.WriteFile(keyFilePath, content, 0600) // read, write for user } -func GetKeyAddresses(keysDirPath string) (addresses [][]byte, err error) { +func GetKeyAddresses(keysDirPath string) (addresses []common.Address, err error) { fileInfos, err := ioutil.ReadDir(keysDirPath) if err != nil { return nil, err @@ -122,7 +123,7 @@ func GetKeyAddresses(keysDirPath string) (addresses [][]byte, err error) { if err != nil { continue } - addresses = append(addresses, address) + addresses = append(addresses, common.BytesToAddress(address)) } return addresses, err } -- cgit v1.2.3 From 29a5a92d13cad45794c6e42cb97260a9ab9900ab Mon Sep 17 00:00:00 2001 From: Gustav Simonsson Date: Wed, 15 Apr 2015 13:24:12 +0200 Subject: Add key header to encrypted keys * Add key header containing key version, kdf and kdf params * Store key header as JSON in the key file * Read in KDF params from key header * Include key header in MAC calculation and MAC verification --- crypto/key.go | 23 +++++++++++++++++++---- crypto/key_store_passphrase.go | 41 ++++++++++++++++++++++++++++++++++++++--- 2 files changed, 57 insertions(+), 7 deletions(-) (limited to 'crypto') diff --git a/crypto/key.go b/crypto/key.go index 5e1f3637e..067a5a294 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -48,17 +48,32 @@ type plainKeyJSON struct { PrivateKey []byte } +type encryptedKeyJSON struct { + Id []byte + Address []byte + Crypto cipherJSON +} + type cipherJSON struct { MAC []byte Salt []byte IV []byte + KeyHeader keyHeaderJSON CipherText []byte } -type encryptedKeyJSON struct { - Id []byte - Address []byte - Crypto cipherJSON +type keyHeaderJSON struct { + Version string + Kdf string + KdfParams scryptParamsJSON // TODO: make more generic? +} + +type scryptParamsJSON struct { + N int + R int + P int + DkLen int + SaltLen int } func (k *Key) MarshalJSON() (j []byte, err error) { diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 739483d9f..00717b5d1 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -81,6 +81,8 @@ import ( ) const ( + keyHeaderVersion = "1" + keyHeaderKDF = "scrypt" // 2^18 / 8 / 1 uses 256MB memory and approx 1s CPU time on a modern CPU. scryptN = 1 << 18 scryptr = 8 @@ -140,12 +142,32 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { cipherText := make([]byte, len(toEncrypt)) AES128CBCEncrypter.CryptBlocks(cipherText, toEncrypt) - mac := Sha3(derivedKey[16:32], cipherText) + paramsJSON := scryptParamsJSON{ + N: scryptN, + R: scryptr, + P: scryptp, + DkLen: scryptdkLen, + SaltLen: 32, + } + + keyHeaderJSON := keyHeaderJSON{ + Version: keyHeaderVersion, + Kdf: keyHeaderKDF, + KdfParams: paramsJSON, + } + + keyHeaderJSONStr, err := json.Marshal(keyHeaderJSON) + if err != nil { + return err + } + + mac := Sha3(keyHeaderJSONStr, derivedKey[16:32], cipherText) cipherStruct := cipherJSON{ mac, salt, iv, + keyHeaderJSON, cipherText, } keyStruct := encryptedKeyJSON{ @@ -185,15 +207,28 @@ func DecryptKey(ks keyStorePassphrase, keyAddr common.Address, auth string) (key mac := keyProtected.Crypto.MAC salt := keyProtected.Crypto.Salt iv := keyProtected.Crypto.IV + keyHeader := keyProtected.Crypto.KeyHeader cipherText := keyProtected.Crypto.CipherText + // used in MAC + keyHeaderJSONStr, err := json.Marshal(keyHeader) + if err != nil { + return nil, nil, err + } + + // TODO: make this more generic when we support different KDF params / key versions + n := keyHeader.KdfParams.N + r := keyHeader.KdfParams.R + p := keyHeader.KdfParams.P + dkLen := keyHeader.KdfParams.DkLen + authArray := []byte(auth) - derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen) + derivedKey, err := scrypt.Key(authArray, salt, n, r, p, dkLen) if err != nil { return nil, nil, err } - calculatedMAC := Sha3(derivedKey[16:32], cipherText) + calculatedMAC := Sha3(keyHeaderJSONStr, derivedKey[16:32], cipherText) if !bytes.Equal(calculatedMAC, mac) { err = errors.New("Decryption failed: MAC mismatch") return nil, nil, err -- cgit v1.2.3 From cd88295f5ac360aaaf63be94ae09f202a4b8630f Mon Sep 17 00:00:00 2001 From: Gustav Simonsson Date: Wed, 15 Apr 2015 15:47:00 +0200 Subject: Add key header to unencrypted key file --- crypto/key.go | 17 ++++++++++++----- crypto/key_store_passphrase.go | 7 ++++--- 2 files changed, 16 insertions(+), 8 deletions(-) (limited to 'crypto') diff --git a/crypto/key.go b/crypto/key.go index 067a5a294..0f36a7f6b 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -45,27 +45,28 @@ type Key struct { type plainKeyJSON struct { Id []byte Address []byte + KeyHeader keyHeaderJSON PrivateKey []byte } type encryptedKeyJSON struct { - Id []byte - Address []byte - Crypto cipherJSON + Id []byte + Address []byte + KeyHeader keyHeaderJSON + Crypto cipherJSON } type cipherJSON struct { MAC []byte Salt []byte IV []byte - KeyHeader keyHeaderJSON CipherText []byte } type keyHeaderJSON struct { Version string Kdf string - KdfParams scryptParamsJSON // TODO: make more generic? + KdfParams *scryptParamsJSON // TODO: make more generic? } type scryptParamsJSON struct { @@ -77,9 +78,15 @@ type scryptParamsJSON struct { } func (k *Key) MarshalJSON() (j []byte, err error) { + keyHeader := keyHeaderJSON{ + Version: "1", + Kdf: "", + KdfParams: nil, + } jStruct := plainKeyJSON{ k.Id, k.Address.Bytes(), + keyHeader, FromECDSA(k.PrivateKey), } j, err = json.Marshal(jStruct) diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 00717b5d1..96227e4d1 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -153,7 +153,7 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { keyHeaderJSON := keyHeaderJSON{ Version: keyHeaderVersion, Kdf: keyHeaderKDF, - KdfParams: paramsJSON, + KdfParams: ¶msJSON, } keyHeaderJSONStr, err := json.Marshal(keyHeaderJSON) @@ -167,12 +167,12 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { mac, salt, iv, - keyHeaderJSON, cipherText, } keyStruct := encryptedKeyJSON{ key.Id, key.Address.Bytes(), + keyHeaderJSON, cipherStruct, } keyJSON, err := json.Marshal(keyStruct) @@ -204,10 +204,11 @@ func DecryptKey(ks keyStorePassphrase, keyAddr common.Address, auth string) (key err = json.Unmarshal(fileContent, keyProtected) keyId = keyProtected.Id + keyHeader := keyProtected.KeyHeader + mac := keyProtected.Crypto.MAC salt := keyProtected.Crypto.Salt iv := keyProtected.Crypto.IV - keyHeader := keyProtected.Crypto.KeyHeader cipherText := keyProtected.Crypto.CipherText // used in MAC -- cgit v1.2.3 From 313eec33ad7add82bfdd00e3a076091fa990c799 Mon Sep 17 00:00:00 2001 From: Gustav Simonsson Date: Tue, 21 Apr 2015 15:52:10 +0200 Subject: Revert "Add key header to unencrypted key file" This reverts commit a94d4ba0b53c4558ab838aaed635a2ff66ddfa53. --- crypto/key.go | 17 +++++------------ crypto/key_store_passphrase.go | 7 +++---- 2 files changed, 8 insertions(+), 16 deletions(-) (limited to 'crypto') diff --git a/crypto/key.go b/crypto/key.go index 0f36a7f6b..067a5a294 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -45,28 +45,27 @@ type Key struct { type plainKeyJSON struct { Id []byte Address []byte - KeyHeader keyHeaderJSON PrivateKey []byte } type encryptedKeyJSON struct { - Id []byte - Address []byte - KeyHeader keyHeaderJSON - Crypto cipherJSON + Id []byte + Address []byte + Crypto cipherJSON } type cipherJSON struct { MAC []byte Salt []byte IV []byte + KeyHeader keyHeaderJSON CipherText []byte } type keyHeaderJSON struct { Version string Kdf string - KdfParams *scryptParamsJSON // TODO: make more generic? + KdfParams scryptParamsJSON // TODO: make more generic? } type scryptParamsJSON struct { @@ -78,15 +77,9 @@ type scryptParamsJSON struct { } func (k *Key) MarshalJSON() (j []byte, err error) { - keyHeader := keyHeaderJSON{ - Version: "1", - Kdf: "", - KdfParams: nil, - } jStruct := plainKeyJSON{ k.Id, k.Address.Bytes(), - keyHeader, FromECDSA(k.PrivateKey), } j, err = json.Marshal(jStruct) diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 96227e4d1..00717b5d1 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -153,7 +153,7 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { keyHeaderJSON := keyHeaderJSON{ Version: keyHeaderVersion, Kdf: keyHeaderKDF, - KdfParams: ¶msJSON, + KdfParams: paramsJSON, } keyHeaderJSONStr, err := json.Marshal(keyHeaderJSON) @@ -167,12 +167,12 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { mac, salt, iv, + keyHeaderJSON, cipherText, } keyStruct := encryptedKeyJSON{ key.Id, key.Address.Bytes(), - keyHeaderJSON, cipherStruct, } keyJSON, err := json.Marshal(keyStruct) @@ -204,11 +204,10 @@ func DecryptKey(ks keyStorePassphrase, keyAddr common.Address, auth string) (key err = json.Unmarshal(fileContent, keyProtected) keyId = keyProtected.Id - keyHeader := keyProtected.KeyHeader - mac := keyProtected.Crypto.MAC salt := keyProtected.Crypto.Salt iv := keyProtected.Crypto.IV + keyHeader := keyProtected.Crypto.KeyHeader cipherText := keyProtected.Crypto.CipherText // used in MAC -- cgit v1.2.3 From f98e002d9851b8df53a09a0e3189f2e8fdec48df Mon Sep 17 00:00:00 2001 From: Gustav Simonsson Date: Tue, 21 Apr 2015 17:00:30 +0200 Subject: Address pull request comments; key header and hex encoding * Remove key header from unencrypted key file format and replace it with a version field * Change encoding of bytes in key files from base64 to hex --- crypto/key.go | 52 ++++++++++++++++++++++++++++-------------- crypto/key_store_passphrase.go | 42 ++++++++++++++++++++++++---------- crypto/key_store_plain.go | 4 ++-- 3 files changed, 67 insertions(+), 31 deletions(-) (limited to 'crypto') diff --git a/crypto/key.go b/crypto/key.go index 067a5a294..1af69d795 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -26,6 +26,7 @@ package crypto import ( "bytes" "crypto/ecdsa" + "encoding/hex" "encoding/json" "io" @@ -33,6 +34,10 @@ import ( "github.com/ethereum/go-ethereum/common" ) +const ( + version = "1" +) + type Key struct { Id uuid.UUID // Version 4 "random" for unique id not derived from key data // to simplify lookups we also store the address @@ -43,29 +48,31 @@ type Key struct { } type plainKeyJSON struct { - Id []byte - Address []byte - PrivateKey []byte + Version string + Id string + Address string + PrivateKey string } type encryptedKeyJSON struct { - Id []byte - Address []byte + Version string + Id string + Address string Crypto cipherJSON } type cipherJSON struct { - MAC []byte - Salt []byte - IV []byte + MAC string + Salt string + IV string KeyHeader keyHeaderJSON - CipherText []byte + CipherText string } type keyHeaderJSON struct { Version string Kdf string - KdfParams scryptParamsJSON // TODO: make more generic? + KdfParams scryptParamsJSON } type scryptParamsJSON struct { @@ -78,9 +85,10 @@ type scryptParamsJSON struct { func (k *Key) MarshalJSON() (j []byte, err error) { jStruct := plainKeyJSON{ - k.Id, - k.Address.Bytes(), - FromECDSA(k.PrivateKey), + version, + k.Id.String(), + hex.EncodeToString(k.Address[:]), + hex.EncodeToString(FromECDSA(k.PrivateKey)), } j, err = json.Marshal(jStruct) return j, err @@ -94,12 +102,22 @@ func (k *Key) UnmarshalJSON(j []byte) (err error) { } u := new(uuid.UUID) - *u = keyJSON.Id + *u = uuid.Parse(keyJSON.Id) k.Id = *u - k.Address = common.BytesToAddress(keyJSON.Address) - k.PrivateKey = ToECDSA(keyJSON.PrivateKey) + addr, err := hex.DecodeString(keyJSON.Address) + if err != nil { + return err + } + + privkey, err := hex.DecodeString(keyJSON.PrivateKey) + if err != nil { + return err + } + + k.Address = common.BytesToAddress(addr) + k.PrivateKey = ToECDSA(privkey) - return err + return nil } func NewKeyFromECDSA(privateKeyECDSA *ecdsa.PrivateKey) *Key { diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 00717b5d1..2e7929cee 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -68,6 +68,7 @@ import ( "bytes" "crypto/aes" "crypto/cipher" + "encoding/hex" "encoding/json" "errors" "io" @@ -164,15 +165,16 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { mac := Sha3(keyHeaderJSONStr, derivedKey[16:32], cipherText) cipherStruct := cipherJSON{ - mac, - salt, - iv, + hex.EncodeToString(mac), + hex.EncodeToString(salt), + hex.EncodeToString(iv), keyHeaderJSON, - cipherText, + hex.EncodeToString(cipherText), } keyStruct := encryptedKeyJSON{ - key.Id, - key.Address.Bytes(), + version, + key.Id.String(), + hex.EncodeToString(key.Address[:]), cipherStruct, } keyJSON, err := json.Marshal(keyStruct) @@ -190,7 +192,7 @@ func (ks keyStorePassphrase) DeleteKey(keyAddr common.Address, auth string) (err return err } - keyDirPath := filepath.Join(ks.keysDirPath, keyAddr.Hex()) + keyDirPath := filepath.Join(ks.keysDirPath, hex.EncodeToString(keyAddr[:])) return os.RemoveAll(keyDirPath) } @@ -203,12 +205,28 @@ func DecryptKey(ks keyStorePassphrase, keyAddr common.Address, auth string) (key keyProtected := new(encryptedKeyJSON) err = json.Unmarshal(fileContent, keyProtected) - keyId = keyProtected.Id - mac := keyProtected.Crypto.MAC - salt := keyProtected.Crypto.Salt - iv := keyProtected.Crypto.IV + keyId = uuid.Parse(keyProtected.Id) + + mac, err := hex.DecodeString(keyProtected.Crypto.MAC) + if err != nil { + return nil, nil, err + } + + salt, err := hex.DecodeString(keyProtected.Crypto.Salt) + if err != nil { + return nil, nil, err + } + + iv, err := hex.DecodeString(keyProtected.Crypto.IV) + if err != nil { + return nil, nil, err + } + keyHeader := keyProtected.Crypto.KeyHeader - cipherText := keyProtected.Crypto.CipherText + cipherText, err := hex.DecodeString(keyProtected.Crypto.CipherText) + if err != nil { + return nil, nil, err + } // used in MAC keyHeaderJSONStr, err := json.Marshal(keyHeader) diff --git a/crypto/key_store_plain.go b/crypto/key_store_plain.go index 2ade11985..6a8afe27d 100644 --- a/crypto/key_store_plain.go +++ b/crypto/key_store_plain.go @@ -98,12 +98,12 @@ func (ks keyStorePlain) DeleteKey(keyAddr common.Address, auth string) (err erro } func GetKeyFile(keysDirPath string, keyAddr common.Address) (fileContent []byte, err error) { - fileName := keyAddr.Hex() + fileName := hex.EncodeToString(keyAddr[:]) return ioutil.ReadFile(filepath.Join(keysDirPath, fileName, fileName)) } func WriteKeyFile(addr common.Address, keysDirPath string, content []byte) (err error) { - addrHex := addr.Hex() + addrHex := hex.EncodeToString(addr[:]) keyDirPath := filepath.Join(keysDirPath, addrHex) keyFilePath := filepath.Join(keyDirPath, addrHex) err = os.MkdirAll(keyDirPath, 0700) // read, write and dir search for user -- cgit v1.2.3 From 2c1b0ff17e020f300ed9d5a5a244f59b4febfe66 Mon Sep 17 00:00:00 2001 From: Gustav Simonsson Date: Sun, 10 May 2015 20:30:02 +0200 Subject: Update key store to new spec but keep address field for now * Also fix address types post-rebase --- crypto/crypto.go | 2 +- crypto/key.go | 50 ++++++++++++++--------------- crypto/key_store_passphrase.go | 71 +++++++++++++++++------------------------- 3 files changed, 55 insertions(+), 68 deletions(-) (limited to 'crypto') diff --git a/crypto/crypto.go b/crypto/crypto.go index 2b1628124..ff817b0fa 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -185,7 +185,7 @@ func ImportBlockTestKey(privKeyBytes []byte) error { ecKey := ToECDSA(privKeyBytes) key := &Key{ Id: uuid.NewRandom(), - Address: PubkeyToAddress(ecKey.PublicKey), + Address: common.BytesToAddress(PubkeyToAddress(ecKey.PublicKey)), PrivateKey: ecKey, } err := ks.StoreKey(key, "") diff --git a/crypto/key.go b/crypto/key.go index 1af69d795..0c5ce4254 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -48,47 +48,47 @@ type Key struct { } type plainKeyJSON struct { - Version string - Id string - Address string - PrivateKey string + Address string `json:"address"` + PrivateKey string `json:"privatekey"` + Id string `json:"id"` + Version string `json:"version"` } type encryptedKeyJSON struct { - Version string - Id string - Address string - Crypto cipherJSON + Address string `json:"address"` + Crypto cryptoJSON + Id string `json:"id"` + Version string `json:"version"` } -type cipherJSON struct { - MAC string - Salt string - IV string - KeyHeader keyHeaderJSON - CipherText string +type cryptoJSON struct { + Cipher string `json:"cipher"` + CipherText string `json:"ciphertext"` + CipherParams cipherparamsJSON `json:"cipherparams"` + KDF string `json:"kdf"` + KDFParams scryptParamsJSON `json:"kdfparams"` + MAC string `json:"mac"` + Version string `json:"version"` } -type keyHeaderJSON struct { - Version string - Kdf string - KdfParams scryptParamsJSON +type cipherparamsJSON struct { + IV string `json:"iv"` } type scryptParamsJSON struct { - N int - R int - P int - DkLen int - SaltLen int + N int `json:"n"` + R int `json:"r"` + P int `json:"p"` + DkLen int `json:"dklen"` + Salt string `json:"salt"` } func (k *Key) MarshalJSON() (j []byte, err error) { jStruct := plainKeyJSON{ - version, - k.Id.String(), hex.EncodeToString(k.Address[:]), hex.EncodeToString(FromECDSA(k.PrivateKey)), + k.Id.String(), + version, } j, err = json.Marshal(jStruct) return j, err diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 2e7929cee..d9a5a81f9 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -143,41 +143,36 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { cipherText := make([]byte, len(toEncrypt)) AES128CBCEncrypter.CryptBlocks(cipherText, toEncrypt) - paramsJSON := scryptParamsJSON{ - N: scryptN, - R: scryptr, - P: scryptp, - DkLen: scryptdkLen, - SaltLen: 32, - } + mac := Sha3(derivedKey[16:32], cipherText) - keyHeaderJSON := keyHeaderJSON{ - Version: keyHeaderVersion, - Kdf: keyHeaderKDF, - KdfParams: paramsJSON, + scryptParamsJSON := scryptParamsJSON{ + N: scryptN, + R: scryptr, + P: scryptp, + DkLen: scryptdkLen, + Salt: hex.EncodeToString(salt), } - keyHeaderJSONStr, err := json.Marshal(keyHeaderJSON) - if err != nil { - return err + cipherParamsJSON := cipherparamsJSON{ + IV: hex.EncodeToString(iv), } - mac := Sha3(keyHeaderJSONStr, derivedKey[16:32], cipherText) - - cipherStruct := cipherJSON{ - hex.EncodeToString(mac), - hex.EncodeToString(salt), - hex.EncodeToString(iv), - keyHeaderJSON, - hex.EncodeToString(cipherText), + cryptoStruct := cryptoJSON{ + Cipher: "aes-128-cbc", + CipherText: hex.EncodeToString(cipherText), + CipherParams: cipherParamsJSON, + KDF: "scrypt", + KDFParams: scryptParamsJSON, + MAC: hex.EncodeToString(mac), + Version: "1", } - keyStruct := encryptedKeyJSON{ - version, - key.Id.String(), + encryptedKeyJSON := encryptedKeyJSON{ hex.EncodeToString(key.Address[:]), - cipherStruct, + cryptoStruct, + key.Id.String(), + version, } - keyJSON, err := json.Marshal(keyStruct) + keyJSON, err := json.Marshal(encryptedKeyJSON) if err != nil { return err } @@ -212,33 +207,25 @@ func DecryptKey(ks keyStorePassphrase, keyAddr common.Address, auth string) (key return nil, nil, err } - salt, err := hex.DecodeString(keyProtected.Crypto.Salt) - if err != nil { - return nil, nil, err - } - - iv, err := hex.DecodeString(keyProtected.Crypto.IV) + iv, err := hex.DecodeString(keyProtected.Crypto.CipherParams.IV) if err != nil { return nil, nil, err } - keyHeader := keyProtected.Crypto.KeyHeader cipherText, err := hex.DecodeString(keyProtected.Crypto.CipherText) if err != nil { return nil, nil, err } - // used in MAC - keyHeaderJSONStr, err := json.Marshal(keyHeader) + salt, err := hex.DecodeString(keyProtected.Crypto.KDFParams.Salt) if err != nil { return nil, nil, err } - // TODO: make this more generic when we support different KDF params / key versions - n := keyHeader.KdfParams.N - r := keyHeader.KdfParams.R - p := keyHeader.KdfParams.P - dkLen := keyHeader.KdfParams.DkLen + n := keyProtected.Crypto.KDFParams.N + r := keyProtected.Crypto.KDFParams.R + p := keyProtected.Crypto.KDFParams.P + dkLen := keyProtected.Crypto.KDFParams.DkLen authArray := []byte(auth) derivedKey, err := scrypt.Key(authArray, salt, n, r, p, dkLen) @@ -246,7 +233,7 @@ func DecryptKey(ks keyStorePassphrase, keyAddr common.Address, auth string) (key return nil, nil, err } - calculatedMAC := Sha3(keyHeaderJSONStr, derivedKey[16:32], cipherText) + calculatedMAC := Sha3(derivedKey[16:32], cipherText) if !bytes.Equal(calculatedMAC, mac) { err = errors.New("Decryption failed: MAC mismatch") return nil, nil, err -- cgit v1.2.3 From e389585f1f2e77fd7cd507499015bf3754581e4e Mon Sep 17 00:00:00 2001 From: Gustav Simonsson Date: Tue, 12 May 2015 18:33:04 +0200 Subject: Change default keystore dir --- crypto/crypto.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'crypto') diff --git a/crypto/crypto.go b/crypto/crypto.go index ff817b0fa..4bbd62f7f 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -181,7 +181,7 @@ func Decrypt(prv *ecdsa.PrivateKey, ct []byte) ([]byte, error) { // Used only by block tests. func ImportBlockTestKey(privKeyBytes []byte) error { - ks := NewKeyStorePassphrase(common.DefaultDataDir() + "/keys") + ks := NewKeyStorePassphrase(common.DefaultDataDir() + "/keystore") ecKey := ToECDSA(privKeyBytes) key := &Key{ Id: uuid.NewRandom(), -- cgit v1.2.3