// Copyright 2015 The go-ethereum Authors // This file is part of the go-ethereum library. // // The go-ethereum library is free software: you can redistribute it and/or modify // it under the terms of the GNU Lesser General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // The go-ethereum library is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Lesser General Public License for more details. // // You should have received a copy of the GNU Lesser General Public License // along with the go-ethereum library. If not, see . package keystore import ( "io/ioutil" "os" "runtime" "strings" "testing" "time" "github.com/ethereum/go-ethereum/accounts" "github.com/ethereum/go-ethereum/common" ) var testSigData = make([]byte, 32) func TestKeyStore(t *testing.T) { dir, ks := tmpKeyStore(t, true) defer os.RemoveAll(dir) a, err := ks.NewAccount("foo") if err != nil { t.Fatal(err) } if !strings.HasPrefix(a.URL, dir) { t.Errorf("account file %s doesn't have dir prefix", a.URL) } stat, err := os.Stat(a.URL) if err != nil { t.Fatalf("account file %s doesn't exist (%v)", a.URL, err) } if runtime.GOOS != "windows" && stat.Mode() != 0600 { t.Fatalf("account file has wrong mode: got %o, want %o", stat.Mode(), 0600) } if !ks.HasAddress(a.Address) { t.Errorf("HasAccount(%x) should've returned true", a.Address) } if err := ks.Update(a, "foo", "bar"); err != nil { t.Errorf("Update error: %v", err) } if err := ks.Delete(a, "bar"); err != nil { t.Errorf("Delete error: %v", err) } if common.FileExist(a.URL) { t.Errorf("account file %s should be gone after Delete", a.URL) } if ks.HasAddress(a.Address) { t.Errorf("HasAccount(%x) should've returned true after Delete", a.Address) } } func TestSign(t *testing.T) { dir, ks := tmpKeyStore(t, true) defer os.RemoveAll(dir) pass := "" // not used but required by API a1, err := ks.NewAccount(pass) if err != nil { t.Fatal(err) } if err := ks.Unlock(a1, ""); err != nil { t.Fatal(err) } if _, err := ks.SignHash(accounts.Account{Address: a1.Address}, testSigData); err != nil { t.Fatal(err) } } func TestSignWithPassphrase(t *testing.T) { dir, ks := tmpKeyStore(t, true) defer os.RemoveAll(dir) pass := "passwd" acc, err := ks.NewAccount(pass) if err != nil { t.Fatal(err) } if _, unlocked := ks.unlocked[acc.Address]; unlocked { t.Fatal("expected account to be locked") } _, err = ks.SignHashWithPassphrase(acc, pass, testSigData) if err != nil { t.Fatal(err) } if _, unlocked := ks.unlocked[acc.Address]; unlocked { t.Fatal("expected account to be locked") } if _, err = ks.SignHashWithPassphrase(acc, "invalid passwd", testSigData); err == nil { t.Fatal("expected SignHashWithPassphrase to fail with invalid password") } } func TestTimedUnlock(t *testing.T) { dir, ks := tmpKeyStore(t, true) defer os.RemoveAll(dir) pass := "foo" a1, err := ks.NewAccount(pass) if err != nil { t.Fatal(err) } // Signing without passphrase fails because account is locked _, err = ks.SignHash(accounts.Account{Address: a1.Address}, testSigData) if err != ErrNeedPasswordOrUnlock { t.Fatal("Signing should've failed with ErrNeedPasswordOrUnlock before unlocking, got ", err) } // Signing with passphrase works if err = ks.TimedUnlock(a1, pass, 100*time.Millisecond); err != nil { t.Fatal(err) } // Signing without passphrase works because account is temp unlocked _, err = ks.SignHash(accounts.Account{Address: a1.Address}, testSigData) if err != nil { t.Fatal("Signing shouldn't return an error after unlocking, got ", err) } // Signing fails again after automatic locking time.Sleep(250 * time.Millisecond) _, err = ks.SignHash(accounts.Account{Address: a1.Address}, testSigData) if err != ErrNeedPasswordOrUnlock { t.Fatal("Signing should've failed with ErrNeedPasswordOrUnlock timeout expired, got ", err) } } func TestOverrideUnlock(t *testing.T) { dir, ks := tmpKeyStore(t, false) defer os.RemoveAll(dir) pass := "foo" a1, err := ks.NewAccount(pass) if err != nil { t.Fatal(err) } // Unlock indefinitely. if err = ks.TimedUnlock(a1, pass, 5*time.Minute); err != nil { t.Fatal(err) } // Signing without passphrase works because account is temp unlocked _, err = ks.SignHash(accounts.Account{Address: a1.Address}, testSigData) if err != nil { t.Fatal("Signing shouldn't return an error after unlocking, got ", err) } // reset unlock to a shorter period, invalidates the previous unlock if err = ks.TimedUnlock(a1, pass, 100*time.Millisecond); err != nil { t.Fatal(err) } // Signing without passphrase still works because account is temp unlocked _, err = ks.SignHash(accounts.Account{Address: a1.Address}, testSigData) if err != nil { t.Fatal("Signing shouldn't return an error after unlocking, got ", err) } // Signing fails again after automatic locking time.Sleep(250 * time.Millisecond) _, err = ks.SignHash(accounts.Account{Address: a1.Address}, testSigData) if err != ErrNeedPasswordOrUnlock { t.Fatal("Signing should've failed with ErrNeedPasswordOrUnlock timeout expired, got ", err) } } // This test should fail under -race if signing races the expiration goroutine. func TestSignRace(t *testing.T) { dir, ks := tmpKeyStore(t, false) defer os.RemoveAll(dir) // Create a test account. a1, err := ks.NewAccount("") if err != nil { t.Fatal("could not create the test account", err) } if err := ks.TimedUnlock(a1, "", 15*time.Millisecond); err != nil { t.Fatal("could not unlock the test account", err) } end := time.Now().Add(500 * time.Millisecond) for time.Now().Before(end) { if _, err := ks.SignHash(accounts.Account{Address: a1.Address}, testSigData); err == ErrNeedPasswordOrUnlock { return } else if err != nil { t.Errorf("Sign error: %v", err) return } time.Sleep(1 * time.Millisecond) } t.Errorf("Account did not lock within the timeout") } func tmpKeyStore(t *testing.T, encrypted bool) (string, *KeyStore) { d, err := ioutil.TempDir("", "eth-keystore-test") if err != nil { t.Fatal(err) } new := NewPlaintextKeyStore if encrypted { new = func(kd string) *KeyStore { return NewKeyStore(kd, veryLightScryptN, veryLightScryptP) } } return d, new(d) }