Key Manager

- keypair, keyring:
-- consistent naming of methods
-- error propagation
-- no panic
- keyManager: persist, import, export, initialize and (re)set keyring
- no global public "singleton" keyring, instead interface via keyManager
- keys test
- KeyStore interface, DB and File store implementations

ethcrypto/key_manager.go

@@ -0,0 +1,121 @@
+package ethcrypto
+
+import (
+	"fmt"
+	"github.com/ethereum/eth-go/ethutil"
+	"sync"
+)
+
+type KeyManager struct {
+	keyRing  *KeyRing
+	session  string
+	keyStore KeyStore            // interface
+	keyRings map[string]*KeyRing // cache
+	keyPair  *KeyPair
+}
+
+func NewDBKeyManager(db ethutil.Database) *KeyManager {
+	return &KeyManager{keyStore: &DBKeyStore{db: db}, keyRings: make(map[string]*KeyRing)}
+}
+
+func NewFileKeyManager(basedir string) *KeyManager {
+	return &KeyManager{keyStore: &FileKeyStore{basedir: basedir}, keyRings: make(map[string]*KeyRing)}
+}
+
+func (k *KeyManager) KeyPair() *KeyPair {
+	return k.keyPair
+}
+
+func (k *KeyManager) KeyRing() *KeyPair {
+	return k.keyPair
+}
+
+func (k *KeyManager) PrivateKey() []byte {
+	return k.keyPair.PrivateKey
+}
+
+func (k *KeyManager) PublicKey() []byte {
+	return k.keyPair.PublicKey
+}
+
+func (k *KeyManager) Address() []byte {
+	return k.keyPair.Address()
+}
+
+func (k *KeyManager) save(session string, keyRing *KeyRing) error {
+	err := k.keyStore.Save(session, keyRing)
+	if err != nil {
+		return err
+	}
+	k.keyRings[session] = keyRing
+	return nil
+}
+
+func (k *KeyManager) load(session string) (*KeyRing, error) {
+	keyRing, found := k.keyRings[session]
+	if !found {
+		var err error
+		keyRing, err = k.keyStore.Load(session)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return keyRing, nil
+}
+
+func cursorError(cursor int, len int) error {
+	return fmt.Errorf("cursor %d out of range (0..%d)", cursor, len)
+}
+
+func (k *KeyManager) reset(session string, cursor int, keyRing *KeyRing) error {
+	if cursor >= keyRing.Len() {
+		return cursorError(cursor, keyRing.Len())
+	}
+	lock := &sync.Mutex{}
+	lock.Lock()
+	defer lock.Unlock()
+	err := k.save(session, keyRing)
+	if err != nil {
+		return err
+	}
+	k.session = session
+	k.keyRing = keyRing
+	k.keyPair = keyRing.GetKeyPair(cursor)
+	return nil
+}
+
+func (k *KeyManager) SetCursor(cursor int) error {
+	if cursor >= k.keyRing.Len() {
+		return cursorError(cursor, k.keyRing.Len())
+	}
+	k.keyPair = k.keyRing.GetKeyPair(cursor)
+	return nil
+}
+
+func (k *KeyManager) Init(session string, cursor int, force bool) error {
+	var keyRing *KeyRing
+	if !force {
+		var err error
+		keyRing, err = k.load(session)
+		if err != nil {
+			return err
+		}
+	}
+	if keyRing == nil {
+		keyRing = NewGeneratedKeyRing(1)
+	}
+	return k.reset(session, cursor, keyRing)
+}
+
+func (k *KeyManager) InitFromSecretsFile(session string, cursor int, secretsfile string) error {
+	keyRing, err := NewKeyRingFromFile(secretsfile)
+	if err != nil {
+		return err
+	}
+	return k.reset(session, cursor, keyRing)
+}
+
+func (k *KeyManager) Export(dir string) error {
+	fileKeyStore := FileKeyStore{dir}
+	return fileKeyStore.Save(k.session, k.keyRing)
+}

ethcrypto/key_store.go

@@ -0,0 +1,112 @@
+package ethcrypto
+
+import (
+	"fmt"
+	"github.com/ethereum/eth-go/ethutil"
+	"io/ioutil"
+	"os"
+	"path"
+	"strings"
+)
+
+type KeyStore interface {
+	Load(string) (*KeyRing, error)
+	Save(string, *KeyRing) error
+}
+
+type DBKeyStore struct {
+	db ethutil.Database
+}
+
+const dbKeyPrefix = "KeyRing"
+
+func (k *DBKeyStore) dbKey(session string) []byte {
+	return []byte(fmt.Sprintf("%s%s", dbKeyPrefix, session))
+}
+
+func (k *DBKeyStore) Save(session string, keyRing *KeyRing) error {
+	k.db.Put(k.dbKey(session), keyRing.RlpEncode())
+	return nil
+}
+
+func (k *DBKeyStore) Load(session string) (*KeyRing, error) {
+	data, err := k.db.Get(k.dbKey(session))
+	if err != nil {
+		return nil, err
+	}
+	var keyRing *KeyRing
+	keyRing, err = NewKeyRingFromBytes(data)
+	if err != nil {
+		return nil, err
+	}
+	// if empty keyRing is found we return nil, no error
+	if keyRing.Len() == 0 {
+		return nil, nil
+	}
+	return keyRing, nil
+}
+
+type FileKeyStore struct {
+	basedir string
+}
+
+func (k *FileKeyStore) Save(session string, keyRing *KeyRing) error {
+	var content []byte
+	var err error
+	var privateKeys []string
+	var publicKeys []string
+	var mnemonics []string
+	var addresses []string
+	keyRing.Each(func(keyPair *KeyPair) {
+		privateKeys = append(privateKeys, ethutil.Bytes2Hex(keyPair.PrivateKey))
+		publicKeys = append(publicKeys, ethutil.Bytes2Hex(keyPair.PublicKey))
+		addresses = append(addresses, ethutil.Bytes2Hex(keyPair.Address()))
+		mnemonics = append(mnemonics, strings.Join(MnemonicEncode(ethutil.Bytes2Hex(keyPair.PrivateKey)), " "))
+	})
+
+	basename := session
+	if session == "" {
+		basename = "default"
+	}
+
+	path := path.Join(k.basedir, basename)
+	content = []byte(strings.Join(privateKeys, "\n"))
+	err = ioutil.WriteFile(path+".prv", content, 0600)
+	if err != nil {
+		return err
+	}
+
+	content = []byte(strings.Join(publicKeys, "\n"))
+	err = ioutil.WriteFile(path+".pub", content, 0644)
+	if err != nil {
+		return err
+	}
+
+	content = []byte(strings.Join(addresses, "\n"))
+	err = ioutil.WriteFile(path+".addr", content, 0644)
+	if err != nil {
+		return err
+	}
+
+	content = []byte(strings.Join(mnemonics, "\n"))
+	err = ioutil.WriteFile(path+".mne", content, 0600)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (k *FileKeyStore) Load(session string) (*KeyRing, error) {
+	basename := session
+	if session == "" {
+		basename = "default"
+	}
+	secfile := path.Join(k.basedir, basename+".prv")
+	_, err := os.Stat(secfile)
+	// if file is not found then we return nil, no error
+	if err != nil {
+		return nil, nil
+	}
+	return NewKeyRingFromFile(secfile)
+}

ethcrypto/keypair.go

@@ -0,0 +1,41 @@
+package ethcrypto
+
+import (
+	"github.com/ethereum/eth-go/ethutil"
+	"github.com/obscuren/secp256k1-go"
+)
+
+type KeyPair struct {
+	PrivateKey []byte
+	PublicKey  []byte
+
+	// The associated account
+	// account *StateObject
+}
+
+func GenerateNewKeyPair() *KeyPair {
+	_, prv := secp256k1.GenerateKeyPair()
+	keyPair, _ := NewKeyPairFromSec(prv) // swallow error, this one cannot err
+	return keyPair
+}
+
+func NewKeyPairFromSec(seckey []byte) (*KeyPair, error) {
+	pubkey, err := secp256k1.GeneratePubKey(seckey)
+	if err != nil {
+		return nil, err
+	}
+
+	return &KeyPair{PrivateKey: seckey, PublicKey: pubkey}, nil
+}
+
+func (k *KeyPair) Address() []byte {
+	return Sha3Bin(k.PublicKey[1:])[12:]
+}
+
+func (k *KeyPair) RlpEncode() []byte {
+	return k.RlpValue().Encode()
+}
+
+func (k *KeyPair) RlpValue() *ethutil.Value {
+	return ethutil.NewValue(k.PrivateKey)
+}

ethcrypto/keyring.go

@@ -0,0 +1,118 @@
+package ethcrypto
+
+import (
+	"fmt"
+	"github.com/ethereum/eth-go/ethutil"
+	"io/ioutil"
+	"strings"
+)
+
+type KeyRing struct {
+	keys []*KeyPair
+}
+
+func NewKeyRing() *KeyRing {
+	return &KeyRing{}
+}
+
+func (k *KeyRing) AddKeyPair(keyPair *KeyPair) {
+	k.keys = append(k.keys, keyPair)
+}
+
+func (k *KeyRing) GetKeyPair(i int) *KeyPair {
+	if len(k.keys) > i {
+		return k.keys[i]
+	}
+
+	return nil
+}
+
+func (k *KeyRing) Empty() bool {
+	return k.Len() == 0
+}
+
+func (k *KeyRing) Len() int {
+	return len(k.keys)
+}
+
+func (k *KeyRing) Each(f func(*KeyPair)) {
+	for _, keyPair := range k.keys {
+		f(keyPair)
+	}
+}
+
+func NewGeneratedKeyRing(len int) *KeyRing {
+	keyRing := NewKeyRing()
+	for i := 0; i < len; i++ {
+		keyRing.AddKeyPair(GenerateNewKeyPair())
+	}
+	return keyRing
+}
+
+func NewKeyRingFromFile(secfile string) (*KeyRing, error) {
+	var content []byte
+	var err error
+	content, err = ioutil.ReadFile(secfile)
+	if err != nil {
+		return nil, err
+	}
+	keyRing, err := NewKeyRingFromString(string(content))
+	if err != nil {
+		return nil, err
+	}
+	return keyRing, nil
+}
+
+func NewKeyRingFromString(content string) (*KeyRing, error) {
+	secretStrings := strings.Split(content, "\n")
+	var secrets [][]byte
+	for _, secretString := range secretStrings {
+		secret := secretString
+		words := strings.Split(secretString, " ")
+		if len(words) == 24 {
+			secret = MnemonicDecode(words)
+		} else if len(words) != 1 {
+			return nil, fmt.Errorf("Unrecognised key format")
+		}
+		secrets = append(secrets, ethutil.Hex2Bytes(secret))
+	}
+	return NewKeyRingFromSecrets(secrets)
+}
+
+func NewKeyRingFromSecrets(secs [][]byte) (*KeyRing, error) {
+	keyRing := NewKeyRing()
+	for _, sec := range secs {
+		keyPair, err := NewKeyPairFromSec(sec)
+		if err != nil {
+			return nil, err
+		}
+		keyRing.AddKeyPair(keyPair)
+	}
+	return keyRing, nil
+}
+
+func NewKeyRingFromBytes(data []byte) (*KeyRing, error) {
+	var secrets [][]byte
+	it := ethutil.NewValueFromBytes(data).NewIterator()
+	for it.Next() {
+		secret := it.Value().Bytes()
+		secrets = append(secrets, secret)
+	}
+	keyRing, err := NewKeyRingFromSecrets(secrets)
+	if err != nil {
+		return nil, err
+	}
+	return keyRing, nil
+}
+
+func (k *KeyRing) RlpEncode() []byte {
+	return k.RlpValue().Encode()
+}
+
+func (k *KeyRing) RlpValue() *ethutil.Value {
+	v := ethutil.EmptyValue()
+	k.Each(func(keyPair *KeyPair) {
+		v.Append(keyPair.RlpValue())
+	})
+	return v
+}

ethcrypto/keys_test.go

@@ -0,0 +1,122 @@
+package ethcrypto
+
+import (
+	"github.com/ethereum/eth-go/ethdb"
+	// "io/ioutil"
+	"fmt"
+	"os"
+	"path"
+	"testing"
+)
+
+// test if persistence layer works
+func TestDBKeyManager(t *testing.T) {
+	memdb, _ := ethdb.NewMemDatabase()
+	keyManager0 := NewDBKeyManager(memdb)
+	err := keyManager0.Init("", 0, false)
+	if err != nil {
+		t.Error("Unexpected error: ", err)
+	}
+	keyManager1 := NewDBKeyManager(memdb)
+	err = keyManager1.Init("", 0, false)
+	if err != nil {
+		t.Error("Unexpected error: ", err)
+	}
+	if string(keyManager0.PrivateKey()) != string(keyManager1.PrivateKey()) {
+		t.Error("Expected private keys %x, %x, to be identical via db persistence", keyManager0.PrivateKey(), keyManager1.PrivateKey())
+	}
+	err = keyManager1.Init("", 0, true)
+	if err != nil {
+		t.Error("Unexpected error: ", err)
+	}
+	if string(keyManager0.PrivateKey()) == string(keyManager1.PrivateKey()) {
+		t.Error("Expected private keys %x, %x, to be be different despite db persistence if force generate", keyManager0.PrivateKey(), keyManager1.PrivateKey())
+	}
+}
+
+func TestFileKeyManager(t *testing.T) {
+	basedir0 := "/tmp/ethtest0"
+	os.RemoveAll(basedir0)
+	os.Mkdir(basedir0, 0777)
+
+	keyManager0 := NewFileKeyManager(basedir0)
+	err := keyManager0.Init("", 0, false)
+	if err != nil {
+		t.Error("Unexpected error: ", err)
+	}
+
+	keyManager1 := NewFileKeyManager(basedir0)
+
+	err = keyManager1.Init("", 0, false)
+	if err != nil {
+		t.Error("Unexpected error: ", err)
+	}
+	if string(keyManager0.PrivateKey()) != string(keyManager1.PrivateKey()) {
+		t.Error("Expected private keys %x, %x, to be identical via db persistence", keyManager0.PrivateKey(), keyManager1.PrivateKey())
+	}
+
+	err = keyManager1.Init("", 0, true)
+	if err != nil {
+		t.Error("Unexpected error: ", err)
+	}
+	if string(keyManager0.PrivateKey()) == string(keyManager1.PrivateKey()) {
+		t.Error("Expected private keys %x, %x, to be be different despite db persistence if force generate", keyManager0.PrivateKey(), keyManager1.PrivateKey())
+	}
+}
+
+// cursor errors
+func TestCursorErrors(t *testing.T) {
+	memdb, _ := ethdb.NewMemDatabase()
+	keyManager0 := NewDBKeyManager(memdb)
+	err := keyManager0.Init("", 0, false)
+	err = keyManager0.Init("", 1, false)
+	if err == nil {
+		t.Error("Expected cursor error")
+	}
+	err = keyManager0.SetCursor(1)
+	if err == nil {
+		t.Error("Expected cursor error")
+	}
+}
+
+func TestExportImport(t *testing.T) {
+	memdb, _ := ethdb.NewMemDatabase()
+	keyManager0 := NewDBKeyManager(memdb)
+	err := keyManager0.Init("", 0, false)
+	basedir0 := "/tmp/ethtest0"
+	os.RemoveAll(basedir0)
+	os.Mkdir(basedir0, 0777)
+	keyManager0.Export(basedir0)
+
+	keyManager1 := NewFileKeyManager(basedir0)
+	err = keyManager1.Init("", 0, false)
+	if err != nil {
+		t.Error("Unexpected error: ", err)
+	}
+	fmt.Printf("keyRing: %v\n", keyManager0.KeyPair())
+	fmt.Printf("keyRing: %v\n", keyManager1.KeyPair())
+	if string(keyManager0.PrivateKey()) != string(keyManager1.PrivateKey()) {
+		t.Error("Expected private keys %x, %x, to be identical via export to filestore basedir", keyManager0.PrivateKey(), keyManager1.PrivateKey())
+	}
+	path.Join("")
+
+	// memdb, _ = ethdb.NewMemDatabase()
+	// keyManager2 := NewDBKeyManager(memdb)
+	// err = keyManager2.InitFromSecretsFile("", 0, path.Join(basedir0, "default.prv"))
+	// if err != nil {
+	// 	t.Error("Unexpected error: ", err)
+	// }
+	// if string(keyManager0.PrivateKey()) != string(keyManager2.PrivateKey()) {
+	// 	t.Error("Expected private keys %s, %s, to be identical via export/import prv", keyManager0.PrivateKey(), keyManager1.PrivateKey())
+	// }
+
+	// memdb, _ = ethdb.NewMemDatabase()
+	// keyManager3 := NewDBKeyManager(memdb)
+	// err = keyManager3.InitFromSecretsFile("", 0, path.Join(basedir0, "default.mne"))
+	// if err != nil {
+	// 	t.Error("Unexpected error: ", err)
+	// }
+	// if string(keyManager0.PrivateKey()) != string(keyManager3.PrivateKey()) {
+	// 	t.Error("Expected private keys %s, %s, to be identical via export/import mnemonic file", keyManager0.PrivateKey(), keyManager1.PrivateKey())
+	// }
+}