mirror of https://github.com/ethereum/go-ethereum
The account management API was originally implemented as a thin layer around crypto.KeyStore, on the grounds that several kinds of key stores would be implemented later on. It turns out that this won't happen so KeyStore is a superflous abstraction. In this commit crypto.KeyStore and everything related to it moves to package accounts and is unexported.pull/2284/head
parent
dff9b4246f
commit
85e6c40c00
@ -0,0 +1,132 @@ |
||||
// Copyright 2016 The go-ethereum Authors
|
||||
// This file is part of the go-ethereum library.
|
||||
//
|
||||
// The go-ethereum library is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU Lesser General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// The go-ethereum library is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU Lesser General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Lesser General Public License
|
||||
// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package accounts |
||||
|
||||
import ( |
||||
"crypto/aes" |
||||
"crypto/cipher" |
||||
"crypto/sha256" |
||||
"encoding/hex" |
||||
"encoding/json" |
||||
"errors" |
||||
"fmt" |
||||
|
||||
"github.com/ethereum/go-ethereum/crypto" |
||||
"github.com/pborman/uuid" |
||||
"golang.org/x/crypto/pbkdf2" |
||||
) |
||||
|
||||
// creates a Key and stores that in the given KeyStore by decrypting a presale key JSON
|
||||
func importPreSaleKey(keyStore keyStore, keyJSON []byte, password string) (*Key, error) { |
||||
key, err := decryptPreSaleKey(keyJSON, password) |
||||
if err != nil { |
||||
return nil, err |
||||
} |
||||
key.Id = uuid.NewRandom() |
||||
err = keyStore.StoreKey(key, password) |
||||
return key, err |
||||
} |
||||
|
||||
func decryptPreSaleKey(fileContent []byte, password string) (key *Key, err error) { |
||||
preSaleKeyStruct := struct { |
||||
EncSeed string |
||||
EthAddr string |
||||
Email string |
||||
BtcAddr string |
||||
}{} |
||||
err = json.Unmarshal(fileContent, &preSaleKeyStruct) |
||||
if err != nil { |
||||
return nil, err |
||||
} |
||||
encSeedBytes, err := hex.DecodeString(preSaleKeyStruct.EncSeed) |
||||
iv := encSeedBytes[:16] |
||||
cipherText := encSeedBytes[16:] |
||||
/* |
||||
See https://github.com/ethereum/pyethsaletool
|
||||
|
||||
pyethsaletool generates the encryption key from password by |
||||
2000 rounds of PBKDF2 with HMAC-SHA-256 using password as salt (:(). |
||||
16 byte key length within PBKDF2 and resulting key is used as AES key |
||||
*/ |
||||
passBytes := []byte(password) |
||||
derivedKey := pbkdf2.Key(passBytes, passBytes, 2000, 16, sha256.New) |
||||
plainText, err := aesCBCDecrypt(derivedKey, cipherText, iv) |
||||
if err != nil { |
||||
return nil, err |
||||
} |
||||
ethPriv := crypto.Keccak256(plainText) |
||||
ecKey := crypto.ToECDSA(ethPriv) |
||||
key = &Key{ |
||||
Id: nil, |
||||
Address: crypto.PubkeyToAddress(ecKey.PublicKey), |
||||
PrivateKey: ecKey, |
||||
} |
||||
derivedAddr := hex.EncodeToString(key.Address.Bytes()) // needed because .Hex() gives leading "0x"
|
||||
expectedAddr := preSaleKeyStruct.EthAddr |
||||
if derivedAddr != expectedAddr { |
||||
err = fmt.Errorf("decrypted addr '%s' not equal to expected addr '%s'", derivedAddr, expectedAddr) |
||||
} |
||||
return key, err |
||||
} |
||||
|
||||
func aesCTRXOR(key, inText, iv []byte) ([]byte, error) { |
||||
// AES-128 is selected due to size of encryptKey.
|
||||
aesBlock, err := aes.NewCipher(key) |
||||
if err != nil { |
||||
return nil, err |
||||
} |
||||
stream := cipher.NewCTR(aesBlock, iv) |
||||
outText := make([]byte, len(inText)) |
||||
stream.XORKeyStream(outText, inText) |
||||
return outText, err |
||||
} |
||||
|
||||
func aesCBCDecrypt(key, cipherText, iv []byte) ([]byte, error) { |
||||
aesBlock, err := aes.NewCipher(key) |
||||
if err != nil { |
||||
return nil, err |
||||
} |
||||
decrypter := cipher.NewCBCDecrypter(aesBlock, iv) |
||||
paddedPlaintext := make([]byte, len(cipherText)) |
||||
decrypter.CryptBlocks(paddedPlaintext, cipherText) |
||||
plaintext := pkcs7Unpad(paddedPlaintext) |
||||
if plaintext == nil { |
||||
err = errors.New("Decryption failed: PKCS7Unpad failed after AES decryption") |
||||
} |
||||
return plaintext, err |
||||
} |
||||
|
||||
// From https://leanpub.com/gocrypto/read#leanpub-auto-block-cipher-modes
|
||||
func pkcs7Unpad(in []byte) []byte { |
||||
if len(in) == 0 { |
||||
return nil |
||||
} |
||||
|
||||
padding := in[len(in)-1] |
||||
if int(padding) > len(in) || padding > aes.BlockSize { |
||||
return nil |
||||
} else if padding == 0 { |
||||
return nil |
||||
} |
||||
|
||||
for i := len(in) - 1; i > len(in)-int(padding)-1; i-- { |
||||
if in[i] != padding { |
||||
return nil |
||||
} |
||||
} |
||||
return in[:len(in)-int(padding)] |
||||
} |
Loading…
Reference in new issue