aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorDrake Burroughs <wildfyre@hotmail.com>2015-10-23 22:49:36 +0800
committerDrake Burroughs <wildfyre@hotmail.com>2015-10-29 01:46:39 +0800
commit05ea8926c32a97d9f193a69076037b7a704d6d92 (patch)
tree704b8897b7a0751fb6e7043bc8cc2baec923a496 /crypto
parent6b5a42a15ca54749d41c0b29b4a26ebb3a1a53f0 (diff)
downloaddexon-05ea8926c32a97d9f193a69076037b7a704d6d92.tar.gz
dexon-05ea8926c32a97d9f193a69076037b7a704d6d92.tar.zst
dexon-05ea8926c32a97d9f193a69076037b7a704d6d92.zip
cmd/utils, crypto: add --lightkdf flag for lighter KDF
Diffstat (limited to 'crypto')
-rw-r--r--crypto/crypto.go2
-rw-r--r--crypto/key_store_passphrase.go35
-rw-r--r--crypto/key_store_test.go8
3 files changed, 27 insertions, 18 deletions
diff --git a/crypto/crypto.go b/crypto/crypto.go
index 035d2ab80..8685d62d3 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -215,7 +215,7 @@ func Decrypt(prv *ecdsa.PrivateKey, ct []byte) ([]byte, error) {
// Used only by block tests.
func ImportBlockTestKey(privKeyBytes []byte) error {
- ks := NewKeyStorePassphrase(common.DefaultDataDir() + "/keystore")
+ ks := NewKeyStorePassphrase(common.DefaultDataDir()+"/keystore", LightScryptN, LightScryptP)
ecKey := ToECDSA(privKeyBytes)
key := &Key{
Id: uuid.NewRandom(),
diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go
index c7ee00987..94411d2f9 100644
--- a/crypto/key_store_passphrase.go
+++ b/crypto/key_store_passphrase.go
@@ -45,19 +45,29 @@ import (
const (
keyHeaderKDF = "scrypt"
- // 2^18 / 8 / 1 uses 256MB memory and approx 1s CPU time on a modern CPU.
- scryptN = 1 << 18
- scryptr = 8
- scryptp = 1
- scryptdkLen = 32
+
+ // n,r,p = 2^18, 8, 1 uses 256MB memory and approx 1s CPU time on a modern CPU.
+ StandardScryptN = 1 << 18
+ StandardScryptP = 1
+
+ // n,r,p = 2^12, 8, 6 uses 4MB memory and approx 100ms CPU time on a modern CPU.
+ LightScryptN = 1 << 12
+ LightScryptP = 6
+
+ scryptR = 8
+ scryptDKLen = 32
)
type keyStorePassphrase struct {
keysDirPath string
+ scryptN int
+ scryptP int
+ scryptR int
+ scryptDKLen int
}
-func NewKeyStorePassphrase(path string) KeyStore {
- return &keyStorePassphrase{path}
+func NewKeyStorePassphrase(path string, scryptN int, scryptP int) KeyStore {
+ return &keyStorePassphrase{path, scryptN, scryptP, scryptR, scryptDKLen}
}
func (ks keyStorePassphrase) GenerateNewKey(rand io.Reader, auth string) (key *Key, err error) {
@@ -87,11 +97,10 @@ func (ks keyStorePassphrase) GetKeyAddresses() (addresses []common.Address, err
func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
authArray := []byte(auth)
salt := randentropy.GetEntropyCSPRNG(32)
- derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen)
+ derivedKey, err := scrypt.Key(authArray, salt, ks.scryptN, ks.scryptR, ks.scryptP, ks.scryptDKLen)
if err != nil {
return err
}
-
encryptKey := derivedKey[:16]
keyBytes := FromECDSA(key.PrivateKey)
@@ -104,10 +113,10 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
mac := Sha3(derivedKey[16:32], cipherText)
scryptParamsJSON := make(map[string]interface{}, 5)
- scryptParamsJSON["n"] = scryptN
- scryptParamsJSON["r"] = scryptr
- scryptParamsJSON["p"] = scryptp
- scryptParamsJSON["dklen"] = scryptdkLen
+ scryptParamsJSON["n"] = ks.scryptN
+ scryptParamsJSON["r"] = ks.scryptR
+ scryptParamsJSON["p"] = ks.scryptP
+ scryptParamsJSON["dklen"] = ks.scryptDKLen
scryptParamsJSON["salt"] = hex.EncodeToString(salt)
cipherParamsJSON := cipherparamsJSON{
diff --git a/crypto/key_store_test.go b/crypto/key_store_test.go
index de4a21dcf..5a44a6026 100644
--- a/crypto/key_store_test.go
+++ b/crypto/key_store_test.go
@@ -56,7 +56,7 @@ func TestKeyStorePlain(t *testing.T) {
}
func TestKeyStorePassphrase(t *testing.T) {
- ks := NewKeyStorePassphrase(common.DefaultDataDir())
+ ks := NewKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP)
pass := "foo"
k1, err := ks.GenerateNewKey(randentropy.Reader, pass)
if err != nil {
@@ -82,7 +82,7 @@ func TestKeyStorePassphrase(t *testing.T) {
}
func TestKeyStorePassphraseDecryptionFail(t *testing.T) {
- ks := NewKeyStorePassphrase(common.DefaultDataDir())
+ ks := NewKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP)
pass := "foo"
k1, err := ks.GenerateNewKey(randentropy.Reader, pass)
if err != nil {
@@ -110,7 +110,7 @@ func TestImportPreSaleKey(t *testing.T) {
// python pyethsaletool.py genwallet
// with password "foo"
fileContent := "{\"encseed\": \"26d87f5f2bf9835f9a47eefae571bc09f9107bb13d54ff12a4ec095d01f83897494cf34f7bed2ed34126ecba9db7b62de56c9d7cd136520a0427bfb11b8954ba7ac39b90d4650d3448e31185affcd74226a68f1e94b1108e6e0a4a91cdd83eba\", \"ethaddr\": \"d4584b5f6229b7be90727b0fc8c6b91bb427821f\", \"email\": \"gustav.simonsson@gmail.com\", \"btcaddr\": \"1EVknXyFC68kKNLkh6YnKzW41svSRoaAcx\"}"
- ks := NewKeyStorePassphrase(common.DefaultDataDir())
+ ks := NewKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP)
pass := "foo"
_, err := ImportPreSaleKey(ks, []byte(fileContent), pass)
if err != nil {
@@ -168,7 +168,7 @@ func TestV1_1(t *testing.T) {
}
func TestV1_2(t *testing.T) {
- ks := NewKeyStorePassphrase("tests/v1")
+ ks := NewKeyStorePassphrase("tests/v1", LightScryptN, LightScryptP)
addr := common.HexToAddress("cb61d5a9c4896fb9658090b597ef0e7be6f7b67e")
k, err := ks.GetKey(addr, "g")
if err != nil {