From 2c1b0ff17e020f300ed9d5a5a244f59b4febfe66 Mon Sep 17 00:00:00 2001 From: Gustav Simonsson Date: Sun, 10 May 2015 20:30:02 +0200 Subject: Update key store to new spec but keep address field for now * Also fix address types post-rebase --- crypto/crypto.go | 2 +- crypto/key.go | 50 ++++++++++++++--------------- crypto/key_store_passphrase.go | 71 +++++++++++++++++------------------------- 3 files changed, 55 insertions(+), 68 deletions(-) (limited to 'crypto') diff --git a/crypto/crypto.go b/crypto/crypto.go index 2b1628124..ff817b0fa 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -185,7 +185,7 @@ func ImportBlockTestKey(privKeyBytes []byte) error { ecKey := ToECDSA(privKeyBytes) key := &Key{ Id: uuid.NewRandom(), - Address: PubkeyToAddress(ecKey.PublicKey), + Address: common.BytesToAddress(PubkeyToAddress(ecKey.PublicKey)), PrivateKey: ecKey, } err := ks.StoreKey(key, "") diff --git a/crypto/key.go b/crypto/key.go index 1af69d795..0c5ce4254 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -48,47 +48,47 @@ type Key struct { } type plainKeyJSON struct { - Version string - Id string - Address string - PrivateKey string + Address string `json:"address"` + PrivateKey string `json:"privatekey"` + Id string `json:"id"` + Version string `json:"version"` } type encryptedKeyJSON struct { - Version string - Id string - Address string - Crypto cipherJSON + Address string `json:"address"` + Crypto cryptoJSON + Id string `json:"id"` + Version string `json:"version"` } -type cipherJSON struct { - MAC string - Salt string - IV string - KeyHeader keyHeaderJSON - CipherText string +type cryptoJSON struct { + Cipher string `json:"cipher"` + CipherText string `json:"ciphertext"` + CipherParams cipherparamsJSON `json:"cipherparams"` + KDF string `json:"kdf"` + KDFParams scryptParamsJSON `json:"kdfparams"` + MAC string `json:"mac"` + Version string `json:"version"` } -type keyHeaderJSON struct { - Version string - Kdf string - KdfParams scryptParamsJSON +type cipherparamsJSON struct { + IV string `json:"iv"` } type scryptParamsJSON struct { - N int - R int - P int - DkLen int - SaltLen int + N int `json:"n"` + R int `json:"r"` + P int `json:"p"` + DkLen int `json:"dklen"` + Salt string `json:"salt"` } func (k *Key) MarshalJSON() (j []byte, err error) { jStruct := plainKeyJSON{ - version, - k.Id.String(), hex.EncodeToString(k.Address[:]), hex.EncodeToString(FromECDSA(k.PrivateKey)), + k.Id.String(), + version, } j, err = json.Marshal(jStruct) return j, err diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 2e7929cee..d9a5a81f9 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -143,41 +143,36 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { cipherText := make([]byte, len(toEncrypt)) AES128CBCEncrypter.CryptBlocks(cipherText, toEncrypt) - paramsJSON := scryptParamsJSON{ - N: scryptN, - R: scryptr, - P: scryptp, - DkLen: scryptdkLen, - SaltLen: 32, - } + mac := Sha3(derivedKey[16:32], cipherText) - keyHeaderJSON := keyHeaderJSON{ - Version: keyHeaderVersion, - Kdf: keyHeaderKDF, - KdfParams: paramsJSON, + scryptParamsJSON := scryptParamsJSON{ + N: scryptN, + R: scryptr, + P: scryptp, + DkLen: scryptdkLen, + Salt: hex.EncodeToString(salt), } - keyHeaderJSONStr, err := json.Marshal(keyHeaderJSON) - if err != nil { - return err + cipherParamsJSON := cipherparamsJSON{ + IV: hex.EncodeToString(iv), } - mac := Sha3(keyHeaderJSONStr, derivedKey[16:32], cipherText) - - cipherStruct := cipherJSON{ - hex.EncodeToString(mac), - hex.EncodeToString(salt), - hex.EncodeToString(iv), - keyHeaderJSON, - hex.EncodeToString(cipherText), + cryptoStruct := cryptoJSON{ + Cipher: "aes-128-cbc", + CipherText: hex.EncodeToString(cipherText), + CipherParams: cipherParamsJSON, + KDF: "scrypt", + KDFParams: scryptParamsJSON, + MAC: hex.EncodeToString(mac), + Version: "1", } - keyStruct := encryptedKeyJSON{ - version, - key.Id.String(), + encryptedKeyJSON := encryptedKeyJSON{ hex.EncodeToString(key.Address[:]), - cipherStruct, + cryptoStruct, + key.Id.String(), + version, } - keyJSON, err := json.Marshal(keyStruct) + keyJSON, err := json.Marshal(encryptedKeyJSON) if err != nil { return err } @@ -212,33 +207,25 @@ func DecryptKey(ks keyStorePassphrase, keyAddr common.Address, auth string) (key return nil, nil, err } - salt, err := hex.DecodeString(keyProtected.Crypto.Salt) - if err != nil { - return nil, nil, err - } - - iv, err := hex.DecodeString(keyProtected.Crypto.IV) + iv, err := hex.DecodeString(keyProtected.Crypto.CipherParams.IV) if err != nil { return nil, nil, err } - keyHeader := keyProtected.Crypto.KeyHeader cipherText, err := hex.DecodeString(keyProtected.Crypto.CipherText) if err != nil { return nil, nil, err } - // used in MAC - keyHeaderJSONStr, err := json.Marshal(keyHeader) + salt, err := hex.DecodeString(keyProtected.Crypto.KDFParams.Salt) if err != nil { return nil, nil, err } - // TODO: make this more generic when we support different KDF params / key versions - n := keyHeader.KdfParams.N - r := keyHeader.KdfParams.R - p := keyHeader.KdfParams.P - dkLen := keyHeader.KdfParams.DkLen + n := keyProtected.Crypto.KDFParams.N + r := keyProtected.Crypto.KDFParams.R + p := keyProtected.Crypto.KDFParams.P + dkLen := keyProtected.Crypto.KDFParams.DkLen authArray := []byte(auth) derivedKey, err := scrypt.Key(authArray, salt, n, r, p, dkLen) @@ -246,7 +233,7 @@ func DecryptKey(ks keyStorePassphrase, keyAddr common.Address, auth string) (key return nil, nil, err } - calculatedMAC := Sha3(keyHeaderJSONStr, derivedKey[16:32], cipherText) + calculatedMAC := Sha3(derivedKey[16:32], cipherText) if !bytes.Equal(calculatedMAC, mac) { err = errors.New("Decryption failed: MAC mismatch") return nil, nil, err -- cgit