diff options
author | Felix Lange <fjl@users.noreply.github.com> | 2017-05-25 04:30:47 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-05-25 04:30:47 +0800 |
commit | ef25b826e655f8e6a57fc7a05454bf356382bd5f (patch) | |
tree | c843d8b5ca0064804e55f5d66dd910c0c106fc05 | |
parent | 261b3e235160d30cc7176e02fd0a43f2b60409c6 (diff) | |
parent | 136f78ff0a324f7f79296143a6ab7c2dd8a2c37d (diff) | |
download | go-tangerine-ef25b826e655f8e6a57fc7a05454bf356382bd5f.tar.gz go-tangerine-ef25b826e655f8e6a57fc7a05454bf356382bd5f.tar.zst go-tangerine-ef25b826e655f8e6a57fc7a05454bf356382bd5f.zip |
Merge pull request #14502 from karalabe/mobile-import-ecdsa
Enforce 256 bit keys on raw import, support raw mobile imports
-rw-r--r-- | accounts/keystore/key.go | 5 | ||||
-rw-r--r-- | accounts/keystore/keystore.go | 1 | ||||
-rw-r--r-- | accounts/keystore/keystore_passphrase.go | 5 | ||||
-rw-r--r-- | accounts/keystore/keystore_passphrase_test.go | 2 | ||||
-rw-r--r-- | accounts/keystore/presale.go | 5 | ||||
-rw-r--r-- | core/types/transaction_test.go | 2 | ||||
-rw-r--r-- | crypto/crypto.go | 27 | ||||
-rw-r--r-- | internal/ethapi/api.go | 6 | ||||
-rw-r--r-- | mobile/accounts.go | 20 | ||||
-rw-r--r-- | swarm/api/config_test.go | 5 | ||||
-rw-r--r-- | tests/util.go | 5 |
11 files changed, 49 insertions, 34 deletions
diff --git a/accounts/keystore/key.go b/accounts/keystore/key.go index 292b47b44..ecc955d74 100644 --- a/accounts/keystore/key.go +++ b/accounts/keystore/key.go @@ -124,14 +124,13 @@ func (k *Key) UnmarshalJSON(j []byte) (err error) { if err != nil { return err } - - privkey, err := hex.DecodeString(keyJSON.PrivateKey) + privkey, err := crypto.HexToECDSA(keyJSON.PrivateKey) if err != nil { return err } k.Address = common.BytesToAddress(addr) - k.PrivateKey = crypto.ToECDSA(privkey) + k.PrivateKey = privkey return nil } diff --git a/accounts/keystore/keystore.go b/accounts/keystore/keystore.go index a81098227..9df7f2dd9 100644 --- a/accounts/keystore/keystore.go +++ b/accounts/keystore/keystore.go @@ -450,7 +450,6 @@ func (ks *KeyStore) ImportECDSA(priv *ecdsa.PrivateKey, passphrase string) (acco if ks.cache.hasAddress(key.Address) { return accounts.Account{}, fmt.Errorf("account already exists") } - return ks.importKey(key, passphrase) } diff --git a/accounts/keystore/keystore_passphrase.go b/accounts/keystore/keystore_passphrase.go index 2eae25841..9a5c452c1 100644 --- a/accounts/keystore/keystore_passphrase.go +++ b/accounts/keystore/keystore_passphrase.go @@ -182,7 +182,10 @@ func DecryptKey(keyjson []byte, auth string) (*Key, error) { if err != nil { return nil, err } - key := crypto.ToECDSA(keyBytes) + key, err := crypto.ToECDSA(keyBytes) + if err != nil { + return nil, err + } return &Key{ Id: uuid.UUID(keyId), Address: crypto.PubkeyToAddress(key.PublicKey), diff --git a/accounts/keystore/keystore_passphrase_test.go b/accounts/keystore/keystore_passphrase_test.go index 086addbc1..630682ceb 100644 --- a/accounts/keystore/keystore_passphrase_test.go +++ b/accounts/keystore/keystore_passphrase_test.go @@ -46,7 +46,7 @@ func TestKeyEncryptDecrypt(t *testing.T) { // Decrypt with the correct password key, err := DecryptKey(keyjson, password) if err != nil { - t.Errorf("test %d: json key failed to decrypt: %v", i, err) + t.Fatalf("test %d: json key failed to decrypt: %v", i, err) } if key.Address != address { t.Errorf("test %d: key address mismatch: have %x, want %x", i, key.Address, address) diff --git a/accounts/keystore/presale.go b/accounts/keystore/presale.go index 5b883c45f..2f18a64db 100644 --- a/accounts/keystore/presale.go +++ b/accounts/keystore/presale.go @@ -74,7 +74,10 @@ func decryptPreSaleKey(fileContent []byte, password string) (key *Key, err error return nil, err } ethPriv := crypto.Keccak256(plainText) - ecKey := crypto.ToECDSA(ethPriv) + ecKey, err := crypto.ToECDSA(ethPriv) + if err != nil { + return nil, err + } key = &Key{ Id: nil, Address: crypto.PubkeyToAddress(ecKey.PublicKey), diff --git a/core/types/transaction_test.go b/core/types/transaction_test.go index 6e4519c04..edbe171e6 100644 --- a/core/types/transaction_test.go +++ b/core/types/transaction_test.go @@ -79,7 +79,7 @@ func decodeTx(data []byte) (*Transaction, error) { } func defaultTestKey() (*ecdsa.PrivateKey, common.Address) { - key := crypto.ToECDSA(common.Hex2Bytes("45a915e4d060149eb4365960e6a7a45f334393093061116b197e3240065ff2d8")) + key, _ := crypto.HexToECDSA("45a915e4d060149eb4365960e6a7a45f334393093061116b197e3240065ff2d8") addr := crypto.PubkeyToAddress(key.PublicKey) return key, addr } diff --git a/crypto/crypto.go b/crypto/crypto.go index 0b8c06008..d38ffd0d5 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -22,12 +22,14 @@ import ( "crypto/rand" "encoding/hex" "errors" + "fmt" "io" "io/ioutil" "math/big" "os" "github.com/ethereum/go-ethereum/common" + "github.com/ethereum/go-ethereum/common/math" "github.com/ethereum/go-ethereum/crypto/sha3" "github.com/ethereum/go-ethereum/rlp" ) @@ -76,23 +78,22 @@ func CreateAddress(b common.Address, nonce uint64) common.Address { } // ToECDSA creates a private key with the given D value. -func ToECDSA(prv []byte) *ecdsa.PrivateKey { - if len(prv) == 0 { - return nil - } - +func ToECDSA(d []byte) (*ecdsa.PrivateKey, error) { priv := new(ecdsa.PrivateKey) priv.PublicKey.Curve = S256() - priv.D = new(big.Int).SetBytes(prv) - priv.PublicKey.X, priv.PublicKey.Y = priv.PublicKey.Curve.ScalarBaseMult(prv) - return priv + if 8*len(d) != priv.Params().BitSize { + return nil, fmt.Errorf("invalid length, need %d bits", priv.Params().BitSize) + } + priv.D = new(big.Int).SetBytes(d) + priv.PublicKey.X, priv.PublicKey.Y = priv.PublicKey.Curve.ScalarBaseMult(d) + return priv, nil } func FromECDSA(prv *ecdsa.PrivateKey) []byte { if prv == nil { return nil } - return prv.D.Bytes() + return math.PaddedBigBytes(prv.D, 32) } func ToECDSAPub(pub []byte) *ecdsa.PublicKey { @@ -116,10 +117,7 @@ func HexToECDSA(hexkey string) (*ecdsa.PrivateKey, error) { if err != nil { return nil, errors.New("invalid hex string") } - if len(b) != 32 { - return nil, errors.New("invalid length, need 256 bits") - } - return ToECDSA(b), nil + return ToECDSA(b) } // LoadECDSA loads a secp256k1 private key from the given file. @@ -139,8 +137,7 @@ func LoadECDSA(file string) (*ecdsa.PrivateKey, error) { if err != nil { return nil, err } - - return ToECDSA(key), nil + return ToECDSA(key) } // SaveECDSA saves a secp256k1 private key to the given file with diff --git a/internal/ethapi/api.go b/internal/ethapi/api.go index 62edc695c..a22c15eca 100644 --- a/internal/ethapi/api.go +++ b/internal/ethapi/api.go @@ -19,7 +19,6 @@ package ethapi import ( "bytes" "context" - "encoding/hex" "errors" "fmt" "math/big" @@ -283,12 +282,11 @@ func fetchKeystore(am *accounts.Manager) *keystore.KeyStore { // ImportRawKey stores the given hex encoded ECDSA key into the key directory, // encrypting it with the passphrase. func (s *PrivateAccountAPI) ImportRawKey(privkey string, password string) (common.Address, error) { - hexkey, err := hex.DecodeString(privkey) + key, err := crypto.HexToECDSA(privkey) if err != nil { return common.Address{}, err } - - acc, err := fetchKeystore(s.am).ImportECDSA(crypto.ToECDSA(hexkey), password) + acc, err := fetchKeystore(s.am).ImportECDSA(key, password) return acc.Address, err } diff --git a/mobile/accounts.go b/mobile/accounts.go index f5b7e81aa..977999c3a 100644 --- a/mobile/accounts.go +++ b/mobile/accounts.go @@ -25,6 +25,7 @@ import ( "github.com/ethereum/go-ethereum/accounts" "github.com/ethereum/go-ethereum/accounts/keystore" + "github.com/ethereum/go-ethereum/crypto" ) const ( @@ -176,6 +177,11 @@ func (ks *KeyStore) NewAccount(passphrase string) (*Account, error) { return &Account{account}, nil } +// UpdateAccount changes the passphrase of an existing account. +func (ks *KeyStore) UpdateAccount(account *Account, passphrase, newPassphrase string) error { + return ks.keystore.Update(account.account, passphrase, newPassphrase) +} + // ExportKey exports as a JSON key, encrypted with newPassphrase. func (ks *KeyStore) ExportKey(account *Account, passphrase, newPassphrase string) (key []byte, _ error) { return ks.keystore.Export(account.account, passphrase, newPassphrase) @@ -190,9 +196,17 @@ func (ks *KeyStore) ImportKey(keyJSON []byte, passphrase, newPassphrase string) return &Account{acc}, nil } -// UpdateAccount changes the passphrase of an existing account. -func (ks *KeyStore) UpdateAccount(account *Account, passphrase, newPassphrase string) error { - return ks.keystore.Update(account.account, passphrase, newPassphrase) +// ImportECDSAKey stores the given encrypted JSON key into the key directory. +func (ks *KeyStore) ImportECDSAKey(key []byte, passphrase string) (account *Account, _ error) { + privkey, err := crypto.ToECDSA(key) + if err != nil { + return nil, err + } + acc, err := ks.keystore.ImportECDSA(privkey, passphrase) + if err != nil { + return nil, err + } + return &Account{acc}, nil } // ImportPreSaleKey decrypts the given Ethereum presale wallet and stores diff --git a/swarm/api/config_test.go b/swarm/api/config_test.go index 6b5cea915..85d056270 100644 --- a/swarm/api/config_test.go +++ b/swarm/api/config_test.go @@ -96,7 +96,10 @@ func TestConfigWriteRead(t *testing.T) { } defer os.RemoveAll(tmp) - prvkey := crypto.ToECDSA(common.Hex2Bytes(hexprvkey)) + prvkey, err := crypto.HexToECDSA(hexprvkey) + if err != nil { + t.Fatalf("failed to load private key: %v", err) + } orig, err := NewConfig(tmp, common.Address{}, prvkey, 323) if err != nil { t.Fatalf("expected no error, got %v", err) diff --git a/tests/util.go b/tests/util.go index 7a08e5ed8..a3a9a1f64 100644 --- a/tests/util.go +++ b/tests/util.go @@ -18,7 +18,6 @@ package tests import ( "bytes" - "encoding/hex" "fmt" "math/big" "os" @@ -161,8 +160,8 @@ func NewEVMEnvironment(vmTest bool, chainConfig *params.ChainConfig, statedb *st origin := common.HexToAddress(tx["caller"]) if len(tx["secretKey"]) > 0 { - key, _ := hex.DecodeString(tx["secretKey"]) - origin = crypto.PubkeyToAddress(crypto.ToECDSA(key).PublicKey) + key, _ := crypto.HexToECDSA(tx["secretKey"]) + origin = crypto.PubkeyToAddress(key.PublicKey) } var to *common.Address |