diff options
author | Péter Szilágyi <peterke@gmail.com> | 2016-02-17 06:38:34 +0800 |
---|---|---|
committer | Péter Szilágyi <peterke@gmail.com> | 2016-02-24 22:27:32 +0800 |
commit | 0969b35eec7b1e4a514b9fb3d659706d9f09ee2a (patch) | |
tree | f7ed30c92a3cfcf915ae9f1c03cbff1e9cdf56c1 /crypto | |
parent | cda91ee18006ee0d012d905385c30485eab8be12 (diff) | |
download | go-tangerine-0969b35eec7b1e4a514b9fb3d659706d9f09ee2a.tar.gz go-tangerine-0969b35eec7b1e4a514b9fb3d659706d9f09ee2a.tar.zst go-tangerine-0969b35eec7b1e4a514b9fb3d659706d9f09ee2a.zip |
crypto: code polish + ensure key file contents match with name
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/key_store_passphrase.go | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go index 1e8d5509b..2700b0f1c 100644 --- a/crypto/key_store_passphrase.go +++ b/crypto/key_store_passphrase.go @@ -34,7 +34,6 @@ import ( "errors" "fmt" "io" - "reflect" "github.com/ethereum/go-ethereum/common" "github.com/ethereum/go-ethereum/crypto/randentropy" @@ -157,8 +156,7 @@ func DecryptKey(keyjson []byte, auth string) (*Key, error) { keyBytes, keyId []byte err error ) - v := reflect.ValueOf(m["version"]) - if v.Kind() == reflect.String && v.String() == "1" { + if version, ok := m["version"].(string); ok && version == "1" { k := new(encryptedKeyJSONV1) if err := json.Unmarshal(keyjson, k); err != nil { return nil, err @@ -183,12 +181,21 @@ func DecryptKey(keyjson []byte, auth string) (*Key, error) { }, nil } -func decryptKeyFromFile(keysDirPath string, keyAddr common.Address, auth string) (key *Key, err error) { +func decryptKeyFromFile(keysDirPath string, keyAddr common.Address, auth string) (*Key, error) { + // Load the key from the keystore and decrypt its contents keyjson, err := getKeyFile(keysDirPath, keyAddr) if err != nil { return nil, err } - return DecryptKey(keyjson, auth) + key, err := DecryptKey(keyjson, auth) + if err != nil { + return nil, err + } + // Make sure we're really operating on the requested key (no swap attacks) + if keyAddr != key.Address { + return nil, fmt.Errorf("key content mismatch: have account %x, want %x", key.Address, keyAddr) + } + return key, nil } func decryptKeyV3(keyProtected *encryptedKeyJSONV3, auth string) (keyBytes []byte, keyId []byte, err error) { |