aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorPéter Szilágyi <peterke@gmail.com>2016-02-17 06:38:34 +0800
committerPéter Szilágyi <peterke@gmail.com>2016-02-24 22:27:32 +0800
commit0969b35eec7b1e4a514b9fb3d659706d9f09ee2a (patch)
treef7ed30c92a3cfcf915ae9f1c03cbff1e9cdf56c1 /crypto
parentcda91ee18006ee0d012d905385c30485eab8be12 (diff)
downloadgo-tangerine-0969b35eec7b1e4a514b9fb3d659706d9f09ee2a.tar.gz
go-tangerine-0969b35eec7b1e4a514b9fb3d659706d9f09ee2a.tar.zst
go-tangerine-0969b35eec7b1e4a514b9fb3d659706d9f09ee2a.zip
crypto: code polish + ensure key file contents match with name
Diffstat (limited to 'crypto')
-rw-r--r--crypto/key_store_passphrase.go17
1 files changed, 12 insertions, 5 deletions
diff --git a/crypto/key_store_passphrase.go b/crypto/key_store_passphrase.go
index 1e8d5509b..2700b0f1c 100644
--- a/crypto/key_store_passphrase.go
+++ b/crypto/key_store_passphrase.go
@@ -34,7 +34,6 @@ import (
"errors"
"fmt"
"io"
- "reflect"
"github.com/ethereum/go-ethereum/common"
"github.com/ethereum/go-ethereum/crypto/randentropy"
@@ -157,8 +156,7 @@ func DecryptKey(keyjson []byte, auth string) (*Key, error) {
keyBytes, keyId []byte
err error
)
- v := reflect.ValueOf(m["version"])
- if v.Kind() == reflect.String && v.String() == "1" {
+ if version, ok := m["version"].(string); ok && version == "1" {
k := new(encryptedKeyJSONV1)
if err := json.Unmarshal(keyjson, k); err != nil {
return nil, err
@@ -183,12 +181,21 @@ func DecryptKey(keyjson []byte, auth string) (*Key, error) {
}, nil
}
-func decryptKeyFromFile(keysDirPath string, keyAddr common.Address, auth string) (key *Key, err error) {
+func decryptKeyFromFile(keysDirPath string, keyAddr common.Address, auth string) (*Key, error) {
+ // Load the key from the keystore and decrypt its contents
keyjson, err := getKeyFile(keysDirPath, keyAddr)
if err != nil {
return nil, err
}
- return DecryptKey(keyjson, auth)
+ key, err := DecryptKey(keyjson, auth)
+ if err != nil {
+ return nil, err
+ }
+ // Make sure we're really operating on the requested key (no swap attacks)
+ if keyAddr != key.Address {
+ return nil, fmt.Errorf("key content mismatch: have account %x, want %x", key.Address, keyAddr)
+ }
+ return key, nil
}
func decryptKeyV3(keyProtected *encryptedKeyJSONV3, auth string) (keyBytes []byte, keyId []byte, err error) {