mirror of https://github.com/status-im/op-geth.git
Address pull request comments
* Use crypto.Sign instead of directly calling secp256k1 lib * Rename UserAccount to Account and Addr to Address (for consistency) * Change AccountManager.Sign to take ptr to Account instead of address byte array * Simplify copying of Accounts in Accounts() * PubkeyToAddress and GetEntropyCSPRNG now exported
This commit is contained in:
parent
512ffa2bf4
commit
8d9752a557
|
@ -35,12 +35,11 @@ package accounts
|
||||||
import (
|
import (
|
||||||
crand "crypto/rand"
|
crand "crypto/rand"
|
||||||
"github.com/ethereum/go-ethereum/crypto"
|
"github.com/ethereum/go-ethereum/crypto"
|
||||||
"github.com/ethereum/go-ethereum/crypto/secp256k1"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// TODO: better name for this struct?
|
// TODO: better name for this struct?
|
||||||
type UserAccount struct {
|
type Account struct {
|
||||||
Addr []byte
|
Address []byte
|
||||||
}
|
}
|
||||||
|
|
||||||
type AccountManager struct {
|
type AccountManager struct {
|
||||||
|
@ -57,43 +56,40 @@ func NewAccountManager(keyStore crypto.KeyStore2) AccountManager {
|
||||||
return *am
|
return *am
|
||||||
}
|
}
|
||||||
|
|
||||||
func (am *AccountManager) Sign(fromAddr []byte, keyAuth string, toSign []byte) (signature []byte, err error) {
|
func (am *AccountManager) Sign(fromAccount *Account, keyAuth string, toSign []byte) (signature []byte, err error) {
|
||||||
key, err := am.keyStore.GetKey(fromAddr, keyAuth)
|
key, err := am.keyStore.GetKey(fromAccount.Address, keyAuth)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
privKey := crypto.FromECDSA(key.PrivateKey)
|
signature, err = crypto.Sign(toSign, key.PrivateKey)
|
||||||
// TODO: what is second value?
|
|
||||||
signature, err = secp256k1.Sign(toSign, privKey)
|
|
||||||
return signature, err
|
return signature, err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (am AccountManager) NewAccount(auth string) (*UserAccount, error) {
|
func (am AccountManager) NewAccount(auth string) (*Account, error) {
|
||||||
key, err := am.keyStore.GenerateNewKey(crand.Reader, auth)
|
key, err := am.keyStore.GenerateNewKey(crand.Reader, auth)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
ua := &UserAccount{
|
ua := &Account{
|
||||||
Addr: key.Address,
|
Address: key.Address,
|
||||||
}
|
}
|
||||||
return ua, err
|
return ua, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// set of accounts == set of keys in given key store
|
// set of accounts == set of keys in given key store
|
||||||
// TODO: do we need persistence of accounts as well?
|
// TODO: do we need persistence of accounts as well?
|
||||||
func (am *AccountManager) Accounts() ([]UserAccount, error) {
|
func (am *AccountManager) Accounts() ([]Account, error) {
|
||||||
addresses, err := am.keyStore.GetKeyAddresses()
|
addresses, err := am.keyStore.GetKeyAddresses()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
accounts := make([]UserAccount, len(addresses))
|
accounts := make([]Account, len(addresses))
|
||||||
|
|
||||||
for i, addr := range addresses {
|
for i, addr := range addresses {
|
||||||
ua := &UserAccount{
|
accounts[i] = Account{
|
||||||
Addr: addr,
|
Address: addr,
|
||||||
}
|
}
|
||||||
accounts[i] = *ua
|
|
||||||
}
|
}
|
||||||
return accounts, err
|
return accounts, err
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,9 +10,8 @@ func TestAccountManager(t *testing.T) {
|
||||||
am := NewAccountManager(ks)
|
am := NewAccountManager(ks)
|
||||||
pass := "" // not used but required by API
|
pass := "" // not used but required by API
|
||||||
a1, err := am.NewAccount(pass)
|
a1, err := am.NewAccount(pass)
|
||||||
toSign := make([]byte, 4, 4)
|
toSign := crypto.GetEntropyCSPRNG(32)
|
||||||
toSign = []byte{0, 1, 2, 3}
|
_, err = am.Sign(a1, pass, toSign)
|
||||||
_, err = am.Sign(a1.Addr, pass, toSign)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -133,8 +133,7 @@ func ImportPreSaleKey(keyStore KeyStore2, keyJSON []byte, password string) (*Key
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
id := uuid.NewRandom()
|
key.Id = uuid.NewRandom()
|
||||||
key.Id = id
|
|
||||||
err = keyStore.StoreKey(key, password)
|
err = keyStore.StoreKey(key, password)
|
||||||
return key, err
|
return key, err
|
||||||
}
|
}
|
||||||
|
@ -167,7 +166,7 @@ func decryptPreSaleKey(fileContent []byte, password string) (key *Key, err error
|
||||||
ecKey := ToECDSA(ethPriv)
|
ecKey := ToECDSA(ethPriv)
|
||||||
key = &Key{
|
key = &Key{
|
||||||
Id: nil,
|
Id: nil,
|
||||||
Address: pubkeyToAddress(ecKey.PublicKey),
|
Address: PubkeyToAddress(ecKey.PublicKey),
|
||||||
PrivateKey: ecKey,
|
PrivateKey: ecKey,
|
||||||
}
|
}
|
||||||
derivedAddr := ethutil.Bytes2Hex(key.Address)
|
derivedAddr := ethutil.Bytes2Hex(key.Address)
|
||||||
|
@ -225,7 +224,7 @@ func PKCS7Unpad(in []byte) []byte {
|
||||||
return in[:len(in)-int(padding)]
|
return in[:len(in)-int(padding)]
|
||||||
}
|
}
|
||||||
|
|
||||||
func pubkeyToAddress(p ecdsa.PublicKey) []byte {
|
func PubkeyToAddress(p ecdsa.PublicKey) []byte {
|
||||||
pubBytes := FromECDSAPub(&p)
|
pubBytes := FromECDSAPub(&p)
|
||||||
return Sha3(pubBytes[1:])[12:]
|
return Sha3(pubBytes[1:])[12:]
|
||||||
}
|
}
|
||||||
|
|
|
@ -102,7 +102,7 @@ func NewKey(rand io.Reader) *Key {
|
||||||
id := uuid.NewRandom()
|
id := uuid.NewRandom()
|
||||||
key := &Key{
|
key := &Key{
|
||||||
Id: id,
|
Id: id,
|
||||||
Address: pubkeyToAddress(privateKeyECDSA.PublicKey),
|
Address: PubkeyToAddress(privateKeyECDSA.PublicKey),
|
||||||
PrivateKey: privateKeyECDSA,
|
PrivateKey: privateKeyECDSA,
|
||||||
}
|
}
|
||||||
return key
|
return key
|
||||||
|
|
|
@ -116,7 +116,7 @@ func (ks keyStorePassphrase) GetKeyAddresses() (addresses [][]byte, err error) {
|
||||||
|
|
||||||
func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
|
func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
|
||||||
authArray := []byte(auth)
|
authArray := []byte(auth)
|
||||||
salt := getEntropyCSPRNG(32)
|
salt := GetEntropyCSPRNG(32)
|
||||||
derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen)
|
derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -131,7 +131,7 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
iv := getEntropyCSPRNG(aes.BlockSize) // 16
|
iv := GetEntropyCSPRNG(aes.BlockSize) // 16
|
||||||
AES256CBCEncrypter := cipher.NewCBCEncrypter(AES256Block, iv)
|
AES256CBCEncrypter := cipher.NewCBCEncrypter(AES256Block, iv)
|
||||||
cipherText := make([]byte, len(toEncrypt))
|
cipherText := make([]byte, len(toEncrypt))
|
||||||
AES256CBCEncrypter.CryptBlocks(cipherText, toEncrypt)
|
AES256CBCEncrypter.CryptBlocks(cipherText, toEncrypt)
|
||||||
|
@ -197,7 +197,7 @@ func DecryptKey(ks keyStorePassphrase, keyAddr []byte, auth string) (keyBytes []
|
||||||
return keyBytes, keyId, err
|
return keyBytes, keyId, err
|
||||||
}
|
}
|
||||||
|
|
||||||
func getEntropyCSPRNG(n int) []byte {
|
func GetEntropyCSPRNG(n int) []byte {
|
||||||
mainBuff := make([]byte, n)
|
mainBuff := make([]byte, n)
|
||||||
_, err := io.ReadFull(crand.Reader, mainBuff)
|
_, err := io.ReadFull(crand.Reader, mainBuff)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
Loading…
Reference in New Issue