zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
321 Commits
183 Branches
291 MiB
Tree: 41369d7529
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '41369d7529'
${ noResults }
tendermint/keys/mintkey.go

115 lines
3.3 KiB
Raw Normal View History

go build compiles
7 years ago
no metalinter for now
7 years ago
go build compiles
7 years ago
Use new go-wire; PubKey etc are interfaces; Keybase refactor
7 years ago
Add import/export of public keys #79
7 years ago
go build compiles
7 years ago
Use new go-wire; PubKey etc are interfaces; Keybase refactor
7 years ago
Add import/export of public keys #79
7 years ago
Use new go-wire; PubKey etc are interfaces; Keybase refactor
7 years ago
Add import/export of public keys #79
7 years ago
Use new go-wire; PubKey etc are interfaces; Keybase refactor
7 years ago
Add import/export of public keys #79
7 years ago
Use new go-wire; PubKey etc are interfaces; Keybase refactor
7 years ago
Add import/export of public keys #79
7 years ago
Use new go-wire; PubKey etc are interfaces; Keybase refactor
7 years ago
go build compiles
7 years ago
 
  1. package keys
  2. 

  3. import (
  4. 	"encoding/hex"
  5. 	"fmt"
  6. 

  7. 	cmn "github.com/tendermint/tmlibs/common"
  8. 

  9. 	"github.com/tendermint/go-crypto"
  10. 	"github.com/tendermint/go-crypto/keys/bcrypt"
  11. )
  12. 

  13. const (
  14. 	blockTypePrivKey = "TENDERMINT PRIVATE KEY"
  15. 	blockTypeKeyInfo = "TENDERMINT KEY INFO"
  16. 	blockTypePubKey  = "TENDERMINT PUBLIC KEY"
  17. )
  18. 

  19. func armorInfoBytes(bz []byte) string {
  20. 	return armorBytes(bz, blockTypeKeyInfo)
  21. }
  22. 

  23. func armorPubKeyBytes(bz []byte) string {
  24. 	return armorBytes(bz, blockTypePubKey)
  25. }
  26. 

  27. func armorBytes(bz []byte, blockType string) string {
  28. 	header := map[string]string{
  29. 		"type":    "Info",
  30. 		"version": "0.0.0",
  31. 	}
  32. 	return crypto.EncodeArmor(blockType, header, bz)
  33. }
  34. 

  35. func unarmorInfoBytes(armorStr string) (bz []byte, err error) {
  36. 	return unarmorBytes(armorStr, blockTypeKeyInfo)
  37. }
  38. 

  39. func unarmorPubKeyBytes(armorStr string) (bz []byte, err error) {
  40. 	return unarmorBytes(armorStr, blockTypePubKey)
  41. }
  42. 

  43. func unarmorBytes(armorStr, blockType string) (bz []byte, err error) {
  44. 	bType, header, bz, err := crypto.DecodeArmor(armorStr)
  45. 	if err != nil {
  46. 		return
  47. 	}
  48. 	if bType != blockType {
  49. 		err = fmt.Errorf("Unrecognized armor type %q, expected: %q", bType, blockType)
  50. 		return
  51. 	}
  52. 	if header["version"] != "0.0.0" {
  53. 		err = fmt.Errorf("Unrecognized version: %v", header["version"])
  54. 		return
  55. 	}
  56. 	return
  57. }
  58. 

  59. func encryptArmorPrivKey(privKey crypto.PrivKey, passphrase string) string {
  60. 	saltBytes, encBytes := encryptPrivKey(privKey, passphrase)
  61. 	header := map[string]string{
  62. 		"kdf":  "bcrypt",
  63. 		"salt": fmt.Sprintf("%X", saltBytes),
  64. 	}
  65. 	armorStr := crypto.EncodeArmor(blockTypePrivKey, header, encBytes)
  66. 	return armorStr
  67. }
  68. 

  69. func unarmorDecryptPrivKey(armorStr string, passphrase string) (crypto.PrivKey, error) {
  70. 	var privKey crypto.PrivKey
  71. 	blockType, header, encBytes, err := crypto.DecodeArmor(armorStr)
  72. 	if err != nil {
  73. 		return privKey, err
  74. 	}
  75. 	if blockType != blockTypePrivKey {
  76. 		return privKey, fmt.Errorf("Unrecognized armor type: %v", blockType)
  77. 	}
  78. 	if header["kdf"] != "bcrypt" {
  79. 		return privKey, fmt.Errorf("Unrecognized KDF type: %v", header["KDF"])
  80. 	}
  81. 	if header["salt"] == "" {
  82. 		return privKey, fmt.Errorf("Missing salt bytes")
  83. 	}
  84. 	saltBytes, err := hex.DecodeString(header["salt"])
  85. 	if err != nil {
  86. 		return privKey, fmt.Errorf("Error decoding salt: %v", err.Error())
  87. 	}
  88. 	privKey, err = decryptPrivKey(saltBytes, encBytes, passphrase)
  89. 	return privKey, err
  90. }
  91. 

  92. func encryptPrivKey(privKey crypto.PrivKey, passphrase string) (saltBytes []byte, encBytes []byte) {
  93. 	saltBytes = crypto.CRandBytes(16)
  94. 	key, err := bcrypt.GenerateFromPassword(saltBytes, []byte(passphrase), 12) // TODO parameterize.  12 is good today (2016)

  95. 	if err != nil {
  96. 		cmn.Exit("Error generating bcrypt key from passphrase: " + err.Error())
  97. 	}
  98. 	key = crypto.Sha256(key) // Get 32 bytes

  99. 	privKeyBytes := privKey.Bytes()
  100. 	return saltBytes, crypto.EncryptSymmetric(privKeyBytes, key)
  101. }
  102. 

  103. func decryptPrivKey(saltBytes []byte, encBytes []byte, passphrase string) (privKey crypto.PrivKey, err error) {
  104. 	key, err := bcrypt.GenerateFromPassword(saltBytes, []byte(passphrase), 12) // TODO parameterize.  12 is good today (2016)

  105. 	if err != nil {
  106. 		cmn.Exit("Error generating bcrypt key from passphrase: " + err.Error())
  107. 	}
  108. 	key = crypto.Sha256(key) // Get 32 bytes

  109. 	privKeyBytes, err := crypto.DecryptSymmetric(encBytes, key)
  110. 	if err != nil {
  111. 		return privKey, err
  112. 	}
  113. 	privKey, err = crypto.PrivKeyFromBytes(privKeyBytes)
  114. 	return privKey, err
  115. }