zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
118 Commits
183 Branches
291 MiB
Tree: 4ff889a236
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4ff889a236'
${ noResults }
tendermint/keys/cryptostore/holder.go

166 lines
4.5 KiB
Raw Normal View History

Import keystore logic from light-client
8 years ago
Add codec to keys.Manager, recovery test passes
7 years ago
Import keystore logic from light-client
8 years ago
Add codec to keys.Manager, recovery test passes
7 years ago
Import keystore logic from light-client
8 years ago
Add codec to keys.Manager, recovery test passes
7 years ago
Import keystore logic from light-client
8 years ago
Add codec to keys.Manager, recovery test passes
7 years ago
Import keystore logic from light-client
8 years ago
Expose new and list via cli
8 years ago
Import keystore logic from light-client
8 years ago
Set key algorithm on key creation
8 years ago
Code cleanup from review comments
7 years ago
Updated Manager interface to return seed on create, fix server tests
7 years ago
Set key algorithm on key creation
8 years ago
Updated Manager interface to return seed on create, fix server tests
7 years ago
Set key algorithm on key creation
8 years ago
Use 16 random bytes for seed and key, crc16 by default
7 years ago
Set key algorithm on key creation
8 years ago
Add codec to keys.Manager, recovery test passes
7 years ago
Use 16 random bytes for seed and key, crc16 by default
7 years ago
Add codec to keys.Manager, recovery test passes
7 years ago
Updated Manager interface to return seed on create, fix server tests
7 years ago
Code cleanup from review comments
7 years ago
Updated Manager interface to return seed on create, fix server tests
7 years ago
Add codec to keys.Manager, recovery test passes
7 years ago
Use 16 random bytes for seed and key, crc16 by default
7 years ago
Add codec to keys.Manager, recovery test passes
7 years ago
Use 16 random bytes for seed and key, crc16 by default
7 years ago
Add codec to keys.Manager, recovery test passes
7 years ago
Import keystore logic from light-client
8 years ago
Expose new and list via cli
8 years ago
Import keystore logic from light-client
8 years ago
Expose new and list via cli
8 years ago
Import keystore logic from light-client
8 years ago
 
  1. package cryptostore
  2. 

  3. import (
  4. 	"strings"
  5. 

  6. 	crypto "github.com/tendermint/go-crypto"
  7. 	keys "github.com/tendermint/go-crypto/keys"
  8. )
  9. 

  10. // Manager combines encyption and storage implementation to provide

  11. // a full-featured key manager

  12. type Manager struct {
  13. 	es    encryptedStorage
  14. 	codec keys.Codec
  15. }
  16. 

  17. func New(coder Encoder, store keys.Storage, codec keys.Codec) Manager {
  18. 	return Manager{
  19. 		es: encryptedStorage{
  20. 			coder: coder,
  21. 			store: store,
  22. 		},
  23. 		codec: codec,
  24. 	}
  25. }
  26. 

  27. // exists just to make sure we fulfill the Signer interface

  28. func (s Manager) assertSigner() keys.Signer {
  29. 	return s
  30. }
  31. 

  32. // exists just to make sure we fulfill the Manager interface

  33. func (s Manager) assertKeyManager() keys.Manager {
  34. 	return s
  35. }
  36. 

  37. // Create adds a new key to the storage engine, returning error if

  38. // another key already stored under this name

  39. //

  40. // algo must be a supported go-crypto algorithm: ed25519, secp256k1

  41. func (s Manager) Create(name, passphrase, algo string) (keys.Info, string, error) {
  42. 	gen, err := getGenerator(algo)
  43. 	if err != nil {
  44. 		return keys.Info{}, "", err
  45. 	}
  46. 

  47. 	// 128-bits the the all the randomness we can make use of

  48. 	secret := crypto.CRandBytes(16)
  49. 	key := gen.Generate(secret)
  50. 	err = s.es.Put(name, passphrase, key)
  51. 	if err != nil {
  52. 		return keys.Info{}, "", err
  53. 	}
  54. 

  55. 	seed, err := s.codec.BytesToWords(secret)
  56. 	phrase := strings.Join(seed, " ")
  57. 	return info(name, key), phrase, err
  58. }
  59. 

  60. // Recover takes a seed phrase and tries to recover the private key.

  61. //

  62. // If the seed phrase is valid, it will create the private key and store

  63. // it under name, protected by passphrase.

  64. //

  65. // Result similar to New(), except it doesn't return the seed again...

  66. func (s Manager) Recover(name, passphrase, seedphrase string) (keys.Info, error) {
  67. 	words := strings.Split(strings.TrimSpace(seedphrase), " ")
  68. 	secret, err := s.codec.WordsToBytes(words)
  69. 	if err != nil {
  70. 		return keys.Info{}, err
  71. 	}
  72. 

  73. 	// TODO: flag this???

  74. 	gen := GenEd25519
  75. 	// gen, err := getGenerator(algo)

  76. 	// if err != nil {

  77. 	//   return keys.Info{}, "", err

  78. 	// }

  79. 	key := gen.Generate(secret)
  80. 

  81. 	// d00d, it worked!  create the bugger....

  82. 	err = s.es.Put(name, passphrase, key)
  83. 	return info(name, key), err
  84. }
  85. 

  86. // List loads the keys from the storage and enforces alphabetical order

  87. func (s Manager) List() (keys.Infos, error) {
  88. 	res, err := s.es.List()
  89. 	res.Sort()
  90. 	return res, err
  91. }
  92. 

  93. // Get returns the public information about one key

  94. func (s Manager) Get(name string) (keys.Info, error) {
  95. 	_, info, err := s.es.store.Get(name)
  96. 	return info, err
  97. }
  98. 

  99. // Sign will modify the Signable in order to attach a valid signature with

  100. // this public key

  101. //

  102. // If no key for this name, or the passphrase doesn't match, returns an error

  103. func (s Manager) Sign(name, passphrase string, tx keys.Signable) error {
  104. 	key, _, err := s.es.Get(name, passphrase)
  105. 	if err != nil {
  106. 		return err
  107. 	}
  108. 	sig := key.Sign(tx.SignBytes())
  109. 	pubkey := key.PubKey()
  110. 	return tx.Sign(pubkey, sig)
  111. }
  112. 

  113. // Export decodes the private key with the current password, encodes

  114. // it with a secure one-time password and generates a sequence that can be

  115. // Imported by another Manager

  116. //

  117. // This is designed to copy from one device to another, or provide backups

  118. // during version updates.

  119. func (s Manager) Export(name, oldpass, transferpass string) ([]byte, error) {
  120. 	key, _, err := s.es.Get(name, oldpass)
  121. 	if err != nil {
  122. 		return nil, err
  123. 	}
  124. 

  125. 	res, err := s.es.coder.Encrypt(key, transferpass)
  126. 	return res, err
  127. }
  128. 

  129. // Import accepts bytes generated by Export along with the same transferpass

  130. // If they are valid, it stores the password under the given name with the

  131. // new passphrase.

  132. func (s Manager) Import(name, newpass, transferpass string, data []byte) error {
  133. 	key, err := s.es.coder.Decrypt(data, transferpass)
  134. 	if err != nil {
  135. 		return err
  136. 	}
  137. 

  138. 	return s.es.Put(name, newpass, key)
  139. }
  140. 

  141. // Delete removes key forever, but we must present the

  142. // proper passphrase before deleting it (for security)

  143. func (s Manager) Delete(name, passphrase string) error {
  144. 	// verify we have the proper password before deleting

  145. 	_, _, err := s.es.Get(name, passphrase)
  146. 	if err != nil {
  147. 		return err
  148. 	}
  149. 	return s.es.Delete(name)
  150. }
  151. 

  152. // Update changes the passphrase with which a already stored key is encoded.

  153. //

  154. // oldpass must be the current passphrase used for encoding, newpass will be

  155. // the only valid passphrase from this time forward

  156. func (s Manager) Update(name, oldpass, newpass string) error {
  157. 	key, _, err := s.es.Get(name, oldpass)
  158. 	if err != nil {
  159. 		return err
  160. 	}
  161. 

  162. 	// we must delete first, as Putting over an existing name returns an error

  163. 	s.Delete(name, oldpass)
  164. 

  165. 	return s.es.Put(name, newpass, key)
  166. }