Remove the awesome, ever misunderstood entropy mixing
This commit is contained in:
Gustav Simonsson
parent
58d6ec689f
commit
9918b6c84e
@ -118,7 +118,7 @@ func (ks keyStorePassphrase) GetKeyAddresses() (addresses [][]byte, err error) {
|
||||
|
||||
func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
|
||||
authArray := []byte(auth)
|
||||
salt := randentropy.GetEntropyMixed(32)
|
||||
salt := randentropy.GetEntropyCSPRNG(32)
|
||||
derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen)
|
||||
if err != nil {
|
||||
return err
|
||||
@ -133,7 +133,7 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
|
||||
return err
|
||||
}
|
||||
|
||||
iv := randentropy.GetEntropyMixed(aes.BlockSize) // 16
|
||||
iv := randentropy.GetEntropyCSPRNG(aes.BlockSize) // 16
|
||||
AES256CBCEncrypter := cipher.NewCBCEncrypter(AES256Block, iv)
|
||||
cipherText := make([]byte, len(toEncrypt))
|
||||
AES256CBCEncrypter.CryptBlocks(cipherText, toEncrypt)
|
||||
|
||||
@ -2,12 +2,8 @@ package randentropy
|
||||
|
||||
import (
|
||||
crand "crypto/rand"
|
||||
"encoding/binary"
|
||||
"github.com/ethereum/go-ethereum/crypto/sha3"
|
||||
"io"
|
||||
"os"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
var Reader io.Reader = &randEntropy{}
|
||||
@ -16,7 +12,7 @@ type randEntropy struct {
|
||||
}
|
||||
|
||||
func (*randEntropy) Read(bytes []byte) (n int, err error) {
|
||||
readBytes := GetEntropyMixed(len(bytes))
|
||||
readBytes := GetEntropyCSPRNG(len(bytes))
|
||||
copy(bytes, readBytes)
|
||||
return len(bytes), nil
|
||||
}
|
||||
@ -29,40 +25,6 @@ func Sha3(data []byte) []byte {
|
||||
return d.Sum(nil)
|
||||
}
|
||||
|
||||
// TODO: verify. this needs to be audited
|
||||
// we start with crypt/rand, then XOR in additional entropy from OS
|
||||
func GetEntropyMixed(n int) []byte {
|
||||
startTime := time.Now().UnixNano()
|
||||
// for each source, we take SHA3 of the source and use it as seed to math/rand
|
||||
// then read bytes from it and XOR them onto the bytes read from crypto/rand
|
||||
mainBuff := GetEntropyCSPRNG(n)
|
||||
// 1. OS entropy sources
|
||||
startTimeBytes := make([]byte, 32)
|
||||
binary.PutVarint(startTimeBytes, startTime)
|
||||
startTimeHash := Sha3(startTimeBytes)
|
||||
mixBytes(mainBuff, startTimeHash)
|
||||
|
||||
pid := os.Getpid()
|
||||
pidBytes := make([]byte, 32)
|
||||
binary.PutUvarint(pidBytes, uint64(pid))
|
||||
pidHash := Sha3(pidBytes)
|
||||
mixBytes(mainBuff, pidHash)
|
||||
|
||||
osEnv := os.Environ()
|
||||
osEnvBytes := []byte(strings.Join(osEnv, ""))
|
||||
osEnvHash := Sha3(osEnvBytes)
|
||||
mixBytes(mainBuff, osEnvHash)
|
||||
|
||||
// not all OS have hostname in env variables
|
||||
osHostName, err := os.Hostname()
|
||||
if err != nil {
|
||||
osHostNameBytes := []byte(osHostName)
|
||||
osHostNameHash := Sha3(osHostNameBytes)
|
||||
mixBytes(mainBuff, osHostNameHash)
|
||||
}
|
||||
return mainBuff
|
||||
}
|
||||
|
||||
func GetEntropyCSPRNG(n int) []byte {
|
||||
mainBuff := make([]byte, n)
|
||||
_, err := io.ReadFull(crand.Reader, mainBuff)
|
||||
@ -71,14 +33,3 @@ func GetEntropyCSPRNG(n int) []byte {
|
||||
}
|
||||
return mainBuff
|
||||
}
|
||||
|
||||
func mixBytes(buff []byte, mixBuff []byte) []byte {
|
||||
bytesToMix := len(buff)
|
||||
if bytesToMix > 32 {
|
||||
bytesToMix = 32
|
||||
}
|
||||
for i := 0; i < bytesToMix; i++ {
|
||||
buff[i] ^= mixBuff[i]
|
||||
}
|
||||
return buff
|
||||
}
|
||||
|
||||
@ -59,7 +59,7 @@ func GenerateKeyPair() ([]byte, []byte) {
|
||||
const seckey_len = 32
|
||||
|
||||
var pubkey []byte = make([]byte, pubkey_len)
|
||||
var seckey []byte = randentropy.GetEntropyMixed(seckey_len)
|
||||
var seckey []byte = randentropy.GetEntropyCSPRNG(seckey_len)
|
||||
|
||||
var pubkey_ptr *C.uchar = (*C.uchar)(unsafe.Pointer(&pubkey[0]))
|
||||
var seckey_ptr *C.uchar = (*C.uchar)(unsafe.Pointer(&seckey[0]))
|
||||
@ -99,7 +99,7 @@ func GeneratePubKey(seckey []byte) ([]byte, error) {
|
||||
}
|
||||
|
||||
func Sign(msg []byte, seckey []byte) ([]byte, error) {
|
||||
nonce := randentropy.GetEntropyMixed(32)
|
||||
nonce := randentropy.GetEntropyCSPRNG(32)
|
||||
|
||||
var sig []byte = make([]byte, 65)
|
||||
var recid C.int
|
||||
|
||||
@ -14,7 +14,7 @@ const SigSize = 65 //64+1
|
||||
|
||||
func Test_Secp256_00(t *testing.T) {
|
||||
|
||||
var nonce []byte = randentropy.GetEntropyMixed(32) //going to get bitcoins stolen!
|
||||
var nonce []byte = randentropy.GetEntropyCSPRNG(32) //going to get bitcoins stolen!
|
||||
|
||||
if len(nonce) != 32 {
|
||||
t.Fatal()
|
||||
@ -52,7 +52,7 @@ func Test_Secp256_01(t *testing.T) {
|
||||
//test size of messages
|
||||
func Test_Secp256_02s(t *testing.T) {
|
||||
pubkey, seckey := GenerateKeyPair()
|
||||
msg := randentropy.GetEntropyMixed(32)
|
||||
msg := randentropy.GetEntropyCSPRNG(32)
|
||||
sig, _ := Sign(msg, seckey)
|
||||
CompactSigTest(sig)
|
||||
if sig == nil {
|
||||
@ -75,7 +75,7 @@ func Test_Secp256_02s(t *testing.T) {
|
||||
//test signing message
|
||||
func Test_Secp256_02(t *testing.T) {
|
||||
pubkey1, seckey := GenerateKeyPair()
|
||||
msg := randentropy.GetEntropyMixed(32)
|
||||
msg := randentropy.GetEntropyCSPRNG(32)
|
||||
sig, _ := Sign(msg, seckey)
|
||||
if sig == nil {
|
||||
t.Fatal("Signature nil")
|
||||
@ -98,7 +98,7 @@ func Test_Secp256_02(t *testing.T) {
|
||||
//test pubkey recovery
|
||||
func Test_Secp256_02a(t *testing.T) {
|
||||
pubkey1, seckey1 := GenerateKeyPair()
|
||||
msg := randentropy.GetEntropyMixed(32)
|
||||
msg := randentropy.GetEntropyCSPRNG(32)
|
||||
sig, _ := Sign(msg, seckey1)
|
||||
|
||||
if sig == nil {
|
||||
@ -127,7 +127,7 @@ func Test_Secp256_02a(t *testing.T) {
|
||||
func Test_Secp256_03(t *testing.T) {
|
||||
_, seckey := GenerateKeyPair()
|
||||
for i := 0; i < TESTS; i++ {
|
||||
msg := randentropy.GetEntropyMixed(32)
|
||||
msg := randentropy.GetEntropyCSPRNG(32)
|
||||
sig, _ := Sign(msg, seckey)
|
||||
CompactSigTest(sig)
|
||||
|
||||
@ -143,7 +143,7 @@ func Test_Secp256_03(t *testing.T) {
|
||||
func Test_Secp256_04(t *testing.T) {
|
||||
for i := 0; i < TESTS; i++ {
|
||||
pubkey1, seckey := GenerateKeyPair()
|
||||
msg := randentropy.GetEntropyMixed(32)
|
||||
msg := randentropy.GetEntropyCSPRNG(32)
|
||||
sig, _ := Sign(msg, seckey)
|
||||
CompactSigTest(sig)
|
||||
|
||||
@ -166,7 +166,7 @@ func Test_Secp256_04(t *testing.T) {
|
||||
// -SIPA look at this
|
||||
|
||||
func randSig() []byte {
|
||||
sig := randentropy.GetEntropyMixed(65)
|
||||
sig := randentropy.GetEntropyCSPRNG(65)
|
||||
sig[32] &= 0x70
|
||||
sig[64] %= 4
|
||||
return sig
|
||||
@ -174,7 +174,7 @@ func randSig() []byte {
|
||||
|
||||
func Test_Secp256_06a_alt0(t *testing.T) {
|
||||
pubkey1, seckey := GenerateKeyPair()
|
||||
msg := randentropy.GetEntropyMixed(32)
|
||||
msg := randentropy.GetEntropyCSPRNG(32)
|
||||
sig, _ := Sign(msg, seckey)
|
||||
|
||||
if sig == nil {
|
||||
@ -205,12 +205,12 @@ func Test_Secp256_06a_alt0(t *testing.T) {
|
||||
|
||||
func Test_Secp256_06b(t *testing.T) {
|
||||
pubkey1, seckey := GenerateKeyPair()
|
||||
msg := randentropy.GetEntropyMixed(32)
|
||||
msg := randentropy.GetEntropyCSPRNG(32)
|
||||
sig, _ := Sign(msg, seckey)
|
||||
|
||||
fail_count := 0
|
||||
for i := 0; i < TESTS; i++ {
|
||||
msg = randentropy.GetEntropyMixed(32)
|
||||
msg = randentropy.GetEntropyCSPRNG(32)
|
||||
pubkey2, _ := RecoverPubkey(msg, sig)
|
||||
if bytes.Equal(pubkey1, pubkey2) == true {
|
||||
t.Fail()
|
||||
|
||||
Loading…
Reference in New Issue
Block a user