forked from cerc-io/plugeth
cmd/utils, crypto: add --lightkdf flag for lighter KDF
This commit is contained in:
parent
6b5a42a15c
commit
05ea8926c3
@ -157,6 +157,10 @@ var (
|
|||||||
Name: "fast",
|
Name: "fast",
|
||||||
Usage: "Enables fast syncing through state downloads",
|
Usage: "Enables fast syncing through state downloads",
|
||||||
}
|
}
|
||||||
|
LightKDFFlag = cli.BoolFlag{
|
||||||
|
Name: "lightkdf",
|
||||||
|
Usage: "Reduce KDF memory & CPU usage at some expense of KDF strength",
|
||||||
|
}
|
||||||
|
|
||||||
// miner settings
|
// miner settings
|
||||||
// TODO: refactor CPU vs GPU mining flags
|
// TODO: refactor CPU vs GPU mining flags
|
||||||
@ -579,7 +583,13 @@ func MakeAccountManager(ctx *cli.Context) *accounts.Manager {
|
|||||||
if ctx.GlobalBool(TestNetFlag.Name) {
|
if ctx.GlobalBool(TestNetFlag.Name) {
|
||||||
dataDir += "/testnet"
|
dataDir += "/testnet"
|
||||||
}
|
}
|
||||||
ks := crypto.NewKeyStorePassphrase(filepath.Join(dataDir, "keystore"))
|
scryptN := crypto.StandardScryptN
|
||||||
|
scryptP := crypto.StandardScryptP
|
||||||
|
if ctx.GlobalBool(LightKDFFlag.Name) {
|
||||||
|
scryptN = crypto.LightScryptN
|
||||||
|
scryptP = crypto.LightScryptP
|
||||||
|
}
|
||||||
|
ks := crypto.NewKeyStorePassphrase(filepath.Join(dataDir, "keystore"), scryptN, scryptP)
|
||||||
return accounts.NewManager(ks)
|
return accounts.NewManager(ks)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -128,7 +128,7 @@ func testEth(t *testing.T) (ethereum *eth.Ethereum, err error) {
|
|||||||
db, _ := ethdb.NewMemDatabase()
|
db, _ := ethdb.NewMemDatabase()
|
||||||
addr := common.HexToAddress(testAddress)
|
addr := common.HexToAddress(testAddress)
|
||||||
core.WriteGenesisBlockForTesting(db, core.GenesisAccount{addr, common.String2Big(testBalance)})
|
core.WriteGenesisBlockForTesting(db, core.GenesisAccount{addr, common.String2Big(testBalance)})
|
||||||
ks := crypto.NewKeyStorePassphrase(filepath.Join(tmp, "keystore"))
|
ks := crypto.NewKeyStorePassphrase(filepath.Join(tmp, "keystore"), crypto.LightScryptN, crypto.LightScryptP)
|
||||||
am := accounts.NewManager(ks)
|
am := accounts.NewManager(ks)
|
||||||
keyb, err := crypto.HexToECDSA(testKey)
|
keyb, err := crypto.HexToECDSA(testKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -106,7 +106,7 @@ func testEth(t *testing.T) (ethereum *eth.Ethereum, err error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// create a testAddress
|
// create a testAddress
|
||||||
ks := crypto.NewKeyStorePassphrase("/tmp/eth-natspec/keystore")
|
ks := crypto.NewKeyStorePassphrase("/tmp/eth-natspec/keystore", crypto.LightScryptN, crypto.LightScryptP)
|
||||||
am := accounts.NewManager(ks)
|
am := accounts.NewManager(ks)
|
||||||
testAccount, err := am.NewAccount("password")
|
testAccount, err := am.NewAccount("password")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -215,7 +215,7 @@ func Decrypt(prv *ecdsa.PrivateKey, ct []byte) ([]byte, error) {
|
|||||||
|
|
||||||
// Used only by block tests.
|
// Used only by block tests.
|
||||||
func ImportBlockTestKey(privKeyBytes []byte) error {
|
func ImportBlockTestKey(privKeyBytes []byte) error {
|
||||||
ks := NewKeyStorePassphrase(common.DefaultDataDir() + "/keystore")
|
ks := NewKeyStorePassphrase(common.DefaultDataDir()+"/keystore", LightScryptN, LightScryptP)
|
||||||
ecKey := ToECDSA(privKeyBytes)
|
ecKey := ToECDSA(privKeyBytes)
|
||||||
key := &Key{
|
key := &Key{
|
||||||
Id: uuid.NewRandom(),
|
Id: uuid.NewRandom(),
|
||||||
|
@ -45,19 +45,29 @@ import (
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
keyHeaderKDF = "scrypt"
|
keyHeaderKDF = "scrypt"
|
||||||
// 2^18 / 8 / 1 uses 256MB memory and approx 1s CPU time on a modern CPU.
|
|
||||||
scryptN = 1 << 18
|
// n,r,p = 2^18, 8, 1 uses 256MB memory and approx 1s CPU time on a modern CPU.
|
||||||
scryptr = 8
|
StandardScryptN = 1 << 18
|
||||||
scryptp = 1
|
StandardScryptP = 1
|
||||||
scryptdkLen = 32
|
|
||||||
|
// n,r,p = 2^12, 8, 6 uses 4MB memory and approx 100ms CPU time on a modern CPU.
|
||||||
|
LightScryptN = 1 << 12
|
||||||
|
LightScryptP = 6
|
||||||
|
|
||||||
|
scryptR = 8
|
||||||
|
scryptDKLen = 32
|
||||||
)
|
)
|
||||||
|
|
||||||
type keyStorePassphrase struct {
|
type keyStorePassphrase struct {
|
||||||
keysDirPath string
|
keysDirPath string
|
||||||
|
scryptN int
|
||||||
|
scryptP int
|
||||||
|
scryptR int
|
||||||
|
scryptDKLen int
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewKeyStorePassphrase(path string) KeyStore {
|
func NewKeyStorePassphrase(path string, scryptN int, scryptP int) KeyStore {
|
||||||
return &keyStorePassphrase{path}
|
return &keyStorePassphrase{path, scryptN, scryptP, scryptR, scryptDKLen}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (ks keyStorePassphrase) GenerateNewKey(rand io.Reader, auth string) (key *Key, err error) {
|
func (ks keyStorePassphrase) GenerateNewKey(rand io.Reader, auth string) (key *Key, err error) {
|
||||||
@ -87,11 +97,10 @@ func (ks keyStorePassphrase) GetKeyAddresses() (addresses []common.Address, err
|
|||||||
func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
|
func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
|
||||||
authArray := []byte(auth)
|
authArray := []byte(auth)
|
||||||
salt := randentropy.GetEntropyCSPRNG(32)
|
salt := randentropy.GetEntropyCSPRNG(32)
|
||||||
derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen)
|
derivedKey, err := scrypt.Key(authArray, salt, ks.scryptN, ks.scryptR, ks.scryptP, ks.scryptDKLen)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
encryptKey := derivedKey[:16]
|
encryptKey := derivedKey[:16]
|
||||||
keyBytes := FromECDSA(key.PrivateKey)
|
keyBytes := FromECDSA(key.PrivateKey)
|
||||||
|
|
||||||
@ -104,10 +113,10 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
|
|||||||
mac := Sha3(derivedKey[16:32], cipherText)
|
mac := Sha3(derivedKey[16:32], cipherText)
|
||||||
|
|
||||||
scryptParamsJSON := make(map[string]interface{}, 5)
|
scryptParamsJSON := make(map[string]interface{}, 5)
|
||||||
scryptParamsJSON["n"] = scryptN
|
scryptParamsJSON["n"] = ks.scryptN
|
||||||
scryptParamsJSON["r"] = scryptr
|
scryptParamsJSON["r"] = ks.scryptR
|
||||||
scryptParamsJSON["p"] = scryptp
|
scryptParamsJSON["p"] = ks.scryptP
|
||||||
scryptParamsJSON["dklen"] = scryptdkLen
|
scryptParamsJSON["dklen"] = ks.scryptDKLen
|
||||||
scryptParamsJSON["salt"] = hex.EncodeToString(salt)
|
scryptParamsJSON["salt"] = hex.EncodeToString(salt)
|
||||||
|
|
||||||
cipherParamsJSON := cipherparamsJSON{
|
cipherParamsJSON := cipherparamsJSON{
|
||||||
|
@ -56,7 +56,7 @@ func TestKeyStorePlain(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestKeyStorePassphrase(t *testing.T) {
|
func TestKeyStorePassphrase(t *testing.T) {
|
||||||
ks := NewKeyStorePassphrase(common.DefaultDataDir())
|
ks := NewKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP)
|
||||||
pass := "foo"
|
pass := "foo"
|
||||||
k1, err := ks.GenerateNewKey(randentropy.Reader, pass)
|
k1, err := ks.GenerateNewKey(randentropy.Reader, pass)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -82,7 +82,7 @@ func TestKeyStorePassphrase(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestKeyStorePassphraseDecryptionFail(t *testing.T) {
|
func TestKeyStorePassphraseDecryptionFail(t *testing.T) {
|
||||||
ks := NewKeyStorePassphrase(common.DefaultDataDir())
|
ks := NewKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP)
|
||||||
pass := "foo"
|
pass := "foo"
|
||||||
k1, err := ks.GenerateNewKey(randentropy.Reader, pass)
|
k1, err := ks.GenerateNewKey(randentropy.Reader, pass)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -110,7 +110,7 @@ func TestImportPreSaleKey(t *testing.T) {
|
|||||||
// python pyethsaletool.py genwallet
|
// python pyethsaletool.py genwallet
|
||||||
// with password "foo"
|
// with password "foo"
|
||||||
fileContent := "{\"encseed\": \"26d87f5f2bf9835f9a47eefae571bc09f9107bb13d54ff12a4ec095d01f83897494cf34f7bed2ed34126ecba9db7b62de56c9d7cd136520a0427bfb11b8954ba7ac39b90d4650d3448e31185affcd74226a68f1e94b1108e6e0a4a91cdd83eba\", \"ethaddr\": \"d4584b5f6229b7be90727b0fc8c6b91bb427821f\", \"email\": \"gustav.simonsson@gmail.com\", \"btcaddr\": \"1EVknXyFC68kKNLkh6YnKzW41svSRoaAcx\"}"
|
fileContent := "{\"encseed\": \"26d87f5f2bf9835f9a47eefae571bc09f9107bb13d54ff12a4ec095d01f83897494cf34f7bed2ed34126ecba9db7b62de56c9d7cd136520a0427bfb11b8954ba7ac39b90d4650d3448e31185affcd74226a68f1e94b1108e6e0a4a91cdd83eba\", \"ethaddr\": \"d4584b5f6229b7be90727b0fc8c6b91bb427821f\", \"email\": \"gustav.simonsson@gmail.com\", \"btcaddr\": \"1EVknXyFC68kKNLkh6YnKzW41svSRoaAcx\"}"
|
||||||
ks := NewKeyStorePassphrase(common.DefaultDataDir())
|
ks := NewKeyStorePassphrase(common.DefaultDataDir(), LightScryptN, LightScryptP)
|
||||||
pass := "foo"
|
pass := "foo"
|
||||||
_, err := ImportPreSaleKey(ks, []byte(fileContent), pass)
|
_, err := ImportPreSaleKey(ks, []byte(fileContent), pass)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -168,7 +168,7 @@ func TestV1_1(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestV1_2(t *testing.T) {
|
func TestV1_2(t *testing.T) {
|
||||||
ks := NewKeyStorePassphrase("tests/v1")
|
ks := NewKeyStorePassphrase("tests/v1", LightScryptN, LightScryptP)
|
||||||
addr := common.HexToAddress("cb61d5a9c4896fb9658090b597ef0e7be6f7b67e")
|
addr := common.HexToAddress("cb61d5a9c4896fb9658090b597ef0e7be6f7b67e")
|
||||||
k, err := ks.GetKey(addr, "g")
|
k, err := ks.GetKey(addr, "g")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -162,7 +162,7 @@ func runBlockTests(bt map[string]*BlockTest, skipTests []string) error {
|
|||||||
|
|
||||||
}
|
}
|
||||||
func runBlockTest(test *BlockTest) error {
|
func runBlockTest(test *BlockTest) error {
|
||||||
ks := crypto.NewKeyStorePassphrase(filepath.Join(common.DefaultDataDir(), "keystore"))
|
ks := crypto.NewKeyStorePassphrase(filepath.Join(common.DefaultDataDir(), "keystore"), crypto.StandardScryptN, crypto.StandardScryptP)
|
||||||
am := accounts.NewManager(ks)
|
am := accounts.NewManager(ks)
|
||||||
db, _ := ethdb.NewMemDatabase()
|
db, _ := ethdb.NewMemDatabase()
|
||||||
cfg := ð.Config{
|
cfg := ð.Config{
|
||||||
|
Loading…
Reference in New Issue
Block a user