From 772e7e8c8df066a64726b23bde84b6025c5af318 Mon Sep 17 00:00:00 2001 From: zelig Date: Sun, 29 Jun 2014 16:02:23 +0100 Subject: [PATCH] Key Manager - keypair, keyring: -- consistent naming of methods -- error propagation -- no panic - keyManager: persist, import, export, initialize and (re)set keyring - no global public "singleton" keyring, instead interface via keyManager - keys test - KeyStore interface, DB and File store implementations --- ethcrypto/key_manager.go | 121 ++++++++++++++++++++++++++++++++++++++ ethcrypto/key_store.go | 112 +++++++++++++++++++++++++++++++++++ ethcrypto/keypair.go | 41 +++++++++++++ ethcrypto/keyring.go | 118 +++++++++++++++++++++++++++++++++++++ ethcrypto/keys_test.go | 122 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 514 insertions(+) create mode 100644 ethcrypto/key_manager.go create mode 100644 ethcrypto/key_store.go create mode 100644 ethcrypto/keypair.go create mode 100644 ethcrypto/keyring.go create mode 100644 ethcrypto/keys_test.go diff --git a/ethcrypto/key_manager.go b/ethcrypto/key_manager.go new file mode 100644 index 000000000..dcbc7b77e --- /dev/null +++ b/ethcrypto/key_manager.go @@ -0,0 +1,121 @@ +package ethcrypto + +import ( + "fmt" + "github.com/ethereum/eth-go/ethutil" + "sync" +) + +type KeyManager struct { + keyRing *KeyRing + session string + keyStore KeyStore // interface + keyRings map[string]*KeyRing // cache + keyPair *KeyPair +} + +func NewDBKeyManager(db ethutil.Database) *KeyManager { + return &KeyManager{keyStore: &DBKeyStore{db: db}, keyRings: make(map[string]*KeyRing)} +} + +func NewFileKeyManager(basedir string) *KeyManager { + return &KeyManager{keyStore: &FileKeyStore{basedir: basedir}, keyRings: make(map[string]*KeyRing)} +} + +func (k *KeyManager) KeyPair() *KeyPair { + return k.keyPair +} + +func (k *KeyManager) KeyRing() *KeyPair { + return k.keyPair +} + +func (k *KeyManager) PrivateKey() []byte { + return k.keyPair.PrivateKey +} + +func (k *KeyManager) PublicKey() []byte { + return k.keyPair.PublicKey +} + +func (k *KeyManager) Address() []byte { + return k.keyPair.Address() +} + +func (k *KeyManager) save(session string, keyRing *KeyRing) error { + err := k.keyStore.Save(session, keyRing) + if err != nil { + return err + } + k.keyRings[session] = keyRing + return nil +} + +func (k *KeyManager) load(session string) (*KeyRing, error) { + keyRing, found := k.keyRings[session] + if !found { + var err error + keyRing, err = k.keyStore.Load(session) + if err != nil { + return nil, err + } + } + return keyRing, nil +} + +func cursorError(cursor int, len int) error { + return fmt.Errorf("cursor %d out of range (0..%d)", cursor, len) +} + +func (k *KeyManager) reset(session string, cursor int, keyRing *KeyRing) error { + if cursor >= keyRing.Len() { + return cursorError(cursor, keyRing.Len()) + } + lock := &sync.Mutex{} + lock.Lock() + defer lock.Unlock() + err := k.save(session, keyRing) + if err != nil { + return err + } + k.session = session + k.keyRing = keyRing + k.keyPair = keyRing.GetKeyPair(cursor) + return nil +} + +func (k *KeyManager) SetCursor(cursor int) error { + if cursor >= k.keyRing.Len() { + return cursorError(cursor, k.keyRing.Len()) + } + k.keyPair = k.keyRing.GetKeyPair(cursor) + return nil +} + +func (k *KeyManager) Init(session string, cursor int, force bool) error { + var keyRing *KeyRing + if !force { + var err error + keyRing, err = k.load(session) + if err != nil { + return err + } + } + if keyRing == nil { + keyRing = NewGeneratedKeyRing(1) + } + return k.reset(session, cursor, keyRing) +} + +func (k *KeyManager) InitFromSecretsFile(session string, cursor int, secretsfile string) error { + keyRing, err := NewKeyRingFromFile(secretsfile) + if err != nil { + return err + } + return k.reset(session, cursor, keyRing) +} + +func (k *KeyManager) Export(dir string) error { + fileKeyStore := FileKeyStore{dir} + return fileKeyStore.Save(k.session, k.keyRing) +} diff --git a/ethcrypto/key_store.go b/ethcrypto/key_store.go new file mode 100644 index 000000000..c8c506fda --- /dev/null +++ b/ethcrypto/key_store.go @@ -0,0 +1,112 @@ +package ethcrypto + +import ( + "fmt" + "github.com/ethereum/eth-go/ethutil" + "io/ioutil" + "os" + "path" + "strings" +) + +type KeyStore interface { + Load(string) (*KeyRing, error) + Save(string, *KeyRing) error +} + +type DBKeyStore struct { + db ethutil.Database +} + +const dbKeyPrefix = "KeyRing" + +func (k *DBKeyStore) dbKey(session string) []byte { + return []byte(fmt.Sprintf("%s%s", dbKeyPrefix, session)) +} + +func (k *DBKeyStore) Save(session string, keyRing *KeyRing) error { + k.db.Put(k.dbKey(session), keyRing.RlpEncode()) + return nil +} + +func (k *DBKeyStore) Load(session string) (*KeyRing, error) { + data, err := k.db.Get(k.dbKey(session)) + if err != nil { + return nil, err + } + var keyRing *KeyRing + keyRing, err = NewKeyRingFromBytes(data) + if err != nil { + return nil, err + } + // if empty keyRing is found we return nil, no error + if keyRing.Len() == 0 { + return nil, nil + } + return keyRing, nil +} + +type FileKeyStore struct { + basedir string +} + +func (k *FileKeyStore) Save(session string, keyRing *KeyRing) error { + var content []byte + var err error + var privateKeys []string + var publicKeys []string + var mnemonics []string + var addresses []string + keyRing.Each(func(keyPair *KeyPair) { + privateKeys = append(privateKeys, ethutil.Bytes2Hex(keyPair.PrivateKey)) + publicKeys = append(publicKeys, ethutil.Bytes2Hex(keyPair.PublicKey)) + addresses = append(addresses, ethutil.Bytes2Hex(keyPair.Address())) + mnemonics = append(mnemonics, strings.Join(MnemonicEncode(ethutil.Bytes2Hex(keyPair.PrivateKey)), " ")) + }) + + basename := session + if session == "" { + basename = "default" + } + + path := path.Join(k.basedir, basename) + content = []byte(strings.Join(privateKeys, "\n")) + err = ioutil.WriteFile(path+".prv", content, 0600) + if err != nil { + return err + } + + content = []byte(strings.Join(publicKeys, "\n")) + err = ioutil.WriteFile(path+".pub", content, 0644) + if err != nil { + return err + } + + content = []byte(strings.Join(addresses, "\n")) + err = ioutil.WriteFile(path+".addr", content, 0644) + if err != nil { + return err + } + + content = []byte(strings.Join(mnemonics, "\n")) + err = ioutil.WriteFile(path+".mne", content, 0600) + if err != nil { + return err + } + + return nil +} + +func (k *FileKeyStore) Load(session string) (*KeyRing, error) { + basename := session + if session == "" { + basename = "default" + } + secfile := path.Join(k.basedir, basename+".prv") + _, err := os.Stat(secfile) + // if file is not found then we return nil, no error + if err != nil { + return nil, nil + } + return NewKeyRingFromFile(secfile) +} diff --git a/ethcrypto/keypair.go b/ethcrypto/keypair.go new file mode 100644 index 000000000..ae9db3698 --- /dev/null +++ b/ethcrypto/keypair.go @@ -0,0 +1,41 @@ +package ethcrypto + +import ( + "github.com/ethereum/eth-go/ethutil" + "github.com/obscuren/secp256k1-go" +) + +type KeyPair struct { + PrivateKey []byte + PublicKey []byte + + // The associated account + // account *StateObject +} + +func GenerateNewKeyPair() *KeyPair { + _, prv := secp256k1.GenerateKeyPair() + keyPair, _ := NewKeyPairFromSec(prv) // swallow error, this one cannot err + return keyPair +} + +func NewKeyPairFromSec(seckey []byte) (*KeyPair, error) { + pubkey, err := secp256k1.GeneratePubKey(seckey) + if err != nil { + return nil, err + } + + return &KeyPair{PrivateKey: seckey, PublicKey: pubkey}, nil +} + +func (k *KeyPair) Address() []byte { + return Sha3Bin(k.PublicKey[1:])[12:] +} + +func (k *KeyPair) RlpEncode() []byte { + return k.RlpValue().Encode() +} + +func (k *KeyPair) RlpValue() *ethutil.Value { + return ethutil.NewValue(k.PrivateKey) +} diff --git a/ethcrypto/keyring.go b/ethcrypto/keyring.go new file mode 100644 index 000000000..277fa2134 --- /dev/null +++ b/ethcrypto/keyring.go @@ -0,0 +1,118 @@ +package ethcrypto + +import ( + "fmt" + "github.com/ethereum/eth-go/ethutil" + "io/ioutil" + "strings" +) + +type KeyRing struct { + keys []*KeyPair +} + +func NewKeyRing() *KeyRing { + return &KeyRing{} +} + +func (k *KeyRing) AddKeyPair(keyPair *KeyPair) { + k.keys = append(k.keys, keyPair) +} + +func (k *KeyRing) GetKeyPair(i int) *KeyPair { + if len(k.keys) > i { + return k.keys[i] + } + + return nil +} + +func (k *KeyRing) Empty() bool { + return k.Len() == 0 +} + +func (k *KeyRing) Len() int { + return len(k.keys) +} + +func (k *KeyRing) Each(f func(*KeyPair)) { + for _, keyPair := range k.keys { + f(keyPair) + } +} + +func NewGeneratedKeyRing(len int) *KeyRing { + keyRing := NewKeyRing() + for i := 0; i < len; i++ { + keyRing.AddKeyPair(GenerateNewKeyPair()) + } + return keyRing +} + +func NewKeyRingFromFile(secfile string) (*KeyRing, error) { + var content []byte + var err error + content, err = ioutil.ReadFile(secfile) + if err != nil { + return nil, err + } + keyRing, err := NewKeyRingFromString(string(content)) + if err != nil { + return nil, err + } + return keyRing, nil +} + +func NewKeyRingFromString(content string) (*KeyRing, error) { + secretStrings := strings.Split(content, "\n") + var secrets [][]byte + for _, secretString := range secretStrings { + secret := secretString + words := strings.Split(secretString, " ") + if len(words) == 24 { + secret = MnemonicDecode(words) + } else if len(words) != 1 { + return nil, fmt.Errorf("Unrecognised key format") + } + secrets = append(secrets, ethutil.Hex2Bytes(secret)) + } + return NewKeyRingFromSecrets(secrets) +} + +func NewKeyRingFromSecrets(secs [][]byte) (*KeyRing, error) { + keyRing := NewKeyRing() + for _, sec := range secs { + keyPair, err := NewKeyPairFromSec(sec) + if err != nil { + return nil, err + } + keyRing.AddKeyPair(keyPair) + } + return keyRing, nil +} + +func NewKeyRingFromBytes(data []byte) (*KeyRing, error) { + var secrets [][]byte + it := ethutil.NewValueFromBytes(data).NewIterator() + for it.Next() { + secret := it.Value().Bytes() + secrets = append(secrets, secret) + } + keyRing, err := NewKeyRingFromSecrets(secrets) + if err != nil { + return nil, err + } + return keyRing, nil +} + +func (k *KeyRing) RlpEncode() []byte { + return k.RlpValue().Encode() +} + +func (k *KeyRing) RlpValue() *ethutil.Value { + v := ethutil.EmptyValue() + k.Each(func(keyPair *KeyPair) { + v.Append(keyPair.RlpValue()) + }) + return v +} diff --git a/ethcrypto/keys_test.go b/ethcrypto/keys_test.go new file mode 100644 index 000000000..3ebf4e818 --- /dev/null +++ b/ethcrypto/keys_test.go @@ -0,0 +1,122 @@ +package ethcrypto + +import ( + "github.com/ethereum/eth-go/ethdb" + // "io/ioutil" + "fmt" + "os" + "path" + "testing" +) + +// test if persistence layer works +func TestDBKeyManager(t *testing.T) { + memdb, _ := ethdb.NewMemDatabase() + keyManager0 := NewDBKeyManager(memdb) + err := keyManager0.Init("", 0, false) + if err != nil { + t.Error("Unexpected error: ", err) + } + keyManager1 := NewDBKeyManager(memdb) + err = keyManager1.Init("", 0, false) + if err != nil { + t.Error("Unexpected error: ", err) + } + if string(keyManager0.PrivateKey()) != string(keyManager1.PrivateKey()) { + t.Error("Expected private keys %x, %x, to be identical via db persistence", keyManager0.PrivateKey(), keyManager1.PrivateKey()) + } + err = keyManager1.Init("", 0, true) + if err != nil { + t.Error("Unexpected error: ", err) + } + if string(keyManager0.PrivateKey()) == string(keyManager1.PrivateKey()) { + t.Error("Expected private keys %x, %x, to be be different despite db persistence if force generate", keyManager0.PrivateKey(), keyManager1.PrivateKey()) + } +} + +func TestFileKeyManager(t *testing.T) { + basedir0 := "/tmp/ethtest0" + os.RemoveAll(basedir0) + os.Mkdir(basedir0, 0777) + + keyManager0 := NewFileKeyManager(basedir0) + err := keyManager0.Init("", 0, false) + if err != nil { + t.Error("Unexpected error: ", err) + } + + keyManager1 := NewFileKeyManager(basedir0) + + err = keyManager1.Init("", 0, false) + if err != nil { + t.Error("Unexpected error: ", err) + } + if string(keyManager0.PrivateKey()) != string(keyManager1.PrivateKey()) { + t.Error("Expected private keys %x, %x, to be identical via db persistence", keyManager0.PrivateKey(), keyManager1.PrivateKey()) + } + + err = keyManager1.Init("", 0, true) + if err != nil { + t.Error("Unexpected error: ", err) + } + if string(keyManager0.PrivateKey()) == string(keyManager1.PrivateKey()) { + t.Error("Expected private keys %x, %x, to be be different despite db persistence if force generate", keyManager0.PrivateKey(), keyManager1.PrivateKey()) + } +} + +// cursor errors +func TestCursorErrors(t *testing.T) { + memdb, _ := ethdb.NewMemDatabase() + keyManager0 := NewDBKeyManager(memdb) + err := keyManager0.Init("", 0, false) + err = keyManager0.Init("", 1, false) + if err == nil { + t.Error("Expected cursor error") + } + err = keyManager0.SetCursor(1) + if err == nil { + t.Error("Expected cursor error") + } +} + +func TestExportImport(t *testing.T) { + memdb, _ := ethdb.NewMemDatabase() + keyManager0 := NewDBKeyManager(memdb) + err := keyManager0.Init("", 0, false) + basedir0 := "/tmp/ethtest0" + os.RemoveAll(basedir0) + os.Mkdir(basedir0, 0777) + keyManager0.Export(basedir0) + + keyManager1 := NewFileKeyManager(basedir0) + err = keyManager1.Init("", 0, false) + if err != nil { + t.Error("Unexpected error: ", err) + } + fmt.Printf("keyRing: %v\n", keyManager0.KeyPair()) + fmt.Printf("keyRing: %v\n", keyManager1.KeyPair()) + if string(keyManager0.PrivateKey()) != string(keyManager1.PrivateKey()) { + t.Error("Expected private keys %x, %x, to be identical via export to filestore basedir", keyManager0.PrivateKey(), keyManager1.PrivateKey()) + } + path.Join("") + + // memdb, _ = ethdb.NewMemDatabase() + // keyManager2 := NewDBKeyManager(memdb) + // err = keyManager2.InitFromSecretsFile("", 0, path.Join(basedir0, "default.prv")) + // if err != nil { + // t.Error("Unexpected error: ", err) + // } + // if string(keyManager0.PrivateKey()) != string(keyManager2.PrivateKey()) { + // t.Error("Expected private keys %s, %s, to be identical via export/import prv", keyManager0.PrivateKey(), keyManager1.PrivateKey()) + // } + + // memdb, _ = ethdb.NewMemDatabase() + // keyManager3 := NewDBKeyManager(memdb) + // err = keyManager3.InitFromSecretsFile("", 0, path.Join(basedir0, "default.mne")) + // if err != nil { + // t.Error("Unexpected error: ", err) + // } + // if string(keyManager0.PrivateKey()) != string(keyManager3.PrivateKey()) { + // t.Error("Expected private keys %s, %s, to be identical via export/import mnemonic file", keyManager0.PrivateKey(), keyManager1.PrivateKey()) + // } +}