Browse Source

allow reencrypting key.

windows fix.
cl-refactor
Gav Wood 10 years ago
parent
commit
29cbfdb25d
  1. 6
      alethzero/Main.ui
  2. 16
      alethzero/MainWin.cpp
  3. 1
      alethzero/MainWin.h
  4. 47
      libdevcrypto/SecretStore.cpp
  5. 8
      libdevcrypto/SecretStore.h
  6. 33
      libethereum/KeyManager.cpp
  7. 3
      libethereum/KeyManager.h
  8. 2
      libscrypt/crypto-mcf.c

6
alethzero/Main.ui

@ -159,6 +159,7 @@
<addaction name="importKeyFile"/> <addaction name="importKeyFile"/>
<addaction name="claimPresale"/> <addaction name="claimPresale"/>
<addaction name="exportKey"/> <addaction name="exportKey"/>
<addaction name="reencryptKey"/>
<addaction name="killAccount"/> <addaction name="killAccount"/>
<addaction name="separator"/> <addaction name="separator"/>
<addaction name="loadJS"/> <addaction name="loadJS"/>
@ -1751,6 +1752,11 @@ font-size: 14pt</string>
<string>Import &amp;Secret Key File...</string> <string>Import &amp;Secret Key File...</string>
</property> </property>
</action> </action>
<action name="reencryptKey">
<property name="text">
<string>&amp;Re-encrypt Key</string>
</property>
</action>
</widget> </widget>
<layoutdefault spacing="6" margin="11"/> <layoutdefault spacing="6" margin="11"/>
<customwidgets> <customwidgets>

16
alethzero/MainWin.cpp

@ -2016,7 +2016,7 @@ void Main::on_killAccount_triggered()
{ {
if (ui->ourAccounts->currentRow() >= 0) if (ui->ourAccounts->currentRow() >= 0)
{ {
auto hba = ui->accounts->currentItem()->data(Qt::UserRole).toByteArray(); auto hba = ui->ourAccounts->currentItem()->data(Qt::UserRole).toByteArray();
Address h((byte const*)hba.data(), Address::ConstructFromPointer); Address h((byte const*)hba.data(), Address::ConstructFromPointer);
auto k = m_keyManager.accountDetails()[h]; auto k = m_keyManager.accountDetails()[h];
if ( if (
@ -2036,6 +2036,20 @@ void Main::on_killAccount_triggered()
} }
} }
void Main::on_reencryptKey_triggered()
{
if (ui->ourAccounts->currentRow() >= 0)
{
auto hba = ui->ourAccounts->currentItem()->data(Qt::UserRole).toByteArray();
Address a((byte const*)hba.data(), Address::ConstructFromPointer);
QStringList kdfs = {"PBKDF2-SHA256", "Scrypt"};
QString kdf = QInputDialog::getItem(this, "Re-Encrypt Key", "Select a key derivation function to use for storing your key:", kdfs);
m_keyManager.reencode(a, [&](){
return QInputDialog::getText(nullptr, "Re-Encrypt Key", "Enter the password for this key to re-encrypt it.", QLineEdit::Password, QString()).toStdString();
}, (KDF)kdfs.indexOf(kdf));
}
}
void Main::on_go_triggered() void Main::on_go_triggered()
{ {
if (!ui->net->isChecked()) if (!ui->net->isChecked())

1
alethzero/MainWin.h

@ -137,6 +137,7 @@ private slots:
void on_newAccount_triggered(); void on_newAccount_triggered();
void on_killAccount_triggered(); void on_killAccount_triggered();
void on_importKey_triggered(); void on_importKey_triggered();
void on_reencryptKey_triggered();
void on_importKeyFile_triggered(); void on_importKeyFile_triggered();
void on_claimPresale_triggered(); void on_claimPresale_triggered();
void on_exportKey_triggered(); void on_exportKey_triggered();

47
libdevcrypto/SecretStore.cpp

@ -169,24 +169,51 @@ h128 SecretStore::readKey(std::string const& _file, bool _deleteFile)
return h128(); return h128();
} }
std::string SecretStore::encrypt(bytes const& _v, std::string const& _pass) void SecretStore::recode(h128 const& _uuid, string const& _pass, KDF _kdf)
{
m_keys[_uuid].first = encrypt(secret(_uuid, [&](){ return _pass; }), _pass, _kdf);
save();
}
std::string SecretStore::encrypt(bytes const& _v, std::string const& _pass, KDF _kdf)
{ {
js::mObject ret; js::mObject ret;
// KDF info // KDF info
unsigned dklen = 16; unsigned dklen = 16;
unsigned iterations = 262144;
bytes salt = h256::random().asBytes(); bytes salt = h256::random().asBytes();
ret["kdf"] = "pbkdf2"; bytes derivedKey;
if (_kdf == KDF::Scrypt)
{ {
js::mObject params; unsigned iterations = 262144;
params["prf"] = "hmac-sha256"; unsigned p = 262144;
params["c"] = (int)iterations; unsigned r = 262144;
params["salt"] = toHex(salt); ret["kdf"] = "scrypt";
params["dklen"] = (int)dklen; {
ret["kdfparams"] = params; js::mObject params;
params["n"] = (int)iterations;
params["p"] = 1;
params["r"] = 8;
params["dklen"] = (int)dklen;
params["salt"] = toHex(salt);
ret["kdfparams"] = params;
}
derivedKey = scrypt(_pass, salt, iterations, p, r, dklen);
}
else
{
unsigned iterations = 262144;
ret["kdf"] = "pbkdf2";
{
js::mObject params;
params["prf"] = "hmac-sha256";
params["c"] = (int)iterations;
params["salt"] = toHex(salt);
params["dklen"] = (int)dklen;
ret["kdfparams"] = params;
}
derivedKey = pbkdf2(_pass, salt, iterations, dklen);
} }
bytes derivedKey = pbkdf2(_pass, salt, iterations, dklen);
// cipher info // cipher info
ret["cipher"] = "aes-128-cbc"; ret["cipher"] = "aes-128-cbc";

8
libdevcrypto/SecretStore.h

@ -30,6 +30,11 @@
namespace dev namespace dev
{ {
enum class KDF {
PBKDF2_SHA256,
Scrypt,
};
class SecretStore class SecretStore
{ {
public: public:
@ -39,6 +44,7 @@ public:
bytes secret(h128 const& _uuid, std::function<std::string()> const& _pass, bool _useCache = true) const; bytes secret(h128 const& _uuid, std::function<std::string()> const& _pass, bool _useCache = true) const;
h128 importKey(std::string const& _file) { auto ret = readKey(_file, false); if (ret) save(); return ret; } h128 importKey(std::string const& _file) { auto ret = readKey(_file, false); if (ret) save(); return ret; }
h128 importSecret(bytes const& _s, std::string const& _pass); h128 importSecret(bytes const& _s, std::string const& _pass);
void recode(h128 const& _uuid, std::string const& _pass, KDF _kdf = KDF::Scrypt);
void kill(h128 const& _uuid); void kill(h128 const& _uuid);
// Clear any cached keys. // Clear any cached keys.
@ -47,7 +53,7 @@ public:
private: private:
void save(std::string const& _keysPath = getDataDir("web3") + "/keys"); void save(std::string const& _keysPath = getDataDir("web3") + "/keys");
void load(std::string const& _keysPath = getDataDir("web3") + "/keys"); void load(std::string const& _keysPath = getDataDir("web3") + "/keys");
static std::string encrypt(bytes const& _v, std::string const& _pass); static std::string encrypt(bytes const& _v, std::string const& _pass, KDF _kdf = KDF::Scrypt);
static bytes decrypt(std::string const& _v, std::string const& _pass); static bytes decrypt(std::string const& _v, std::string const& _pass);
h128 readKey(std::string const& _file, bool _deleteFile); h128 readKey(std::string const& _file, bool _deleteFile);

33
libethereum/KeyManager.cpp

@ -49,6 +49,12 @@ void KeyManager::create(std::string const& _pass)
write(_pass, m_keysFile); write(_pass, m_keysFile);
} }
void KeyManager::reencode(Address const& _address, std::function<string()> const& _pass, KDF _kdf)
{
h128 u = uuid(_address);
store().recode(u, getPassword(u, _pass), _kdf);
}
bool KeyManager::load(std::string const& _pass) bool KeyManager::load(std::string const& _pass)
{ {
try { try {
@ -89,18 +95,21 @@ Secret KeyManager::secret(Address const& _address, function<std::string()> const
Secret KeyManager::secret(h128 const& _uuid, function<std::string()> const& _pass) const Secret KeyManager::secret(h128 const& _uuid, function<std::string()> const& _pass) const
{ {
return Secret(m_store.secret(_uuid, [&](){ return Secret(m_store.secret(_uuid, [&](){ return getPassword(_uuid, _pass); }));
auto kit = m_keyInfo.find(_uuid); }
if (kit != m_keyInfo.end())
{ std::string KeyManager::getPassword(h128 const& _uuid, function<std::string()> const& _pass) const
auto it = m_cachedPasswords.find(kit->second.passHash); {
if (it != m_cachedPasswords.end()) auto kit = m_keyInfo.find(_uuid);
return it->second; if (kit != m_keyInfo.end())
} {
std::string p = _pass(); auto it = m_cachedPasswords.find(kit->second.passHash);
m_cachedPasswords[hashPassword(p)] = p; if (it != m_cachedPasswords.end())
return p; return it->second;
})); }
std::string p = _pass();
m_cachedPasswords[hashPassword(p)] = p;
return p;
} }
h128 KeyManager::uuid(Address const& _a) const h128 KeyManager::uuid(Address const& _a) const

3
libethereum/KeyManager.h

@ -84,10 +84,13 @@ public:
Secret secret(Address const& _address, std::function<std::string()> const& _pass = DontKnowThrow) const; Secret secret(Address const& _address, std::function<std::string()> const& _pass = DontKnowThrow) const;
Secret secret(h128 const& _uuid, std::function<std::string()> const& _pass = DontKnowThrow) const; Secret secret(h128 const& _uuid, std::function<std::string()> const& _pass = DontKnowThrow) const;
void reencode(Address const& _address, std::function<std::string()> const& _pass = DontKnowThrow, KDF _kdf = KDF::Scrypt);
void kill(h128 const& _id) { kill(address(_id)); } void kill(h128 const& _id) { kill(address(_id)); }
void kill(Address const& _a); void kill(Address const& _a);
private: private:
std::string getPassword(h128 const& _uuid, std::function<std::string()> const& _pass = DontKnowThrow) const;
std::string defaultPassword() const { return asString(m_key.ref()); } std::string defaultPassword() const { return asString(m_key.ref()); }
h256 hashPassword(std::string const& _pass) const; h256 hashPassword(std::string const& _pass) const;

2
libscrypt/crypto-mcf.c

@ -7,7 +7,7 @@
#include <math.h> #include <math.h>
#ifndef S_SPLINT_S /* Including this here triggers a known bug in splint */ #ifndef S_SPLINT_S /* Including this here triggers a known bug in splint */
#include <unistd.h> //#include <unistd.h>
#endif #endif
#include "libscrypt.h" #include "libscrypt.h"

Loading…
Cancel
Save