You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
409 lines
10 KiB
409 lines
10 KiB
/*
|
|
This file is part of cpp-ethereum.
|
|
|
|
cpp-ethereum is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
cpp-ethereum is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with cpp-ethereum. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
/** @file KeyManager.cpp
|
|
* @author Gav Wood <i@gavwood.com>
|
|
* @date 2014
|
|
*/
|
|
|
|
#include "KeyManager.h"
|
|
#include <thread>
|
|
#include <mutex>
|
|
#include <boost/filesystem.hpp>
|
|
#include <test/JsonSpiritHeaders.h>
|
|
#include <libdevcore/Log.h>
|
|
#include <libdevcore/Guards.h>
|
|
#include <libdevcore/RLP.h>
|
|
#include <libdevcore/SHA3.h>
|
|
using namespace std;
|
|
using namespace dev;
|
|
using namespace eth;
|
|
namespace js = json_spirit;
|
|
namespace fs = boost::filesystem;
|
|
|
|
KeyManager::KeyManager(string const& _keysFile, string const& _secretsPath):
|
|
m_keysFile(_keysFile), m_store(_secretsPath)
|
|
{}
|
|
|
|
KeyManager::~KeyManager()
|
|
{}
|
|
|
|
bool KeyManager::exists() const
|
|
{
|
|
return !contents(m_keysFile + ".salt").empty() && !contents(m_keysFile).empty();
|
|
}
|
|
|
|
void KeyManager::create(string const& _pass)
|
|
{
|
|
m_defaultPasswordDeprecated = asString(h256::random().asBytes());
|
|
write(_pass, m_keysFile);
|
|
}
|
|
|
|
bool KeyManager::recode(Address const& _address, string const& _newPass, string const& _hint, function<string()> const& _pass, KDF _kdf)
|
|
{
|
|
noteHint(_newPass, _hint);
|
|
h128 u = uuid(_address);
|
|
if (!store().recode(u, _newPass, [&](){ return getPassword(u, _pass); }, _kdf))
|
|
return false;
|
|
|
|
m_keyInfo[_address].passHash = hashPassword(_newPass);
|
|
write();
|
|
return true;
|
|
}
|
|
|
|
bool KeyManager::recode(Address const& _address, SemanticPassword _newPass, function<string()> const& _pass, KDF _kdf)
|
|
{
|
|
h128 u = uuid(_address);
|
|
string p;
|
|
if (_newPass == SemanticPassword::Existing)
|
|
p = getPassword(u, _pass);
|
|
else if (_newPass == SemanticPassword::Master)
|
|
p = defaultPassword();
|
|
else
|
|
return false;
|
|
|
|
return recode(_address, p, string(), _pass, _kdf);
|
|
}
|
|
|
|
bool KeyManager::load(string const& _pass)
|
|
{
|
|
try
|
|
{
|
|
bytes salt = contents(m_keysFile + ".salt");
|
|
bytes encKeys = contents(m_keysFile);
|
|
if (encKeys.empty())
|
|
return false;
|
|
m_keysFileKey = SecureFixedHash<16>(pbkdf2(_pass, salt, 262144, 16));
|
|
bytesSec bs = decryptSymNoAuth(m_keysFileKey, h128(), &encKeys);
|
|
RLP s(bs.ref());
|
|
unsigned version = unsigned(s[0]);
|
|
if (version == 1)
|
|
{
|
|
for (auto const& i: s[1])
|
|
{
|
|
h128 uuid(i[1]);
|
|
Address addr(i[0]);
|
|
if (uuid)
|
|
{
|
|
if (m_store.contains(uuid))
|
|
{
|
|
m_addrLookup[addr] = uuid;
|
|
m_uuidLookup[uuid] = addr;
|
|
m_keyInfo[addr] = KeyInfo(h256(i[2]), string(i[3]), i.itemCount() > 4 ? string(i[4]) : "");
|
|
}
|
|
else
|
|
cwarn << "Missing key:" << uuid << addr;
|
|
}
|
|
else
|
|
{
|
|
// TODO: brain wallet.
|
|
m_keyInfo[addr] = KeyInfo(h256(i[2]), string(i[3]), i.itemCount() > 4 ? string(i[4]) : "");
|
|
}
|
|
// cdebug << toString(addr) << toString(uuid) << toString((h256)i[2]) << (string)i[3];
|
|
}
|
|
|
|
for (auto const& i: s[2])
|
|
m_passwordHint[h256(i[0])] = string(i[1]);
|
|
m_defaultPasswordDeprecated = string(s[3]);
|
|
}
|
|
// cdebug << hashPassword(m_password) << toHex(m_password);
|
|
cachePassword(m_defaultPasswordDeprecated);
|
|
// cdebug << hashPassword(asString(m_key.ref())) << m_key.hex();
|
|
cachePassword(asString(m_keysFileKey.ref()));
|
|
// cdebug << hashPassword(_pass) << _pass;
|
|
m_master = hashPassword(_pass);
|
|
cachePassword(_pass);
|
|
return true;
|
|
}
|
|
catch (...)
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
|
|
Secret KeyManager::secret(Address const& _address, function<string()> const& _pass) const
|
|
{
|
|
auto it = m_keyInfo.find(_address);
|
|
if (it == m_keyInfo.end())
|
|
return Secret();
|
|
if (m_addrLookup.count(_address))
|
|
return secret(m_addrLookup.at(_address), _pass);
|
|
else
|
|
return brain(_pass());
|
|
}
|
|
|
|
Secret KeyManager::secret(h128 const& _uuid, function<string()> const& _pass) const
|
|
{
|
|
return Secret(m_store.secret(_uuid, [&](){ return getPassword(_uuid, _pass); }));
|
|
}
|
|
|
|
string KeyManager::getPassword(h128 const& _uuid, function<string()> const& _pass) const
|
|
{
|
|
h256 ph;
|
|
auto ait = m_uuidLookup.find(_uuid);
|
|
if (ait != m_uuidLookup.end())
|
|
{
|
|
auto kit = m_keyInfo.find(ait->second);
|
|
if (kit != m_keyInfo.end())
|
|
ph = kit->second.passHash;
|
|
}
|
|
return getPassword(ph, _pass);
|
|
}
|
|
|
|
string KeyManager::getPassword(h256 const& _passHash, function<string()> const& _pass) const
|
|
{
|
|
auto it = m_cachedPasswords.find(_passHash);
|
|
if (it != m_cachedPasswords.end())
|
|
return it->second;
|
|
for (unsigned i = 0; i < 10; ++i)
|
|
{
|
|
string p = _pass();
|
|
if (p.empty())
|
|
break;
|
|
if (_passHash == UnknownPassword || hashPassword(p) == _passHash)
|
|
{
|
|
cachePassword(p);
|
|
return p;
|
|
}
|
|
}
|
|
return string();
|
|
}
|
|
|
|
h128 KeyManager::uuid(Address const& _a) const
|
|
{
|
|
auto it = m_addrLookup.find(_a);
|
|
if (it == m_addrLookup.end())
|
|
return h128();
|
|
return it->second;
|
|
}
|
|
|
|
Address KeyManager::address(h128 const& _uuid) const
|
|
{
|
|
auto it = m_uuidLookup.find(_uuid);
|
|
if (it == m_uuidLookup.end())
|
|
return Address();
|
|
return it->second;
|
|
}
|
|
|
|
h128 KeyManager::import(Secret const& _s, string const& _accountName, string const& _pass, string const& _passwordHint)
|
|
{
|
|
Address addr = KeyPair(_s).address();
|
|
auto passHash = hashPassword(_pass);
|
|
cachePassword(_pass);
|
|
m_passwordHint[passHash] = _passwordHint;
|
|
auto uuid = m_store.importSecret(_s.asBytesSec(), _pass);
|
|
m_keyInfo[addr] = KeyInfo{passHash, _accountName, ""};
|
|
m_addrLookup[addr] = uuid;
|
|
m_uuidLookup[uuid] = addr;
|
|
write(m_keysFile);
|
|
return uuid;
|
|
}
|
|
|
|
Secret KeyManager::brain(string const& _seed)
|
|
{
|
|
h256 r = sha3(_seed);
|
|
for (auto i = 0; i < 16384; ++i)
|
|
r = sha3(r);
|
|
Secret ret(r);
|
|
r.ref().cleanse();
|
|
while (toAddress(ret)[0])
|
|
ret = sha3(ret);
|
|
return ret;
|
|
}
|
|
|
|
Secret KeyManager::subkey(Secret const& _s, unsigned _index)
|
|
{
|
|
RLPStream out(2);
|
|
out << _s.ref();
|
|
out << _index;
|
|
bytesSec r;
|
|
out.swapOut(r.writable());
|
|
return sha3(r);
|
|
}
|
|
|
|
Address KeyManager::importBrain(string const& _seed, string const& _accountName, string const& _passwordHint)
|
|
{
|
|
Address addr = toAddress(brain(_seed));
|
|
m_keyInfo[addr].accountName = _accountName;
|
|
m_keyInfo[addr].passwordHint = _passwordHint;
|
|
write();
|
|
return addr;
|
|
}
|
|
|
|
void KeyManager::importExistingBrain(Address const& _a, string const& _accountName, string const& _passwordHint)
|
|
{
|
|
m_keyInfo[_a].accountName = _accountName;
|
|
m_keyInfo[_a].passwordHint = _passwordHint;
|
|
write();
|
|
}
|
|
|
|
void KeyManager::importExisting(h128 const& _uuid, string const& _info, string const& _pass, string const& _passwordHint)
|
|
{
|
|
bytesSec key = m_store.secret(_uuid, [&](){ return _pass; });
|
|
if (key.empty())
|
|
return;
|
|
Address a = KeyPair(Secret(key)).address();
|
|
auto passHash = hashPassword(_pass);
|
|
if (!m_cachedPasswords.count(passHash))
|
|
cachePassword(_pass);
|
|
importExisting(_uuid, _info, a, passHash, _passwordHint);
|
|
}
|
|
|
|
void KeyManager::importExisting(h128 const& _uuid, string const& _accountName, Address const& _address, h256 const& _passHash, string const& _passwordHint)
|
|
{
|
|
if (!m_passwordHint.count(_passHash))
|
|
m_passwordHint[_passHash] = _passwordHint;
|
|
m_uuidLookup[_uuid] = _address;
|
|
m_addrLookup[_address] = _uuid;
|
|
m_keyInfo[_address].passHash = _passHash;
|
|
m_keyInfo[_address].accountName = _accountName;
|
|
write(m_keysFile);
|
|
}
|
|
|
|
void KeyManager::kill(Address const& _a)
|
|
{
|
|
auto id = m_addrLookup[_a];
|
|
m_uuidLookup.erase(id);
|
|
m_addrLookup.erase(_a);
|
|
m_keyInfo.erase(_a);
|
|
m_store.kill(id);
|
|
write(m_keysFile);
|
|
}
|
|
|
|
KeyPair KeyManager::presaleSecret(std::string const& _json, function<string(bool)> const& _password)
|
|
{
|
|
js::mValue val;
|
|
json_spirit::read_string(_json, val);
|
|
auto obj = val.get_obj();
|
|
string p = _password(true);
|
|
if (obj["encseed"].type() == js::str_type)
|
|
{
|
|
auto encseed = fromHex(obj["encseed"].get_str());
|
|
KeyPair k;
|
|
for (bool gotit = false; !gotit;)
|
|
{
|
|
gotit = true;
|
|
k = KeyPair::fromEncryptedSeed(&encseed, p);
|
|
if (obj["ethaddr"].type() == js::str_type)
|
|
{
|
|
Address a(obj["ethaddr"].get_str());
|
|
Address b = k.address();
|
|
if (a != b)
|
|
{
|
|
if ((p = _password(false)).empty())
|
|
BOOST_THROW_EXCEPTION(PasswordUnknown());
|
|
else
|
|
gotit = false;
|
|
}
|
|
}
|
|
}
|
|
return k;
|
|
}
|
|
else
|
|
BOOST_THROW_EXCEPTION(Exception() << errinfo_comment("encseed type is not js::str_type"));
|
|
}
|
|
|
|
Addresses KeyManager::accounts() const
|
|
{
|
|
Addresses ret;
|
|
ret.reserve(m_keyInfo.size());
|
|
for (auto const& i: m_keyInfo)
|
|
ret.push_back(i.first);
|
|
return ret;
|
|
}
|
|
|
|
bool KeyManager::hasAccount(Address const& _address) const
|
|
{
|
|
return m_keyInfo.count(_address);
|
|
}
|
|
|
|
string const& KeyManager::accountName(Address const& _address) const
|
|
{
|
|
try
|
|
{
|
|
return m_keyInfo.at(_address).accountName;
|
|
}
|
|
catch (...)
|
|
{
|
|
return EmptyString;
|
|
}
|
|
}
|
|
|
|
string const& KeyManager::passwordHint(Address const& _address) const
|
|
{
|
|
try
|
|
{
|
|
auto& info = m_keyInfo.at(_address);
|
|
if (info.passwordHint.size())
|
|
return info.passwordHint;
|
|
return m_passwordHint.at(info.passHash);
|
|
}
|
|
catch (...)
|
|
{
|
|
return EmptyString;
|
|
}
|
|
}
|
|
|
|
h256 KeyManager::hashPassword(string const& _pass) const
|
|
{
|
|
// TODO SECURITY: store this a bit more securely; Scrypt perhaps?
|
|
return h256(pbkdf2(_pass, asBytes(m_defaultPasswordDeprecated), 262144, 32).makeInsecure());
|
|
}
|
|
|
|
void KeyManager::cachePassword(string const& _password) const
|
|
{
|
|
m_cachedPasswords[hashPassword(_password)] = _password;
|
|
}
|
|
|
|
bool KeyManager::write(string const& _keysFile) const
|
|
{
|
|
if (!m_keysFileKey)
|
|
return false;
|
|
write(m_keysFileKey, _keysFile);
|
|
return true;
|
|
}
|
|
|
|
void KeyManager::write(string const& _pass, string const& _keysFile) const
|
|
{
|
|
bytes salt = h256::random().asBytes();
|
|
writeFile(_keysFile + ".salt", salt, true);
|
|
auto key = SecureFixedHash<16>(pbkdf2(_pass, salt, 262144, 16));
|
|
|
|
cachePassword(_pass);
|
|
m_master = hashPassword(_pass);
|
|
write(key, _keysFile);
|
|
}
|
|
|
|
void KeyManager::write(SecureFixedHash<16> const& _key, string const& _keysFile) const
|
|
{
|
|
RLPStream s(4);
|
|
s << 1; // version
|
|
s.appendList(accounts().size());
|
|
for (auto const& address: accounts())
|
|
{
|
|
h128 id = uuid(address);
|
|
auto const& ki = m_keyInfo.at(address);
|
|
s.appendList(5) << address << id << ki.passHash << ki.accountName << ki.passwordHint;
|
|
}
|
|
s.appendList(m_passwordHint.size());
|
|
for (auto const& i: m_passwordHint)
|
|
s.appendList(2) << i.first << i.second;
|
|
s.append(m_defaultPasswordDeprecated);
|
|
|
|
writeFile(_keysFile, encryptSymNoAuth(_key, h128(), &s.out()), true);
|
|
m_keysFileKey = _key;
|
|
cachePassword(defaultPassword());
|
|
}
|
|
|