crypto

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 14, 2020 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var BcryptSecurityParameter = 12

BcryptSecurityParameter is security parameter var, and it can be changed within the lcd test. Making the bcrypt security parameter a var shouldn't be a security issue: One can't verify an invalid key by maliciously changing the bcrypt parameter during a runtime vulnerability. The main security threat this then exposes would be something that changes this during runtime before the user creates their key. This vulnerability must succeed to update this to that same value before every subsequent call to the keys command in future startups / or the attacker must get access to the filesystem. However, with a similar threat model (changing variables in runtime), one can cause the user to sign a different tx than what they see, which is a significantly cheaper attack then breaking a bcrypt hash. (Recall that the nonce still exists to break rainbow tables) For further notes on security parameter choice, see README.md

Functions

func ArmorInfoBytes added in v1.0.0

func ArmorInfoBytes(bz []byte) string

Armor the InfoBytes

func ArmorPubKeyBytes added in v1.0.0

func ArmorPubKeyBytes(bz []byte, algo string) string

Armor the PubKeyBytes

func EncryptArmorPrivKey added in v1.0.0

func EncryptArmorPrivKey(privKey crypto.PrivKey, passphrase string, algo string) string

Encrypt and armor the private key.

func LedgerShowAddress added in v0.33.0

func LedgerShowAddress(path hd.BIP44Params, expectedPubKey tmcrypto.PubKey,
	accountAddressPrefix string) error

LedgerShowAddress triggers a ledger device to show the corresponding address.

func NewPrivKeyLedgerSecp256k1

func NewPrivKeyLedgerSecp256k1(path hd.BIP44Params, hrp string) (tmcrypto.PrivKey, string, error)

NewPrivKeyLedgerSecp256k1 will generate a new key and store the public key for later use. The request will require user confirmation and will show account and index in the device

func NewPrivKeyLedgerSecp256k1Unsafe added in v1.0.0

func NewPrivKeyLedgerSecp256k1Unsafe(path hd.BIP44Params) (tmcrypto.PrivKey, error)

NewPrivKeyLedgerSecp256k1Unsafe will generate a new key and store the public key for later use.

This function is marked as unsafe as it will retrieve a pubkey without user verification. It can only be used to verify a pubkey but never to create new accounts/keys. In that case, please refer to NewPrivKeyLedgerSecp256k1

func RegisterAmino

func RegisterAmino(cdc *amino.Codec)

RegisterAmino registers all go-crypto related types in the given (amino) codec.

func UnarmorDecryptPrivKey added in v1.0.0

func UnarmorDecryptPrivKey(armorStr string, passphrase string) (privKey crypto.PrivKey, algo string, err error)

UnarmorDecryptPrivKey returns the privkey byte slice, a string of the algo type, and an error

func UnarmorInfoBytes added in v1.0.0

func UnarmorInfoBytes(armorStr string) ([]byte, error)

Unarmor the InfoBytes

func UnarmorPubKeyBytes added in v1.0.0

func UnarmorPubKeyBytes(armorStr string) (bz []byte, algo string, err error)

UnarmorPubKeyBytes returns the pubkey byte slice, a string of the algo type, and an error

Types

type LedgerSECP256K1 added in v0.21.1

type LedgerSECP256K1 interface {
	Close() error
	// Returns an uncompressed pubkey
	GetPublicKeySECP256K1([]uint32) ([]byte, error)
	// Returns a compressed pubkey and bech32 address (requires user confirmation)
	GetAddressPubKeySECP256K1([]uint32, string) ([]byte, string, error)
	// Signs a message (requires user confirmation)
	SignSECP256K1([]uint32, []byte) ([]byte, error)
}

LedgerSECP256K1 reflects an interface a Ledger API must implement for SECP256K1

type PrivKeyLedgerSecp256k1

type PrivKeyLedgerSecp256k1 struct {
	// CachedPubKey should be private, but we want to encode it via
	// go-amino so we can view the address later, even without having the
	// ledger attached.
	CachedPubKey tmcrypto.PubKey
	Path         hd.BIP44Params
}

PrivKeyLedgerSecp256k1 implements PrivKey, calling the ledger nano we cache the PubKey from the first call to use it later.

func (*PrivKeyLedgerSecp256k1) AssertIsPrivKeyInner

func (pkl *PrivKeyLedgerSecp256k1) AssertIsPrivKeyInner()

AssertIsPrivKeyInner implements the PrivKey interface. It performs a no-op.

func (PrivKeyLedgerSecp256k1) Bytes

func (pkl PrivKeyLedgerSecp256k1) Bytes() []byte

Bytes implements the PrivKey interface. It stores the cached public key so we can verify the same key when we reconnect to a ledger.

func (PrivKeyLedgerSecp256k1) Equals

func (pkl PrivKeyLedgerSecp256k1) Equals(other tmcrypto.PrivKey) bool

Equals implements the PrivKey interface. It makes sure two private keys refer to the same public key.

func (PrivKeyLedgerSecp256k1) PubKey

func (pkl PrivKeyLedgerSecp256k1) PubKey() tmcrypto.PubKey

PubKey returns the cached public key.

func (PrivKeyLedgerSecp256k1) Sign

func (pkl PrivKeyLedgerSecp256k1) Sign(message []byte) ([]byte, error)

Sign returns a secp256k1 signature for the corresponding message

func (PrivKeyLedgerSecp256k1) ValidateKey

func (pkl PrivKeyLedgerSecp256k1) ValidateKey() error

ValidateKey allows us to verify the sanity of a public key after loading it from disk.

Directories

Path Synopsis
Package hd provides support for hierarchical deterministic wallets generation and derivation.
Package hd provides support for hierarchical deterministic wallets generation and derivation.
Package keys provides common key management API.
Package keys provides common key management API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL