Documentation ¶
Index ¶
- Variables
- func ArmorInfoBytes(bz []byte) string
- func ArmorPubKeyBytes(bz []byte, algo string) string
- func EncryptArmorPrivKey(privKey crypto.PrivKey, passphrase string, algo string) string
- func LedgerShowAddress(path hd.BIP44Params, expectedPubKey tmcrypto.PubKey, ...) error
- func NewPrivKeyLedgerSecp256k1(path hd.BIP44Params, hrp string) (tmcrypto.PrivKey, string, error)
- func NewPrivKeyLedgerSecp256k1Unsafe(path hd.BIP44Params) (tmcrypto.PrivKey, error)
- func RegisterAmino(cdc *amino.Codec)
- func UnarmorDecryptPrivKey(armorStr string, passphrase string) (privKey crypto.PrivKey, algo string, err error)
- func UnarmorInfoBytes(armorStr string) ([]byte, error)
- func UnarmorPubKeyBytes(armorStr string) (bz []byte, algo string, err error)
- type LedgerSECP256K1
- type PrivKeyLedgerSecp256k1
- func (pkl *PrivKeyLedgerSecp256k1) AssertIsPrivKeyInner()
- func (pkl PrivKeyLedgerSecp256k1) Bytes() []byte
- func (pkl PrivKeyLedgerSecp256k1) Equals(other tmcrypto.PrivKey) bool
- func (pkl PrivKeyLedgerSecp256k1) PubKey() tmcrypto.PubKey
- func (pkl PrivKeyLedgerSecp256k1) Sign(message []byte) ([]byte, error)
- func (pkl PrivKeyLedgerSecp256k1) ValidateKey() error
Constants ¶
This section is empty.
Variables ¶
var BcryptSecurityParameter = 12
BcryptSecurityParameter is security parameter var, and it can be changed within the lcd test. Making the bcrypt security parameter a var shouldn't be a security issue: One can't verify an invalid key by maliciously changing the bcrypt parameter during a runtime vulnerability. The main security threat this then exposes would be something that changes this during runtime before the user creates their key. This vulnerability must succeed to update this to that same value before every subsequent call to the keys command in future startups / or the attacker must get access to the filesystem. However, with a similar threat model (changing variables in runtime), one can cause the user to sign a different tx than what they see, which is a significantly cheaper attack then breaking a bcrypt hash. (Recall that the nonce still exists to break rainbow tables) For further notes on security parameter choice, see README.md
Functions ¶
func ArmorPubKeyBytes ¶ added in v1.0.0
Armor the PubKeyBytes
func EncryptArmorPrivKey ¶ added in v1.0.0
Encrypt and armor the private key.
func LedgerShowAddress ¶ added in v0.33.0
func LedgerShowAddress(path hd.BIP44Params, expectedPubKey tmcrypto.PubKey, accountAddressPrefix string) error
LedgerShowAddress triggers a ledger device to show the corresponding address.
func NewPrivKeyLedgerSecp256k1 ¶
NewPrivKeyLedgerSecp256k1 will generate a new key and store the public key for later use. The request will require user confirmation and will show account and index in the device
func NewPrivKeyLedgerSecp256k1Unsafe ¶ added in v1.0.0
func NewPrivKeyLedgerSecp256k1Unsafe(path hd.BIP44Params) (tmcrypto.PrivKey, error)
NewPrivKeyLedgerSecp256k1Unsafe will generate a new key and store the public key for later use.
This function is marked as unsafe as it will retrieve a pubkey without user verification. It can only be used to verify a pubkey but never to create new accounts/keys. In that case, please refer to NewPrivKeyLedgerSecp256k1
func RegisterAmino ¶
RegisterAmino registers all go-crypto related types in the given (amino) codec.
func UnarmorDecryptPrivKey ¶ added in v1.0.0
func UnarmorDecryptPrivKey(armorStr string, passphrase string) (privKey crypto.PrivKey, algo string, err error)
UnarmorDecryptPrivKey returns the privkey byte slice, a string of the algo type, and an error
func UnarmorInfoBytes ¶ added in v1.0.0
Unarmor the InfoBytes
Types ¶
type LedgerSECP256K1 ¶ added in v0.21.1
type LedgerSECP256K1 interface { Close() error // Returns an uncompressed pubkey GetPublicKeySECP256K1([]uint32) ([]byte, error) // Returns a compressed pubkey and bech32 address (requires user confirmation) GetAddressPubKeySECP256K1([]uint32, string) ([]byte, string, error) // Signs a message (requires user confirmation) SignSECP256K1([]uint32, []byte) ([]byte, error) }
LedgerSECP256K1 reflects an interface a Ledger API must implement for SECP256K1
type PrivKeyLedgerSecp256k1 ¶
type PrivKeyLedgerSecp256k1 struct { // CachedPubKey should be private, but we want to encode it via // go-amino so we can view the address later, even without having the // ledger attached. CachedPubKey tmcrypto.PubKey Path hd.BIP44Params }
PrivKeyLedgerSecp256k1 implements PrivKey, calling the ledger nano we cache the PubKey from the first call to use it later.
func (*PrivKeyLedgerSecp256k1) AssertIsPrivKeyInner ¶
func (pkl *PrivKeyLedgerSecp256k1) AssertIsPrivKeyInner()
AssertIsPrivKeyInner implements the PrivKey interface. It performs a no-op.
func (PrivKeyLedgerSecp256k1) Bytes ¶
func (pkl PrivKeyLedgerSecp256k1) Bytes() []byte
Bytes implements the PrivKey interface. It stores the cached public key so we can verify the same key when we reconnect to a ledger.
func (PrivKeyLedgerSecp256k1) Equals ¶
func (pkl PrivKeyLedgerSecp256k1) Equals(other tmcrypto.PrivKey) bool
Equals implements the PrivKey interface. It makes sure two private keys refer to the same public key.
func (PrivKeyLedgerSecp256k1) PubKey ¶
func (pkl PrivKeyLedgerSecp256k1) PubKey() tmcrypto.PubKey
PubKey returns the cached public key.
func (PrivKeyLedgerSecp256k1) Sign ¶
func (pkl PrivKeyLedgerSecp256k1) Sign(message []byte) ([]byte, error)
Sign returns a secp256k1 signature for the corresponding message
func (PrivKeyLedgerSecp256k1) ValidateKey ¶
func (pkl PrivKeyLedgerSecp256k1) ValidateKey() error
ValidateKey allows us to verify the sanity of a public key after loading it from disk.
Directories ¶
Path | Synopsis |
---|---|
Package hd provides support for hierarchical deterministic wallets generation and derivation.
|
Package hd provides support for hierarchical deterministic wallets generation and derivation. |
Package keys provides common key management API.
|
Package keys provides common key management API. |