keystore

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 6, 2023 License: LGPL-3.0 Imports: 31 Imported by: 2

Documentation

Overview

Package keystore implements encrypted storage of secp256k1 private keys.

Keys are stored as encrypted JSON files according to the Web3 Secret Storage specification. See https://github.com/ethereum/wiki/wiki/Web3-Secret-Storage-Definition for more information.

Index

Constants

View Source 
const (

	// StandardScryptN is the N parameter of Scrypt encryption algorithm, using 256MB
	// memory and taking approximately 1s CPU time on a modern processor.
	StandardScryptN = 1 << 18

	// StandardScryptP is the P parameter of Scrypt encryption algorithm, using 256MB
	// memory and taking approximately 1s CPU time on a modern processor.
	StandardScryptP = 1

	// LightScryptN is the N parameter of Scrypt encryption algorithm, using 4MB
	// memory and taking approximately 100ms CPU time on a modern processor.
	LightScryptN = 1 << 12

	// LightScryptP is the P parameter of Scrypt encryption algorithm, using 4MB
	// memory and taking approximately 100ms CPU time on a modern processor.
	LightScryptP = 6
)
View Source 
const KeyStoreScheme = "keystore"

KeyStoreScheme is the protocol scheme prefixing account and wallet URLs.

Variables

View Source 
var (
	ErrLocked  = NewAuthNeededError("password or unlock")
	ErrNoMatch = errors.New("no key for given address or file")
	ErrDecrypt = errors.New("could not decrypt key with given passphrase")
)
View Source 
var ErrInvalidPassphrase = errors.New("invalid passphrase")

ErrInvalidPassphrase is returned when a decryption operation receives a bad passphrase.

View Source 
var ErrNotSupported = errors.New("not supported")

ErrNotSupported is returned when an operation is requested from an account backend that it does not support.

View Source 
var ErrUnknownAccount = errors.New("unknown account")

ErrUnknownAccount is returned for any requested operation for which no backend provides the specified account.

View Source 
var ErrUnknownWallet = errors.New("unknown wallet")

ErrUnknownWallet is returned for any requested operation for which no backend provides the specified wallet.

View Source 
var ErrWalletAlreadyOpen = errors.New("wallet already open")

ErrWalletAlreadyOpen is returned if a wallet is attempted to be opened the second time.

View Source 
var ErrWalletClosed = errors.New("wallet closed")

ErrWalletClosed is returned if a wallet is attempted to be opened the secodn time.

View Source 
var KeyStoreType = reflect.TypeOf(&KeyStore{})

KeyStoreType is the reflect type of a keystore backend.

Functions

func DecryptDataV3 

func DecryptDataV3(cryptoJson CryptoJSON, auth string) ([]byte, error)

func EncryptKey 

func EncryptKey(key *Key, auth string, scryptN, scryptP int) ([]byte, error)

EncryptKey encrypts a key using the specified scrypt parameters into a json blob that can be decrypted later on.

func NewAuthNeededError 

func NewAuthNeededError(needed string) error

NewAuthNeededError creates a new authentication error with the extra details about the needed fields set.

func StoreKey 

func StoreKey(dir, auth string, scryptN, scryptP int) (common.Address, error)

StoreKey generates a key, encrypts with 'auth' and stores in the given directory

Types

type Account 

type Account struct {
	Address common.Address `json:"address"` // Ethereum account address derived from the key
	URL     URL            `json:"url"`     // Optional resource locator within a backend
}

type AmbiguousAddrError 

type AmbiguousAddrError struct {
	Addr    common.Address
	Matches []Account
}

AmbiguousAddrError is returned when attempting to unlock an address for which more than one file exists.

func (*AmbiguousAddrError) Error 

func (err *AmbiguousAddrError) Error() string

type AuthNeededError 

type AuthNeededError struct {
	Needed string // Extra authentication the user needs to provide
}

AuthNeededError is returned by backends for signing requests where the user is required to provide further authentication before signing can succeed.

This usually means either that a password needs to be supplied, or perhaps a one time PIN code displayed by some hardware device.

func (*AuthNeededError) Error 

func (err *AuthNeededError) Error() string

Error implements the standard error interface.

type CryptoJSON 

type CryptoJSON struct {
	Cipher       string                 `json:"cipher"`
	CipherText   string                 `json:"ciphertext"`
	CipherParams cipherparamsJSON       `json:"cipherparams"`
	KDF          string                 `json:"kdf"`
	KDFParams    map[string]interface{} `json:"kdfparams"`
	MAC          string                 `json:"mac"`
}

func EncryptDataV3 

func EncryptDataV3(data, auth []byte, scryptN, scryptP int) (CryptoJSON, error)

Encryptdata encrypts the data given as 'data' with the password 'auth'.

type Key 

type Key struct {
	Id uuid.UUID // Version 4 "random" for unique id not derived from key data
	// to simplify lookups we also store the address
	Address common.Address
	// we only store privkey as pubkey/address can be derived from it
	// privkey in this struct is always in plaintext
	PrivateKey *ecdsa.PrivateKey
}

func DecryptKey 

func DecryptKey(keyjson []byte, auth string) (*Key, error)

DecryptKey decrypts a key from a json blob, returning the private key itself.

func NewKeyForDirectICAP 

func NewKeyForDirectICAP(rand io.Reader) *Key

NewKeyForDirectICAP generates a key whose address fits into < 155 bits so it can fit into the Direct ICAP spec. for simplicity and easier compatibility with other libs, we retry until the first byte is 0.

func (*Key) MarshalJSON 

func (k *Key) MarshalJSON() (j []byte, err error)

func (*Key) UnmarshalJSON 

func (k *Key) UnmarshalJSON(j []byte) (err error)

type KeyStore 

type KeyStore struct {
	// contains filtered or unexported fields
}

KeyStore manages a key storage directory on disk.

func NewKeyStore 

func NewKeyStore(keydir string, scryptN, scryptP int) *KeyStore

NewKeyStore creates a keystore for the given directory.

func NewPlaintextKeyStore 

func NewPlaintextKeyStore(keydir string) *KeyStore

NewPlaintextKeyStore creates a keystore for the given directory. Deprecated: Use NewKeyStore.

func (*KeyStore) Accounts 

func (ks *KeyStore) Accounts() []Account

Accounts returns all key files present in the directory.

func (*KeyStore) Delete 

func (ks *KeyStore) Delete(a Account, passphrase string) error

Delete deletes the key matched by account if the passphrase is correct. If the account contains no filename, the address must match a unique key.

func (*KeyStore) Export 

func (ks *KeyStore) Export(a Account, passphrase, newPassphrase string) (keyJSON []byte, err error)

Export exports as a JSON key, encrypted with newPassphrase.

func (*KeyStore) Find 

func (ks *KeyStore) Find(a Account) (Account, error)

Find resolves the given account into a unique entry in the keystore.

func (*KeyStore) HasAddress 

func (ks *KeyStore) HasAddress(addr common.Address) bool

HasAddress reports whether a key with the given address is present.

func (*KeyStore) Import 

func (ks *KeyStore) Import(keyJSON []byte, passphrase, newPassphrase string) (Account, error)

Import stores the given encrypted JSON key into the key directory.

func (*KeyStore) ImportECDSA 

func (ks *KeyStore) ImportECDSA(priv *ecdsa.PrivateKey, passphrase string) (Account, error)

ImportECDSA stores the given key into the key directory, encrypting it with the passphrase.

func (*KeyStore) ImportPreSaleKey 

func (ks *KeyStore) ImportPreSaleKey(keyJSON []byte, passphrase string) (Account, error)

ImportPreSaleKey decrypts the given Ethereum presale wallet and stores a key file in the key directory. The key file is encrypted with the same passphrase.

func (*KeyStore) Lock 

func (ks *KeyStore) Lock(addr common.Address) error

Lock removes the private key with the given address from memory.

func (*KeyStore) NewAccount 

func (ks *KeyStore) NewAccount(passphrase string) (Account, error)

NewAccount generates a new key and stores it into the key directory, encrypting it with the passphrase.

func (*KeyStore) SignHash 

func (ks *KeyStore) SignHash(a Account, hash []byte) ([]byte, error)

SignHash calculates a ECDSA signature for the given hash. The produced signature is in the [R || S || V] format where V is 0 or 1.

func (*KeyStore) SignHashWithPassphrase 

func (ks *KeyStore) SignHashWithPassphrase(a Account, passphrase string, hash []byte) (signature []byte, err error)

SignHashWithPassphrase signs hash if the private key matching the given address can be decrypted with the given passphrase. The produced signature is in the [R || S || V] format where V is 0 or 1.

func (*KeyStore) SignTx 

func (ks *KeyStore) SignTx(a Account, tx *types.Transaction) (*types.Transaction, error)

SignTx signs the given transaction with the requested account.

func (*KeyStore) SignTxWithPassphrase 

func (ks *KeyStore) SignTxWithPassphrase(a Account, passphrase string, tx *types.Transaction) (*types.Transaction, error)

SignTxWithPassphrase signs the transaction if the private key matching the given address can be decrypted with the given passphrase.

func (*KeyStore) TimedUnlock 

func (ks *KeyStore) TimedUnlock(a Account, passphrase string, timeout time.Duration) error

TimedUnlock unlocks the given account with the passphrase. The account stays unlocked for the duration of timeout. A timeout of 0 unlocks the account until the program exits. The account must match a unique key file.

If the account address is already unlocked for a duration, TimedUnlock extends or shortens the active unlock timeout. If the address was previously unlocked indefinitely the timeout is not altered.

func (*KeyStore) Unlock 

func (ks *KeyStore) Unlock(a Account, passphrase string) error

Unlock unlocks the given account indefinitely.

func (*KeyStore) Update 

func (ks *KeyStore) Update(a Account, passphrase, newPassphrase string) error

Update changes the passphrase of an existing account.

type URL 

type URL struct {
	Scheme string // Protocol scheme to identify a capable account backend
	Path   string // Path for the backend to identify a unique entity
}

URL represents the canonical identification URL of a wallet or account.

It is a simplified version of url.URL, with the important limitations (which are considered features here) that it contains value-copyable components only, as well as that it doesn't do any URL encoding/decoding of special characters.

The former is important to allow an account to be copied without leaving live references to the original version, whereas the latter is important to ensure one single canonical form opposed to many allowed ones by the RFC 3986 spec.

As such, these URLs should not be used outside of the scope of an Ethereum wallet or account.

func (URL) Cmp 

func (u URL) Cmp(url URL) int

Cmp compares x and y and returns: 

-1 if x <  y
 0 if x == y
+1 if x >  y

func (URL) MarshalJSON 

func (u URL) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface.

func (URL) String 

func (u URL) String() string

String implements the stringer interface.

func (URL) TerminalString 

func (u URL) TerminalString() string

TerminalString implements the log.TerminalStringer interface.

func (*URL) UnmarshalJSON 

func (u *URL) UnmarshalJSON(input []byte) error

UnmarshalJSON parses url.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.