mirror of
https://github.com/fluencelabs/tendermint
synced 2025-06-29 12:41:44 +00:00
Use 16 random bytes for seed and key, crc16 by default
This commit is contained in:
Ethan Frey
@ -5,6 +5,9 @@ import (
|
|||||||
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
|
cmn "github.com/tendermint/tmlibs/common"
|
||||||
|
|
||||||
"github.com/tendermint/go-crypto/keys/cryptostore"
|
"github.com/tendermint/go-crypto/keys/cryptostore"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -12,8 +15,8 @@ func TestNoopEncoder(t *testing.T) {
|
|||||||
assert, require := assert.New(t), require.New(t)
|
assert, require := assert.New(t), require.New(t)
|
||||||
noop := cryptostore.Noop
|
noop := cryptostore.Noop
|
||||||
|
|
||||||
key := cryptostore.GenEd25519.Generate()
|
key := cryptostore.GenEd25519.Generate(cmn.RandBytes(16))
|
||||||
key2 := cryptostore.GenSecp256k1.Generate()
|
key2 := cryptostore.GenSecp256k1.Generate(cmn.RandBytes(16))
|
||||||
|
|
||||||
b, err := noop.Encrypt(key, "encode")
|
b, err := noop.Encrypt(key, "encode")
|
||||||
require.Nil(err)
|
require.Nil(err)
|
||||||
@ -40,7 +43,7 @@ func TestSecretBox(t *testing.T) {
|
|||||||
assert, require := assert.New(t), require.New(t)
|
assert, require := assert.New(t), require.New(t)
|
||||||
enc := cryptostore.SecretBox
|
enc := cryptostore.SecretBox
|
||||||
|
|
||||||
key := cryptostore.GenEd25519.Generate()
|
key := cryptostore.GenEd25519.Generate(cmn.RandBytes(16))
|
||||||
pass := "some-special-secret"
|
pass := "some-special-secret"
|
||||||
|
|
||||||
b, err := enc.Encrypt(key, pass)
|
b, err := enc.Encrypt(key, pass)
|
||||||
|
|||||||
@ -14,22 +14,22 @@ var (
|
|||||||
|
|
||||||
// Generator determines the type of private key the keystore creates
|
// Generator determines the type of private key the keystore creates
|
||||||
type Generator interface {
|
type Generator interface {
|
||||||
Generate() crypto.PrivKey
|
Generate(secret []byte) crypto.PrivKey
|
||||||
}
|
}
|
||||||
|
|
||||||
// GenFunc is a helper to transform a function into a Generator
|
// GenFunc is a helper to transform a function into a Generator
|
||||||
type GenFunc func() crypto.PrivKey
|
type GenFunc func(secret []byte) crypto.PrivKey
|
||||||
|
|
||||||
func (f GenFunc) Generate() crypto.PrivKey {
|
func (f GenFunc) Generate(secret []byte) crypto.PrivKey {
|
||||||
return f()
|
return f(secret)
|
||||||
}
|
}
|
||||||
|
|
||||||
func genEd25519() crypto.PrivKey {
|
func genEd25519(secret []byte) crypto.PrivKey {
|
||||||
return crypto.GenPrivKeyEd25519().Wrap()
|
return crypto.GenPrivKeyEd25519FromSecret(secret).Wrap()
|
||||||
}
|
}
|
||||||
|
|
||||||
func genSecp256() crypto.PrivKey {
|
func genSecp256(secret []byte) crypto.PrivKey {
|
||||||
return crypto.GenPrivKeySecp256k1().Wrap()
|
return crypto.GenPrivKeySecp256k1FromSecret(secret).Wrap()
|
||||||
}
|
}
|
||||||
|
|
||||||
func getGenerator(algo string) (Generator, error) {
|
func getGenerator(algo string) (Generator, error) {
|
||||||
|
|||||||
@ -43,12 +43,16 @@ func (s Manager) Create(name, passphrase, algo string) (keys.Info, string, error
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return keys.Info{}, "", err
|
return keys.Info{}, "", err
|
||||||
}
|
}
|
||||||
key := gen.Generate()
|
|
||||||
|
// 128-bits the the all the randomness we can make use of
|
||||||
|
secret := crypto.CRandBytes(16)
|
||||||
|
key := gen.Generate(secret)
|
||||||
err = s.es.Put(name, passphrase, key)
|
err = s.es.Put(name, passphrase, key)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return keys.Info{}, "", err
|
return keys.Info{}, "", err
|
||||||
}
|
}
|
||||||
seed, err := s.codec.BytesToWords(key.Bytes())
|
|
||||||
|
seed, err := s.codec.BytesToWords(secret)
|
||||||
phrase := strings.Join(seed, " ")
|
phrase := strings.Join(seed, " ")
|
||||||
return info(name, key), phrase, err
|
return info(name, key), phrase, err
|
||||||
}
|
}
|
||||||
@ -61,15 +65,18 @@ func (s Manager) Create(name, passphrase, algo string) (keys.Info, string, error
|
|||||||
// Result similar to New(), except it doesn't return the seed again...
|
// Result similar to New(), except it doesn't return the seed again...
|
||||||
func (s Manager) Recover(name, passphrase, seedphrase string) (keys.Info, error) {
|
func (s Manager) Recover(name, passphrase, seedphrase string) (keys.Info, error) {
|
||||||
words := strings.Split(strings.TrimSpace(seedphrase), " ")
|
words := strings.Split(strings.TrimSpace(seedphrase), " ")
|
||||||
data, err := s.codec.WordsToBytes(words)
|
secret, err := s.codec.WordsToBytes(words)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return keys.Info{}, err
|
return keys.Info{}, err
|
||||||
}
|
}
|
||||||
|
|
||||||
key, err := crypto.PrivKeyFromBytes(data)
|
// TODO: flag this???
|
||||||
if err != nil {
|
gen := GenEd25519
|
||||||
return keys.Info{}, err
|
// gen, err := getGenerator(algo)
|
||||||
}
|
// if err != nil {
|
||||||
|
// return keys.Info{}, "", err
|
||||||
|
// }
|
||||||
|
key := gen.Generate(secret)
|
||||||
|
|
||||||
// d00d, it worked! create the bugger....
|
// d00d, it worked! create the bugger....
|
||||||
err = s.es.Put(name, passphrase, key)
|
err = s.es.Put(name, passphrase, key)
|
||||||
|
|||||||
@ -4,13 +4,17 @@ import (
|
|||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
|
|
||||||
|
crypto "github.com/tendermint/go-crypto"
|
||||||
|
cmn "github.com/tendermint/tmlibs/common"
|
||||||
|
|
||||||
keys "github.com/tendermint/go-crypto/keys"
|
keys "github.com/tendermint/go-crypto/keys"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestSortKeys(t *testing.T) {
|
func TestSortKeys(t *testing.T) {
|
||||||
assert := assert.New(t)
|
assert := assert.New(t)
|
||||||
|
|
||||||
gen := GenEd25519.Generate
|
gen := func() crypto.PrivKey { return GenEd25519.Generate(cmn.RandBytes(16)) }
|
||||||
assert.NotEqual(gen(), gen())
|
assert.NotEqual(gen(), gen())
|
||||||
|
|
||||||
// alphabetical order is n3, n1, n2
|
// alphabetical order is n3, n1, n2
|
||||||
|
|||||||
@ -34,7 +34,8 @@ func NewCodec(words []string) (codec *WordCodec, err error) {
|
|||||||
res := &WordCodec{
|
res := &WordCodec{
|
||||||
words: words,
|
words: words,
|
||||||
// TODO: configure this outside???
|
// TODO: configure this outside???
|
||||||
check: NewIEEECRC32(),
|
// check: NewIEEECRC32(),
|
||||||
|
check: NewIBMCRC16(),
|
||||||
}
|
}
|
||||||
|
|
||||||
return res, nil
|
return res, nil
|
||||||
|
|||||||
@ -152,7 +152,7 @@ func TestCheckTypoDetection(t *testing.T) {
|
|||||||
codec, err := LoadCodec(bank)
|
codec, err := LoadCodec(bank)
|
||||||
require.Nil(err, "%s: %+v", bank, err)
|
require.Nil(err, "%s: %+v", bank, err)
|
||||||
for i := 0; i < 1000; i++ {
|
for i := 0; i < 1000; i++ {
|
||||||
numBytes := cmn.RandInt()%60 + 1
|
numBytes := cmn.RandInt()%60 + 4
|
||||||
data := cmn.RandBytes(numBytes)
|
data := cmn.RandBytes(numBytes)
|
||||||
|
|
||||||
words, err := codec.BytesToWords(data)
|
words, err := codec.BytesToWords(data)
|
||||||
|
|||||||
Reference in New Issue
Block a user