Use scrypt for key derivation

samrg472 · samrg472 · commit 272cb5eb65de · 2019-11-02T14:41:56.000-07:00
Previously using a simple SHA-256 without salt function for the key
seed. This is inadequate for proper security to protect a user's
sensitive information (i.e. private key).
diff --git a/src/background/crypto.ts b/src/background/crypto.ts
@@ -1,4 +1,4 @@
-import { createHash, randomBytes } from 'crypto';
+import { scryptSync, createHash, randomBytes, ScryptOptions } from 'crypto';
 import sodium from 'libsodium-wrappers';
 import assert from 'assert';
 
@@ -61,8 +61,8 @@ export class SecretKey {
     }
   }
 
-  public static fromString(password: string): SecretKey {
-    const h = hash(password);
+  public static derive(password: string, salt: Uint8Array, opts: ScryptOptions): SecretKey {
+    const h = scryptSync(password, salt, 32, opts);
     return new SecretKey(h);
   }
 }
diff --git a/src/background/settings.ts b/src/background/settings.ts
@@ -1,5 +1,6 @@
 import { readFileSync, unlinkSync, renameSync, existsSync, writeFileSync } from 'fs';
 import { KeyPair, Script, ScriptHash } from 'godcoin';
+import { randomBytes, ScryptOptions } from 'crypto';
 import { SecretKey } from './crypto';
 import { Logger } from '../log';
 import { app } from 'electron';
@@ -8,6 +9,7 @@ import path from 'path';
 const log = new Logger('main:settings');
 
 const CRYPTO_VERSION = 1;
+const SALT_BYTES = 64;
 
 let globalSettings: Settings | undefined;
 
@@ -16,6 +18,16 @@ interface SettingsData {
   keyPair: KeyPair;
 }
 
+function v1ScryptParams(): ScryptOptions {
+  const N = 2 ** 15;
+  return {
+    N,
+    r: 8,
+    p: 1,
+    maxmem: 128 * N * 8 * 2,
+  };
+}
+
 export class Settings implements SettingsData {
   public readonly dbSecretKey: SecretKey;
   public readonly keyPair: KeyPair;
@@ -66,11 +78,12 @@ export class Settings implements SettingsData {
       'utf8',
     );
 
-    const localKey = SecretKey.fromString(password);
+    const salt = randomBytes(SALT_BYTES);
+    const localKey = SecretKey.derive(password, salt, v1ScryptParams());
     const encData = localKey.encrypt(unencryptedData);
     localKey.zero();
 
-    return Buffer.concat([version, encData]);
+    return Buffer.concat([version, salt, encData]);
   }
 
   public static load(password: string): Settings {
@@ -119,12 +132,13 @@ export class Settings implements SettingsData {
   private static deserializeEnc(loc: string, password: string): Settings {
     const fileData = readFileSync(loc);
     const version = fileData.readUInt16BE(0);
-    const encData = fileData.slice(2);
 
     let data: SettingsData;
     switch (version) {
       case 1: {
-        const localKey = SecretKey.fromString(password);
+        const salt = fileData.slice(2, 2 + SALT_BYTES);
+        const encData = fileData.slice(2 + SALT_BYTES);
+        const localKey = SecretKey.derive(password, salt, v1ScryptParams());
         try {
           const obj = JSON.parse(localKey.decrypt(encData).toString('utf8'));
           data = {
diff --git a/src/renderer/ipc.ts b/src/renderer/ipc.ts
@@ -30,18 +30,26 @@ class IpcManager {
       password,
       privateKey: typeof keyPair === 'string' ? keyPair : keyPair.privateKey.toWif(),
     });
-    const ipcRes = await this.send({
-      type: 'wallet:pre_init',
-      password,
-    });
-    if (ipcRes.type !== 'wallet:pre_init') {
-      throw new Error('Unexpected IPC response: ' + JSON.stringify(ipcRes));
-    }
+    const ipcRes = await this.preInit(password);
     if (ipcRes.status !== 'success') {
       throw new Error('Failed to complete load settings after setup: ' + ipcRes.status);
     }
   }
 
+  public async preInit(password: string): Promise<models.PreInitWalletRes> {
+    const ipcRes = await this.send(
+      {
+        type: 'wallet:pre_init',
+        password,
+      },
+      15000,
+    );
+    if (ipcRes.type !== 'wallet:pre_init') {
+      throw new Error('Unexpected IPC response: ' + JSON.stringify(ipcRes));
+    }
+    return ipcRes;
+  }
+
   public async postInit(): Promise<models.PostInitWalletRes> {
     const ipcRes = await this.send({
       type: 'wallet:post_init',
diff --git a/src/views/start/Welcome.vue b/src/views/start/Welcome.vue
@@ -94,13 +94,7 @@ export default class Welcome extends Vue {
       try {
         if (!this.isReady) return;
         const password = this.password;
-        const ipcRes = await ipc.send({
-          type: 'wallet:pre_init',
-          password,
-        });
-        if (ipcRes.type !== 'wallet:pre_init') {
-          throw new Error('Unexpected IPC response: ' + JSON.stringify(ipcRes));
-        }
+        const ipcRes = await ipc.preInit(password);
         const status = ipcRes.status;
         switch (status) {
           case 'success':

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-import { createHash, randomBytes } from 'crypto';`
	`1`	`+import { scryptSync, createHash, randomBytes, ScryptOptions } from 'crypto';`
`2`	`2`	`import sodium from 'libsodium-wrappers';`
`3`	`3`	`import assert from 'assert';`
`4`	`4`
`@@ -61,8 +61,8 @@ export class SecretKey {`
`61`	`61`	`}`
`62`	`62`	`}`
`63`	`63`
`64`		`- public static fromString(password: string): SecretKey {`
`65`		`- const h = hash(password);`
	`64`	`+ public static derive(password: string, salt: Uint8Array, opts: ScryptOptions): SecretKey {`
	`65`	`+ const h = scryptSync(password, salt, 32, opts);`
`66`	`66`	`return new SecretKey(h);`
`67`	`67`	`}`
`68`	`68`	`}`