Merge pull request #1085 from Gustav-Simonsson/key_store_v3

crypto: key store v3

Author: obscuren

common/test_utils.go

@@ -0,0 +1,37 @@
+package common
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+)
+
+// LoadJSON reads the given file and unmarshals its content.
+func LoadJSON(file string, val interface{}) error {
+	content, err := ioutil.ReadFile(file)
+	if err != nil {
+		return err
+	}
+	if err := json.Unmarshal(content, val); err != nil {
+		if syntaxerr, ok := err.(*json.SyntaxError); ok {
+			line := findLine(content, syntaxerr.Offset)
+			return fmt.Errorf("JSON syntax error at %v:%v: %v", file, line, err)
+		}
+		return fmt.Errorf("JSON unmarshal error in %v: %v", file, err)
+	}
+	return nil
+}
+
+// findLine returns the line number for the given offset into data.
+func findLine(data []byte, offset int64) (line int) {
+	line = 1
+	for i, r := range string(data) {
+		if int64(i) >= offset {
+			return
+		}
+		if r == '\n' {
+			line++
+		}
+	}
+	return
+}

crypto/crypto.go

@@ -258,19 +258,31 @@ func decryptPreSaleKey(fileContent []byte, password string) (key *Key, err error
 	return key, err
 }
 
-func aesCBCDecrypt(key []byte, cipherText []byte, iv []byte) (plainText []byte, err error) {
+// AES-128 is selected due to size of encryptKey
+func aesCTRXOR(key, inText, iv []byte) ([]byte, error) {
 	aesBlock, err := aes.NewCipher(key)
 	if err != nil {
-		return plainText, err
+		return nil, err
+	}
+	stream := cipher.NewCTR(aesBlock, iv)
+	outText := make([]byte, len(inText))
+	stream.XORKeyStream(outText, inText)
+	return outText, err
+}
+
+func aesCBCDecrypt(key, cipherText, iv []byte) ([]byte, error) {
+	aesBlock, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
 	}
 	decrypter := cipher.NewCBCDecrypter(aesBlock, iv)
-	paddedPlainText := make([]byte, len(cipherText))
-	decrypter.CryptBlocks(paddedPlainText, cipherText)
-	plainText = PKCS7Unpad(paddedPlainText)
-	if plainText == nil {
+	paddedPlaintext := make([]byte, len(cipherText))
+	decrypter.CryptBlocks(paddedPlaintext, cipherText)
+	plaintext := PKCS7Unpad(paddedPlaintext)
+	if plaintext == nil {
 		err = errors.New("Decryption failed: PKCS7Unpad failed after AES decryption")
 	}
-	return plainText, err
+	return plaintext, err
 }
 
 // From https://leanpub.com/gocrypto/read#leanpub-auto-block-cipher-modes

crypto/key.go

@@ -35,7 +35,7 @@ import (
 )
 
 const (
-	version = "1"
+	version = 3
 )
 
 type Key struct {
@@ -51,24 +51,30 @@ type plainKeyJSON struct {
 	Address    string `json:"address"`
 	PrivateKey string `json:"privatekey"`
 	Id         string `json:"id"`
-	Version    string `json:"version"`
+	Version    int    `json:"version"`
 }
 
-type encryptedKeyJSON struct {
+type encryptedKeyJSONV3 struct {
+	Address string `json:"address"`
+	Crypto  cryptoJSON
+	Id      string `json:"id"`
+	Version int    `json:"version"`
+}
+
+type encryptedKeyJSONV1 struct {
 	Address string `json:"address"`
 	Crypto  cryptoJSON
 	Id      string `json:"id"`
 	Version string `json:"version"`
 }
 
 type cryptoJSON struct {
-	Cipher       string           `json:"cipher"`
-	CipherText   string           `json:"ciphertext"`
-	CipherParams cipherparamsJSON `json:"cipherparams"`
-	KDF          string           `json:"kdf"`
-	KDFParams    scryptParamsJSON `json:"kdfparams"`
-	MAC          string           `json:"mac"`
-	Version      string           `json:"version"`
+	Cipher       string                 `json:"cipher"`
+	CipherText   string                 `json:"ciphertext"`
+	CipherParams cipherparamsJSON       `json:"cipherparams"`
+	KDF          string                 `json:"kdf"`
+	KDFParams    map[string]interface{} `json:"kdfparams"`
+	MAC          string                 `json:"mac"`
 }
 
 type cipherparamsJSON struct {