allow to choose AES cypher mode for BIP32 keystore

Alex Vlasov · Alex Vlasov · commit 5b8bc8356eb0 · 2018-06-18T19:11:50.000+03:00
diff --git a/web3swift/Contract/Classes/EventFiltering.swift b/web3swift/Contract/Classes/EventFiltering.swift
@@ -140,7 +140,9 @@ internal func parseReceiptForLogs(receipt: TransactionReceipt, contract: Contrac
     let decodedLogs = allLogs.compactMap({ (log) -> EventParserResultProtocol? in
         let (n, d) = contract.parseEvent(log)
         guard let evName = n, let evData = d else {return nil}
-        return EventParserResult(eventName: evName, transactionReceipt: receipt, contractAddress: log.address, decodedResult: evData)
+        var result = EventParserResult(eventName: evName, transactionReceipt: receipt, contractAddress: log.address, decodedResult: evData)
+        result.eventLog = log
+        return result
     }).filter { (res:EventParserResultProtocol?) -> Bool in
         return res != nil && res?.eventName == eventName
     }
diff --git a/web3swift/KeystoreManager/Classes/BIP32Keystore.swift b/web3swift/KeystoreManager/Classes/BIP32Keystore.swift
@@ -90,7 +90,7 @@ public class BIP32Keystore: AbstractKeystore {
         try createNewAccount(parentNode: rootNode, password: password)
     }
     
-    public func createNewAccount(parentNode: HDNode, password: String = "BANKEXFOUNDATION") throws {
+    public func createNewAccount(parentNode: HDNode, password: String = "BANKEXFOUNDATION", aesMode: String = "aes-128-cbc") throws {
         var newIndex = UInt32(0)
         for (p, _) in paths {
             guard let idx = UInt32(p.components(separatedBy: "/").last!) else {continue}
@@ -109,7 +109,7 @@ public class BIP32Keystore: AbstractKeystore {
         }
         paths[newPath] = newAddress
         guard let serializedRootNode = parentNode.serialize(serializePublic: false) else {throw AbstractKeystoreError.keyDerivationError}
-        try encryptDataToStorage(password, data: serializedRootNode)
+        try encryptDataToStorage(password, data: serializedRootNode, aesMode: aesMode)
     }
     
     public func createNewCustomChildAccount(password: String = "BANKEXFOUNDATION", path: String) throws {
@@ -146,10 +146,10 @@ public class BIP32Keystore: AbstractKeystore {
         }
         paths[newPath] = newAddress
         guard let serializedRootNode = rootNode.serialize(serializePublic: false) else {throw AbstractKeystoreError.keyDerivationError}
-        try encryptDataToStorage(password, data: serializedRootNode)
+        try encryptDataToStorage(password, data: serializedRootNode, aesMode: self.keystoreParams!.crypto.cipher)
     }
     
-    fileprivate func encryptDataToStorage(_ password: String, data: Data?, dkLen: Int=32, N: Int = 4096, R: Int = 6, P: Int = 1) throws {
+    fileprivate func encryptDataToStorage(_ password: String, data: Data?, dkLen: Int=32, N: Int = 4096, R: Int = 6, P: Int = 1, aesMode: String = "aes-128-cbc") throws {
         if (data == nil) {
             throw AbstractKeystoreError.encryptionError("Encryption without key data")
         }
@@ -162,16 +162,27 @@ public class BIP32Keystore: AbstractKeystore {
         let last16bytes = derivedKey[(derivedKey.count - 16)...(derivedKey.count-1)]
         let encryptionKey = derivedKey[0...15]
         guard let IV = Data.randomBytes(length: 16) else {throw AbstractKeystoreError.noEntropyError}
-        let aecCipher = try? AES(key: encryptionKey.bytes, blockMode: CBC(iv: IV.bytes), padding: .pkcs7)
-        guard let encryptedKey = try aecCipher?.encrypt(data!.bytes) else {throw AbstractKeystoreError.aesError}
+        var aesCipher : AES?
+        switch aesMode {
+            case "aes-128-cbc":
+                aesCipher = try? AES(key: encryptionKey.bytes, blockMode: CBC(iv: IV.bytes), padding: .pkcs7)
+            case "aes-128-ctr":
+                aesCipher = try? AES(key: encryptionKey.bytes, blockMode: CTR(iv: IV.bytes), padding: .pkcs7)
+            default:
+                aesCipher = nil
+        }
+        if aesCipher == nil {
+            throw AbstractKeystoreError.aesError
+        }
+        guard let encryptedKey = try aesCipher?.encrypt(data!.bytes) else {throw AbstractKeystoreError.aesError}
         let encryptedKeyData = Data(bytes:encryptedKey)
         var dataForMAC = Data()
         dataForMAC.append(last16bytes)
         dataForMAC.append(encryptedKeyData)
         let mac = dataForMAC.sha3(.keccak256)
         let kdfparams = KdfParamsV3(salt: saltData.toHexString(), dklen: dkLen, n: N, p: P, r: R, c: nil, prf: nil)
         let cipherparams = CipherParamsV3(iv: IV.toHexString())
-        let crypto = CryptoParamsV3(ciphertext: encryptedKeyData.toHexString(), cipher: "aes-128-cbc", cipherparams: cipherparams, kdf: "scrypt", kdfparams: kdfparams, mac: mac.toHexString(), version: nil)
+        let crypto = CryptoParamsV3(ciphertext: encryptedKeyData.toHexString(), cipher: aesMode, cipherparams: cipherparams, kdf: "scrypt", kdfparams: kdfparams, mac: mac.toHexString(), version: nil)
         var pathToAddress = [String:String]()
         for (path, address) in paths {
             pathToAddress[path] = address.address
@@ -188,7 +199,7 @@ public class BIP32Keystore: AbstractKeystore {
             throw AbstractKeystoreError.encryptionError("Failed to decrypt a keystore")
         }
         defer {Data.zero(&keyData!)}
-        try self.encryptDataToStorage(newPassword, data: keyData!)
+        try self.encryptDataToStorage(newPassword, data: keyData!, aesMode: self.keystoreParams!.crypto.cipher)
     }
     
     fileprivate func getPrefixNodeData(_ password: String) throws -> Data? {
@@ -206,14 +217,14 @@ public class BIP32Keystore: AbstractKeystore {
             guard let algo = keystorePars.crypto.kdfparams.prf else {return nil}
             var hashVariant:HMAC.Variant?;
             switch algo {
-            case "hmac-sha256" :
-                hashVariant = HMAC.Variant.sha256
-            case "hmac-sha384" :
-                hashVariant = HMAC.Variant.sha384
-            case "hmac-sha512" :
-                hashVariant = HMAC.Variant.sha512
-            default:
-                hashVariant = nil
+                case "hmac-sha256" :
+                    hashVariant = HMAC.Variant.sha256
+                case "hmac-sha384" :
+                    hashVariant = HMAC.Variant.sha384
+                case "hmac-sha512" :
+                    hashVariant = HMAC.Variant.sha512
+                default:
+                    hashVariant = nil
             }
             guard (hashVariant != nil) else {return nil}
             guard let c = keystorePars.crypto.kdfparams.c else {return nil}
@@ -237,14 +248,14 @@ public class BIP32Keystore: AbstractKeystore {
         guard let IV = Data.fromHex(keystorePars.crypto.cipherparams.iv) else {return nil}
         var decryptedPK:Array<UInt8>?
         switch cipher {
-        case "aes-128-ctr":
-            guard let aesCipher = try? AES(key: decryptionKey.bytes, blockMode: CTR(iv: IV.bytes), padding: .pkcs7) else {return nil}
-            decryptedPK = try aesCipher.decrypt(cipherText.bytes)
-        case "aes-128-cbc":
-            guard let aesCipher = try? AES(key: decryptionKey.bytes, blockMode: CBC(iv: IV.bytes), padding: .pkcs7) else {return nil}
-            decryptedPK = try? aesCipher.decrypt(cipherText.bytes)
-        default:
-            return nil
+            case "aes-128-ctr":
+                guard let aesCipher = try? AES(key: decryptionKey.bytes, blockMode: CTR(iv: IV.bytes), padding: .pkcs7) else {return nil}
+                decryptedPK = try aesCipher.decrypt(cipherText.bytes)
+            case "aes-128-cbc":
+                guard let aesCipher = try? AES(key: decryptionKey.bytes, blockMode: CBC(iv: IV.bytes), padding: .pkcs7) else {return nil}
+                decryptedPK = try? aesCipher.decrypt(cipherText.bytes)
+            default:
+                return nil
         }
         guard decryptedPK != nil else {return nil}
         guard decryptedPK?.count == 82 else {return nil}
diff --git a/web3swift/Web3/Classes/Web3+EventParser.swift b/web3swift/Web3/Classes/Web3+EventParser.swift
@@ -219,9 +219,6 @@ extension web3.web3contract.EventParser {
     
 }
 
-
-
-
 extension web3.web3contract {
     public func getIndexedEvents(eventName: String?, filter: EventFilter) -> Result<[EventParserResultProtocol], Web3Error> {
         guard let rawContract = self.contract as? ContractV2 else {return Result.failure(Web3Error.nodeError("ABIv1 is not supported for this method"))}

Original file line number	Diff line number	Diff line change
`@@ -219,9 +219,6 @@ extension web3.web3contract.EventParser {`
`219`	`219`
`220`	`220`	`}`
`221`	`221`
`222`		`-`
`223`		`-`
`224`		`-`
`225`	`222`	`extension web3.web3contract {`
`226`	`223`	`public func getIndexedEvents(eventName: String?, filter: EventFilter) -> Result<[EventParserResultProtocol], Web3Error> {`
`227`	`224`	`guard let rawContract = self.contract as? ContractV2 else {return Result.failure(Web3Error.nodeError("ABIv1 is not supported for this method"))}`