Key Manager

- keypair, keyring:
-- consistent naming of methods
-- error propagation
-- no panic
- keyManager: persist, import, export, initialize and (re)set keyring
- no global public "singleton" keyring, instead interface via keyManager
- keys test
- KeyStore interface, DB and File store implementations
This commit is contained in:
zelig 2014-06-29 16:02:23 +01:00
parent e1ea41ee9c
commit 772e7e8c8d
5 changed files with 514 additions and 0 deletions

121
ethcrypto/key_manager.go Normal file

@ -0,0 +1,121 @@
package ethcrypto
import (
"fmt"
"github.com/ethereum/eth-go/ethutil"
"sync"
)
type KeyManager struct {
keyRing *KeyRing
session string
keyStore KeyStore // interface
keyRings map[string]*KeyRing // cache
keyPair *KeyPair
}
func NewDBKeyManager(db ethutil.Database) *KeyManager {
return &KeyManager{keyStore: &DBKeyStore{db: db}, keyRings: make(map[string]*KeyRing)}
}
func NewFileKeyManager(basedir string) *KeyManager {
return &KeyManager{keyStore: &FileKeyStore{basedir: basedir}, keyRings: make(map[string]*KeyRing)}
}
func (k *KeyManager) KeyPair() *KeyPair {
return k.keyPair
}
func (k *KeyManager) KeyRing() *KeyPair {
return k.keyPair
}
func (k *KeyManager) PrivateKey() []byte {
return k.keyPair.PrivateKey
}
func (k *KeyManager) PublicKey() []byte {
return k.keyPair.PublicKey
}
func (k *KeyManager) Address() []byte {
return k.keyPair.Address()
}
func (k *KeyManager) save(session string, keyRing *KeyRing) error {
err := k.keyStore.Save(session, keyRing)
if err != nil {
return err
}
k.keyRings[session] = keyRing
return nil
}
func (k *KeyManager) load(session string) (*KeyRing, error) {
keyRing, found := k.keyRings[session]
if !found {
var err error
keyRing, err = k.keyStore.Load(session)
if err != nil {
return nil, err
}
}
return keyRing, nil
}
func cursorError(cursor int, len int) error {
return fmt.Errorf("cursor %d out of range (0..%d)", cursor, len)
}
func (k *KeyManager) reset(session string, cursor int, keyRing *KeyRing) error {
if cursor >= keyRing.Len() {
return cursorError(cursor, keyRing.Len())
}
lock := &sync.Mutex{}
lock.Lock()
defer lock.Unlock()
err := k.save(session, keyRing)
if err != nil {
return err
}
k.session = session
k.keyRing = keyRing
k.keyPair = keyRing.GetKeyPair(cursor)
return nil
}
func (k *KeyManager) SetCursor(cursor int) error {
if cursor >= k.keyRing.Len() {
return cursorError(cursor, k.keyRing.Len())
}
k.keyPair = k.keyRing.GetKeyPair(cursor)
return nil
}
func (k *KeyManager) Init(session string, cursor int, force bool) error {
var keyRing *KeyRing
if !force {
var err error
keyRing, err = k.load(session)
if err != nil {
return err
}
}
if keyRing == nil {
keyRing = NewGeneratedKeyRing(1)
}
return k.reset(session, cursor, keyRing)
}
func (k *KeyManager) InitFromSecretsFile(session string, cursor int, secretsfile string) error {
keyRing, err := NewKeyRingFromFile(secretsfile)
if err != nil {
return err
}
return k.reset(session, cursor, keyRing)
}
func (k *KeyManager) Export(dir string) error {
fileKeyStore := FileKeyStore{dir}
return fileKeyStore.Save(k.session, k.keyRing)
}

112
ethcrypto/key_store.go Normal file

@ -0,0 +1,112 @@
package ethcrypto
import (
"fmt"
"github.com/ethereum/eth-go/ethutil"
"io/ioutil"
"os"
"path"
"strings"
)
type KeyStore interface {
Load(string) (*KeyRing, error)
Save(string, *KeyRing) error
}
type DBKeyStore struct {
db ethutil.Database
}
const dbKeyPrefix = "KeyRing"
func (k *DBKeyStore) dbKey(session string) []byte {
return []byte(fmt.Sprintf("%s%s", dbKeyPrefix, session))
}
func (k *DBKeyStore) Save(session string, keyRing *KeyRing) error {
k.db.Put(k.dbKey(session), keyRing.RlpEncode())
return nil
}
func (k *DBKeyStore) Load(session string) (*KeyRing, error) {
data, err := k.db.Get(k.dbKey(session))
if err != nil {
return nil, err
}
var keyRing *KeyRing
keyRing, err = NewKeyRingFromBytes(data)
if err != nil {
return nil, err
}
// if empty keyRing is found we return nil, no error
if keyRing.Len() == 0 {
return nil, nil
}
return keyRing, nil
}
type FileKeyStore struct {
basedir string
}
func (k *FileKeyStore) Save(session string, keyRing *KeyRing) error {
var content []byte
var err error
var privateKeys []string
var publicKeys []string
var mnemonics []string
var addresses []string
keyRing.Each(func(keyPair *KeyPair) {
privateKeys = append(privateKeys, ethutil.Bytes2Hex(keyPair.PrivateKey))
publicKeys = append(publicKeys, ethutil.Bytes2Hex(keyPair.PublicKey))
addresses = append(addresses, ethutil.Bytes2Hex(keyPair.Address()))
mnemonics = append(mnemonics, strings.Join(MnemonicEncode(ethutil.Bytes2Hex(keyPair.PrivateKey)), " "))
})
basename := session
if session == "" {
basename = "default"
}
path := path.Join(k.basedir, basename)
content = []byte(strings.Join(privateKeys, "\n"))
err = ioutil.WriteFile(path+".prv", content, 0600)
if err != nil {
return err
}
content = []byte(strings.Join(publicKeys, "\n"))
err = ioutil.WriteFile(path+".pub", content, 0644)
if err != nil {
return err
}
content = []byte(strings.Join(addresses, "\n"))
err = ioutil.WriteFile(path+".addr", content, 0644)
if err != nil {
return err
}
content = []byte(strings.Join(mnemonics, "\n"))
err = ioutil.WriteFile(path+".mne", content, 0600)
if err != nil {
return err
}
return nil
}
func (k *FileKeyStore) Load(session string) (*KeyRing, error) {
basename := session
if session == "" {
basename = "default"
}
secfile := path.Join(k.basedir, basename+".prv")
_, err := os.Stat(secfile)
// if file is not found then we return nil, no error
if err != nil {
return nil, nil
}
return NewKeyRingFromFile(secfile)
}

41
ethcrypto/keypair.go Normal file

@ -0,0 +1,41 @@
package ethcrypto
import (
"github.com/ethereum/eth-go/ethutil"
"github.com/obscuren/secp256k1-go"
)
type KeyPair struct {
PrivateKey []byte
PublicKey []byte
// The associated account
// account *StateObject
}
func GenerateNewKeyPair() *KeyPair {
_, prv := secp256k1.GenerateKeyPair()
keyPair, _ := NewKeyPairFromSec(prv) // swallow error, this one cannot err
return keyPair
}
func NewKeyPairFromSec(seckey []byte) (*KeyPair, error) {
pubkey, err := secp256k1.GeneratePubKey(seckey)
if err != nil {
return nil, err
}
return &KeyPair{PrivateKey: seckey, PublicKey: pubkey}, nil
}
func (k *KeyPair) Address() []byte {
return Sha3Bin(k.PublicKey[1:])[12:]
}
func (k *KeyPair) RlpEncode() []byte {
return k.RlpValue().Encode()
}
func (k *KeyPair) RlpValue() *ethutil.Value {
return ethutil.NewValue(k.PrivateKey)
}

118
ethcrypto/keyring.go Normal file

@ -0,0 +1,118 @@
package ethcrypto
import (
"fmt"
"github.com/ethereum/eth-go/ethutil"
"io/ioutil"
"strings"
)
type KeyRing struct {
keys []*KeyPair
}
func NewKeyRing() *KeyRing {
return &KeyRing{}
}
func (k *KeyRing) AddKeyPair(keyPair *KeyPair) {
k.keys = append(k.keys, keyPair)
}
func (k *KeyRing) GetKeyPair(i int) *KeyPair {
if len(k.keys) > i {
return k.keys[i]
}
return nil
}
func (k *KeyRing) Empty() bool {
return k.Len() == 0
}
func (k *KeyRing) Len() int {
return len(k.keys)
}
func (k *KeyRing) Each(f func(*KeyPair)) {
for _, keyPair := range k.keys {
f(keyPair)
}
}
func NewGeneratedKeyRing(len int) *KeyRing {
keyRing := NewKeyRing()
for i := 0; i < len; i++ {
keyRing.AddKeyPair(GenerateNewKeyPair())
}
return keyRing
}
func NewKeyRingFromFile(secfile string) (*KeyRing, error) {
var content []byte
var err error
content, err = ioutil.ReadFile(secfile)
if err != nil {
return nil, err
}
keyRing, err := NewKeyRingFromString(string(content))
if err != nil {
return nil, err
}
return keyRing, nil
}
func NewKeyRingFromString(content string) (*KeyRing, error) {
secretStrings := strings.Split(content, "\n")
var secrets [][]byte
for _, secretString := range secretStrings {
secret := secretString
words := strings.Split(secretString, " ")
if len(words) == 24 {
secret = MnemonicDecode(words)
} else if len(words) != 1 {
return nil, fmt.Errorf("Unrecognised key format")
}
secrets = append(secrets, ethutil.Hex2Bytes(secret))
}
return NewKeyRingFromSecrets(secrets)
}
func NewKeyRingFromSecrets(secs [][]byte) (*KeyRing, error) {
keyRing := NewKeyRing()
for _, sec := range secs {
keyPair, err := NewKeyPairFromSec(sec)
if err != nil {
return nil, err
}
keyRing.AddKeyPair(keyPair)
}
return keyRing, nil
}
func NewKeyRingFromBytes(data []byte) (*KeyRing, error) {
var secrets [][]byte
it := ethutil.NewValueFromBytes(data).NewIterator()
for it.Next() {
secret := it.Value().Bytes()
secrets = append(secrets, secret)
}
keyRing, err := NewKeyRingFromSecrets(secrets)
if err != nil {
return nil, err
}
return keyRing, nil
}
func (k *KeyRing) RlpEncode() []byte {
return k.RlpValue().Encode()
}
func (k *KeyRing) RlpValue() *ethutil.Value {
v := ethutil.EmptyValue()
k.Each(func(keyPair *KeyPair) {
v.Append(keyPair.RlpValue())
})
return v
}

122
ethcrypto/keys_test.go Normal file

@ -0,0 +1,122 @@
package ethcrypto
import (
"github.com/ethereum/eth-go/ethdb"
// "io/ioutil"
"fmt"
"os"
"path"
"testing"
)
// test if persistence layer works
func TestDBKeyManager(t *testing.T) {
memdb, _ := ethdb.NewMemDatabase()
keyManager0 := NewDBKeyManager(memdb)
err := keyManager0.Init("", 0, false)
if err != nil {
t.Error("Unexpected error: ", err)
}
keyManager1 := NewDBKeyManager(memdb)
err = keyManager1.Init("", 0, false)
if err != nil {
t.Error("Unexpected error: ", err)
}
if string(keyManager0.PrivateKey()) != string(keyManager1.PrivateKey()) {
t.Error("Expected private keys %x, %x, to be identical via db persistence", keyManager0.PrivateKey(), keyManager1.PrivateKey())
}
err = keyManager1.Init("", 0, true)
if err != nil {
t.Error("Unexpected error: ", err)
}
if string(keyManager0.PrivateKey()) == string(keyManager1.PrivateKey()) {
t.Error("Expected private keys %x, %x, to be be different despite db persistence if force generate", keyManager0.PrivateKey(), keyManager1.PrivateKey())
}
}
func TestFileKeyManager(t *testing.T) {
basedir0 := "/tmp/ethtest0"
os.RemoveAll(basedir0)
os.Mkdir(basedir0, 0777)
keyManager0 := NewFileKeyManager(basedir0)
err := keyManager0.Init("", 0, false)
if err != nil {
t.Error("Unexpected error: ", err)
}
keyManager1 := NewFileKeyManager(basedir0)
err = keyManager1.Init("", 0, false)
if err != nil {
t.Error("Unexpected error: ", err)
}
if string(keyManager0.PrivateKey()) != string(keyManager1.PrivateKey()) {
t.Error("Expected private keys %x, %x, to be identical via db persistence", keyManager0.PrivateKey(), keyManager1.PrivateKey())
}
err = keyManager1.Init("", 0, true)
if err != nil {
t.Error("Unexpected error: ", err)
}
if string(keyManager0.PrivateKey()) == string(keyManager1.PrivateKey()) {
t.Error("Expected private keys %x, %x, to be be different despite db persistence if force generate", keyManager0.PrivateKey(), keyManager1.PrivateKey())
}
}
// cursor errors
func TestCursorErrors(t *testing.T) {
memdb, _ := ethdb.NewMemDatabase()
keyManager0 := NewDBKeyManager(memdb)
err := keyManager0.Init("", 0, false)
err = keyManager0.Init("", 1, false)
if err == nil {
t.Error("Expected cursor error")
}
err = keyManager0.SetCursor(1)
if err == nil {
t.Error("Expected cursor error")
}
}
func TestExportImport(t *testing.T) {
memdb, _ := ethdb.NewMemDatabase()
keyManager0 := NewDBKeyManager(memdb)
err := keyManager0.Init("", 0, false)
basedir0 := "/tmp/ethtest0"
os.RemoveAll(basedir0)
os.Mkdir(basedir0, 0777)
keyManager0.Export(basedir0)
keyManager1 := NewFileKeyManager(basedir0)
err = keyManager1.Init("", 0, false)
if err != nil {
t.Error("Unexpected error: ", err)
}
fmt.Printf("keyRing: %v\n", keyManager0.KeyPair())
fmt.Printf("keyRing: %v\n", keyManager1.KeyPair())
if string(keyManager0.PrivateKey()) != string(keyManager1.PrivateKey()) {
t.Error("Expected private keys %x, %x, to be identical via export to filestore basedir", keyManager0.PrivateKey(), keyManager1.PrivateKey())
}
path.Join("")
// memdb, _ = ethdb.NewMemDatabase()
// keyManager2 := NewDBKeyManager(memdb)
// err = keyManager2.InitFromSecretsFile("", 0, path.Join(basedir0, "default.prv"))
// if err != nil {
// t.Error("Unexpected error: ", err)
// }
// if string(keyManager0.PrivateKey()) != string(keyManager2.PrivateKey()) {
// t.Error("Expected private keys %s, %s, to be identical via export/import prv", keyManager0.PrivateKey(), keyManager1.PrivateKey())
// }
// memdb, _ = ethdb.NewMemDatabase()
// keyManager3 := NewDBKeyManager(memdb)
// err = keyManager3.InitFromSecretsFile("", 0, path.Join(basedir0, "default.mne"))
// if err != nil {
// t.Error("Unexpected error: ", err)
// }
// if string(keyManager0.PrivateKey()) != string(keyManager3.PrivateKey()) {
// t.Error("Expected private keys %s, %s, to be identical via export/import mnemonic file", keyManager0.PrivateKey(), keyManager1.PrivateKey())
// }
}