biglambda
diff --git a/‎exp/main.cpp‎
Lines changed: 198 additions & 29 deletions b/‎exp/main.cpp‎
Lines changed: 198 additions & 29 deletions
diff --git a/‎libdevcore/Common.cpp‎
Lines changed: 1 addition & 1 deletion b/‎libdevcore/Common.cpp‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎libdevcore/FixedHash.h‎
Lines changed: 3 additions & 0 deletions b/‎libdevcore/FixedHash.h‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎libdevcrypto/Common.cpp‎
Lines changed: 12 additions & 16 deletions b/‎libdevcrypto/Common.cpp‎
Lines changed: 12 additions & 16 deletions
diff --git a/‎libdevcrypto/Common.h‎
Lines changed: 4 additions & 4 deletions b/‎libdevcrypto/Common.h‎
Lines changed: 4 additions & 4 deletions
@@ -65,40 +65,54 @@ namespace fs = boost::filesystem;
 #if 1
 
 inline h128 fromUUID(std::string const& _uuid) { return h128(boost::replace_all_copy(_uuid, "-", "")); }
+inline std::string toUUID(h128 const& _uuid) { std::string ret = toHex(_uuid.ref()); for (unsigned i: {20, 16, 12, 8}) ret.insert(ret.begin() + i, '-'); return ret; }
 
-class KeyManager: public Worker
+class KeyStore
 {
 public:
-	KeyManager() { readKeys(); }
-	~KeyManager() {}
+	KeyStore() { readKeys(); }
+	~KeyStore() {}
 
-	Secret secret(h128 const& _uuid, function<std::string()> const& _pass)
+	bytes key(h128 const& _uuid, function<std::string()> const& _pass)
 	{
-		auto rit = m_ready.find(_uuid);
-		if (rit != m_ready.end())
+		auto rit = m_cached.find(_uuid);
+		if (rit != m_cached.end())
 			return rit->second;
 		auto it = m_keys.find(_uuid);
 		if (it == m_keys.end())
-			return Secret();
-		Secret ret(decrypt(it->second, _pass()));
-		if (ret)
-			m_ready[_uuid] = ret;
-		return ret;
+			return bytes();
+		bytes key = decrypt(it->second, _pass());
+		if (!key.empty())
+			m_cached[_uuid] = key;
+		return key;
 	}
 
-	h128 create(std::string const& _pass)
+	h128 import(bytes const& _s, std::string const& _pass)
 	{
-		auto s = Secret::random();
-		h128 r(sha3(s));
-		m_ready[r] = s;
-		m_keys[r] = encrypt(s.asBytes(), _pass);
+		h128 r = h128::random();
+		m_cached[r] = _s;
+		m_keys[r] = encrypt(_s, _pass);
+		writeKeys();
 		return r;
 	}
 
+	// Clear any cached keys.
+	void clearCache() const { m_cached.clear(); }
+
 private:
 	void writeKeys(std::string const& _keysPath = getDataDir("web3") + "/keys")
 	{
-		(void)_keysPath;
+		fs::path p(_keysPath);
+		boost::filesystem::create_directories(p);
+		for (auto const& k: m_keys)
+		{
+			std::string uuid = toUUID(k.first);
+			js::mObject v;
+			v["crypto"] = k.second;
+			v["id"] = uuid;
+			v["version"] = 2;
+			writeFile((p / uuid).string() + ".json", js::write_string(js::mValue(v), true));
+		}
 	}
 
 	void readKeys(std::string const& _keysPath = getDataDir("web3") + "/keys")
@@ -119,16 +133,49 @@ class KeyManager: public Worker
 					else
 						cwarn << "Cannot read key version" << version;
 				}
-				else
-					cwarn << "Invalid JSON in key file" << it->path().string();
+//				else
+//					cwarn << "Invalid JSON in key file" << it->path().string();
 			}
 	}
 
 	static js::mValue encrypt(bytes const& _v, std::string const& _pass)
 	{
-		(void)_v;
-		(void)_pass;
-		return js::mValue();
+		js::mObject ret;
+
+		// KDF info
+		unsigned dklen = 16;
+		unsigned iterations = 262144;
+		bytes salt = h256::random().asBytes();
+		ret["kdf"] = "pbkdf2";
+		{
+			js::mObject params;
+			params["prf"] = "hmac-sha256";
+			params["c"] = (int)iterations;
+			params["salt"] = toHex(salt);
+			params["dklen"] = (int)dklen;
+			ret["kdfparams"] = params;
+		}
+		bytes derivedKey = pbkdf2(_pass, salt, iterations, dklen);
+
+		// cipher info
+		ret["cipher"] = "aes-128-cbc";
+		h128 key(sha3(h128(derivedKey, h128::AlignRight)), h128::AlignRight);
+		h128 iv = h128::random();
+		{
+			js::mObject params;
+			params["iv"] = toHex(iv.ref());
+			ret["cipherparams"] = params;
+		}
+
+		// cipher text
+		bytes cipherText = encryptSymNoAuth(key, iv, &_v);
+		ret["ciphertext"] = toHex(cipherText);
+
+		// and mac.
+		h256 mac = sha3(bytesConstRef(&derivedKey).cropped(derivedKey.size() - 16).toBytes() + cipherText);
+		ret["mac"] = toHex(mac.ref());
+
+		return ret;
 	}
 
 	static bytes decrypt(js::mValue const& _v, std::string const& _pass)
@@ -167,32 +214,154 @@ class KeyManager: public Worker
 		}
 
 		// decrypt
-		bytes ret;
 		if (o["cipher"].get_str() == "aes-128-cbc")
 		{
 			auto params = o["cipherparams"].get_obj();
 			h128 key(sha3(h128(derivedKey, h128::AlignRight)), h128::AlignRight);
 			h128 iv(params["iv"].get_str());
-			decryptSymNoAuth(key, iv, &cipherText, ret);
+			return decryptSymNoAuth(key, iv, &cipherText);
 		}
 		else
 		{
 			cwarn << "Unknown cipher" << o["cipher"].get_str() << "not supported.";
 			return bytes();
 		}
-
-		return ret;
 	}
 
-	mutable std::map<h128, Secret> m_ready;
+	mutable std::map<h128, bytes> m_cached;
 	std::map<h128, js::mValue> m_keys;
 };
 
+class UnknownPassword: public Exception {};
+
+struct KeyInfo
+{
+	h256 passHash;
+	std::string name;
+};
+
+static const auto DontKnowThrow = [](){ BOOST_THROW_EXCEPTION(UnknownPassword()); return std::string(); };
+
+// This one is specifically for Ethereum, but we can make it generic in due course.
+// TODO: hidden-partition style key-store.
+class KeyManager
+{
+public:
+	KeyManager() { m_cachedPasswords[sha3(m_password)] = m_password; }
+	~KeyManager() {}
+
+	void load(std::string const& _pass, std::string const& _keysFile = getDataDir("ethereum") + "/keys.info")
+	{
+		try {
+			bytes salt = contents(_keysFile + ".salt");
+			bytes encKeys = contents(_keysFile);
+			m_key = h128(pbkdf2(_pass, salt, 262144, 16));
+			bytes bs = decryptSymNoAuth(m_key, h128(), &encKeys);
+			RLP s(bs);
+			unsigned version = (unsigned)s[0];
+			if (version == 1)
+			{
+				for (auto const& i: s[1])
+					m_keyInfo[m_addrLookup[(Address)i[0]] = (h128)i[1]] = KeyInfo{(h256)i[2], (std::string)i[3]};
+				for (auto const& i: s[2])
+					m_passwordInfo[(h256)i[0]] = (std::string)i[1];
+				m_password = (string)s[3];
+			}
+		}
+		catch (...) {}
+		m_cachedPasswords[sha3(m_password)] = m_password;
+	}
+
+	// Only use if previously loaded ok.
+	// @returns false if wasn't previously loaded ok.
+	bool save(std::string const& _keysFile = getDataDir("ethereum") + "/keys.info") { if (!m_key) return false; save(m_key, _keysFile); return true; }
+
+	void save(std::string const& _pass, std::string const& _keysFile = getDataDir("ethereum") + "/keys.info")
+	{
+		bytes salt = h256::random().asBytes();
+		writeFile(_keysFile + ".salt", salt);
+		auto key = h128(pbkdf2(_pass, salt, 262144, 16));
+		save(key, _keysFile);
+	}
+
+	void save(h128 const& _key, std::string const& _keysFile = getDataDir("ethereum") + "/keys.info")
+	{
+		RLPStream s(4);
+		s << 1;
+		s.appendList(m_addrLookup.size());
+		for (auto const& i: m_addrLookup)
+			s.appendList(4) << i.first << i.second << m_keyInfo[i.second].passHash << m_keyInfo[i.second].name;
+		s.appendList(m_passwordInfo.size());
+		for (auto const& i: m_passwordInfo)
+			s.appendList(2) << i.first << i.second;
+		s.append(m_password);
+
+		writeFile(_keysFile, encryptSymNoAuth(_key, h128(), &s.out()));
+		m_key = _key;
+	}
+
+	Secret secret(Address const& _address, function<std::string()> const& _pass = DontKnowThrow)
+	{
+		auto it = m_addrLookup.find(_address);
+		if (it == m_addrLookup.end())
+			return Secret();
+		return secret(it->second, _pass);
+	}
+
+	Secret secret(h128 const& _uuid, function<std::string()> const& _pass = DontKnowThrow)
+	{
+		return Secret(m_store.key(_uuid, [&](){
+			auto it = m_cachedPasswords.find(m_keyInfo[_uuid].passHash);
+			if (it == m_cachedPasswords.end())
+			{
+				std::string p = _pass();
+				m_cachedPasswords[sha3(p)] = p;
+				return p;
+			}
+			else
+				return it->second;
+		}));
+	}
+
+	h128 import(Secret const& _s, std::string const& _pass, string const& _info = std::string(), string const& _passInfo = std::string())
+	{
+		Address addr = KeyPair(_s).address();
+		auto passHash = sha3(_pass);
+		m_cachedPasswords[passHash] = _pass;
+		m_passwordInfo[passHash] = _passInfo;
+		auto uuid = m_store.import(_s.asBytes(), _pass);
+		m_keyInfo[uuid] = KeyInfo{passHash, _info};
+		m_addrLookup[addr] = uuid;
+		return uuid;
+	}
+
+	h128 import(Secret const& _s, std::string const& _info = std::string())
+	{
+		// cache password, remember the key, remember the address
+		return import(_s, m_password, _info, std::string());
+	}
+
+private:
+	// Ethereum keys.
+	std::map<Address, h128> m_addrLookup;
+	std::map<h128, KeyInfo> m_keyInfo;
+	std::map<h256, std::string> m_passwordInfo;
+
+	// Passwords that we're storing.
+	std::map<h256, std::string> m_cachedPasswords;
+
+	// The default password for keys in the keystore - protected by the master password.
+	std::string m_password = asString(h256::random().asBytes());
+
+	KeyStore m_store;
+	h128 m_key;
+};
+
 int main()
 {
-	cdebug << toHex(pbkdf2("password", asBytes("salt"), 1, 20));
 	KeyManager keyman;
-	cdebug << "Secret key for 0498f19a-59db-4d54-ac95-33901b4f1870 is " << keyman.secret(fromUUID("0498f19a-59db-4d54-ac95-33901b4f1870"), [](){ return "foo"; });
+	auto id = fromUUID("441193ae-a767-f1c3-48ba-dd6610db5ed0");
+	cdebug << "Secret key for " << toUUID(id) << "is" << keyman.secret(id, [](){ return "bar"; });
 }
 
 #elif 0
 
@@ -28,7 +28,7 @@ using namespace dev;
 namespace dev
 {
 
-char const* Version = "0.9.15o";
+char const* Version = "0.9.16";
 
 void HasInvariants::checkInvariants() const
 {
 
@@ -113,6 +113,9 @@ class FixedHash
 	/// @returns an abridged version of the hash as a user-readable hex string.
 	std::string abridged() const { return toHex(ref().cropped(0, 4)) + "\342\200\246"; }
 
+	/// @returns an abridged version of the hash as a user-readable hex string.
+	std::string hex() const { return toHex(ref()); }
+
 	/// @returns a mutable byte vector_ref to the object's data.
 	bytesRef ref() { return bytesRef(m_data.data(), N); }
 
 
@@ -112,51 +112,47 @@ bool dev::decryptSym(Secret const& _k, bytesConstRef _cipher, bytes& o_plain)
 	return decrypt(_k, _cipher, o_plain);
 }
 
-h128 dev::encryptSymNoAuth(h128 const& _k, bytesConstRef _plain, bytes& o_cipher)
+std::pair<bytes, h128> dev::encryptSymNoAuth(h128 const& _k, bytesConstRef _plain)
 {
 	h128 iv(Nonce::get());
-	return encryptSymNoAuth(_k, _plain, o_cipher, iv);
+	return make_pair(encryptSymNoAuth(_k, iv, _plain), iv);
 }
 
-h128 dev::encryptSymNoAuth(h128 const& _k, bytesConstRef _plain, bytes& o_cipher, h128 const& _iv)
+bytes dev::encryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _plain)
 {
-	o_cipher.resize(_plain.size());
-
 	const int c_aesKeyLen = 16;
 	SecByteBlock key(_k.data(), c_aesKeyLen);
 	try
 	{
 		CTR_Mode<AES>::Encryption e;
 		e.SetKeyWithIV(key, key.size(), _iv.data());
-		e.ProcessData(o_cipher.data(), _plain.data(), _plain.size());
-		return _iv;
+		bytes ret(_plain.size());
+		e.ProcessData(ret.data(), _plain.data(), _plain.size());
+		return ret;
 	}
 	catch (CryptoPP::Exception& _e)
 	{
 		cerr << _e.what() << endl;
-		o_cipher.resize(0);
-		return h128();
+		return bytes();
 	}
 }
 
-bool dev::decryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _cipher, bytes& o_plaintext)
+bytes dev::decryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _cipher)
 {
-	o_plaintext.resize(_cipher.size());
-	
 	const size_t c_aesKeyLen = 16;
 	SecByteBlock key(_k.data(), c_aesKeyLen);
 	try
 	{
 		CTR_Mode<AES>::Decryption d;
 		d.SetKeyWithIV(key, key.size(), _iv.data());
-		d.ProcessData(o_plaintext.data(), _cipher.data(), _cipher.size());
-		return true;
+		bytes ret(_cipher.size());
+		d.ProcessData(ret.data(), _cipher.data(), _cipher.size());
+		return ret;
 	}
 	catch (CryptoPP::Exception& _e)
 	{
 		cerr << _e.what() << endl;
-		o_plaintext.resize(0);
-		return false;
+		return bytes();
 	}
 }
 
 
@@ -103,13 +103,13 @@ void encryptECIES(Public const& _k, bytesConstRef _plain, bytes& o_cipher);
 bool decryptECIES(Secret const& _k, bytesConstRef _cipher, bytes& o_plaintext);
 
 /// Encrypts payload with random IV/ctr using AES128-CTR.
-h128 encryptSymNoAuth(h128 const& _k, bytesConstRef _plain, bytes& o_cipher);
+std::pair<bytes, h128> encryptSymNoAuth(h128 const& _k, bytesConstRef _plain);
 
 /// Encrypts payload with specified IV/ctr using AES128-CTR.
-h128 encryptSymNoAuth(h128 const& _k, bytesConstRef _plain, bytes& o_cipher, h128 const& _iv);
-	
+bytes encryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _plain);
+
 /// Decrypts payload with specified IV/ctr using AES128-CTR.
-bool decryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _cipher, bytes& o_plaintext);
+bytes decryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _cipher);
 
 /// Recovers Public key from signed message hash.
 Public recover(Signature const& _sig, h256 const& _hash);
Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@ using namespace dev;`
`28`	`28`	`namespace dev`
`29`	`29`	`{`
`30`	`30`
`31`		`-char const* Version = "0.9.15o";`
	`31`	`+char const* Version = "0.9.16";`
`32`	`32`
`33`	`33`	`void HasInvariants::checkInvariants() const`
`34`	`34`	`{`
Original file line number	Diff line number	Diff line change
`@@ -112,51 +112,47 @@ bool dev::decryptSym(Secret const& _k, bytesConstRef _cipher, bytes& o_plain)`
`112`	`112`	`return decrypt(_k, _cipher, o_plain);`
`113`	`113`	`}`
`114`	`114`
`115`		`-h128 dev::encryptSymNoAuth(h128 const& _k, bytesConstRef _plain, bytes& o_cipher)`
	`115`	`+std::pair<bytes, h128> dev::encryptSymNoAuth(h128 const& _k, bytesConstRef _plain)`
`116`	`116`	`{`
`117`	`117`	`h128 iv(Nonce::get());`
`118`		`- return encryptSymNoAuth(_k, _plain, o_cipher, iv);`
	`118`	`+ return make_pair(encryptSymNoAuth(_k, iv, _plain), iv);`
`119`	`119`	`}`
`120`	`120`
`121`		`-h128 dev::encryptSymNoAuth(h128 const& _k, bytesConstRef _plain, bytes& o_cipher, h128 const& _iv)`
	`121`	`+bytes dev::encryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _plain)`
`122`	`122`	`{`
`123`		`- o_cipher.resize(_plain.size());`
`124`		`-`
`125`	`123`	`const int c_aesKeyLen = 16;`
`126`	`124`	`SecByteBlock key(_k.data(), c_aesKeyLen);`
`127`	`125`	`try`
`128`	`126`	`{`
`129`	`127`	`CTR_Mode<AES>::Encryption e;`
`130`	`128`	`e.SetKeyWithIV(key, key.size(), _iv.data());`
`131`		`- e.ProcessData(o_cipher.data(), _plain.data(), _plain.size());`
`132`		`- return _iv;`
	`129`	`+ bytes ret(_plain.size());`
	`130`	`+ e.ProcessData(ret.data(), _plain.data(), _plain.size());`
	`131`	`+ return ret;`
`133`	`132`	`}`
`134`	`133`	`catch (CryptoPP::Exception& _e)`
`135`	`134`	`{`
`136`	`135`	`cerr << _e.what() << endl;`
`137`		`- o_cipher.resize(0);`
`138`		`- return h128();`
	`136`	`+ return bytes();`
`139`	`137`	`}`
`140`	`138`	`}`
`141`	`139`
`142`		`-bool dev::decryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _cipher, bytes& o_plaintext)`
	`140`	`+bytes dev::decryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _cipher)`
`143`	`141`	`{`
`144`		`- o_plaintext.resize(_cipher.size());`
`145`		`-`
`146`	`142`	`const size_t c_aesKeyLen = 16;`
`147`	`143`	`SecByteBlock key(_k.data(), c_aesKeyLen);`
`148`	`144`	`try`
`149`	`145`	`{`
`150`	`146`	`CTR_Mode<AES>::Decryption d;`
`151`	`147`	`d.SetKeyWithIV(key, key.size(), _iv.data());`
`152`		`- d.ProcessData(o_plaintext.data(), _cipher.data(), _cipher.size());`
`153`		`- return true;`
	`148`	`+ bytes ret(_cipher.size());`
	`149`	`+ d.ProcessData(ret.data(), _cipher.data(), _cipher.size());`
	`150`	`+ return ret;`
`154`	`151`	`}`
`155`	`152`	`catch (CryptoPP::Exception& _e)`
`156`	`153`	`{`
`157`	`154`	`cerr << _e.what() << endl;`
`158`		`- o_plaintext.resize(0);`
`159`		`- return false;`
	`155`	`+ return bytes();`
`160`	`156`	`}`
`161`	`157`	`}`
`162`	`158`