keys

package
v0.21.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 13, 2018 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Examples

Constants

View Source
const (
	// Secp256k1 uses the Bitcoin secp256k1 ECDSA parameters.
	Secp256k1 = SigningAlgo("secp256k1")
	// Ed25519 represents the Ed25519 signature system.
	// It is currently not supported for end-user keys (wallets/ledgers).
	Ed25519 = SigningAlgo("ed25519")
)

Variables

View Source
var (
	// ErrUnsupportedSigningAlgo is raised when the caller tries to use a different signing scheme than secp256k1.
	ErrUnsupportedSigningAlgo = errors.New("unsupported signing algo: only secp256k1 is supported")
	// ErrUnsupportedLanguage is raised when the caller tries to use a different language than english for creating
	// a mnemonic sentence.
	ErrUnsupportedLanguage = errors.New("unsupported language: only english is supported")
)
View Source
var BcryptSecurityParameter = 12

Make bcrypt security parameter var, so it can be changed within the lcd test Making the bcrypt security parameter a var shouldn't be a security issue: One can't verify an invalid key by maliciously changing the bcrypt parameter during a runtime vulnerability. The main security threat this then exposes would be something that changes this during runtime before the user creates their key. This vulnerability must succeed to update this to that same value before every subsequent call to gaiacli keys in future startups / or the attacker must get access to the filesystem. However, with a similar threat model (changing variables in runtime), one can cause the user to sign a different tx than what they see, which is a significantly cheaper attack then breaking a bcrypt hash. (Recall that the nonce still exists to break rainbow tables) TODO: Consider increasing default

Functions

This section is empty.

Types

type Info

type Info interface {
	// Human-readable type for key listing
	GetType() string
	// Name of the key
	GetName() string
	// Public key
	GetPubKey() crypto.PubKey
}

Info is the publicly exposed information about a keypair

type Keybase

type Keybase interface {

	// CRUD on the keystore
	List() ([]Info, error)
	Get(name string) (Info, error)
	Delete(name, passphrase string) error

	// Sign some bytes, looking up the private key to use
	Sign(name, passphrase string, msg []byte) (crypto.Signature, crypto.PubKey, error)

	// CreateMnemonic creates a new mnemonic, and derives a hierarchical deterministic
	// key from that.
	CreateMnemonic(name string, language Language, passwd string, algo SigningAlgo) (info Info, seed string, err error)
	// CreateKey takes a mnemonic and derives, a password. This method is temporary
	CreateKey(name, mnemonic, passwd string) (info Info, err error)
	// CreateFundraiserKey takes a mnemonic and derives, a password
	CreateFundraiserKey(name, mnemonic, passwd string) (info Info, err error)
	// Derive derives a key from the passed mnemonic using a BIP44 path.
	Derive(name, mnemonic, passwd string, params hd.BIP44Params) (Info, error)
	// Create, store, and return a new Ledger key reference
	CreateLedger(name string, path ccrypto.DerivationPath, algo SigningAlgo) (info Info, err error)

	// Create, store, and return a new offline key reference
	CreateOffline(name string, pubkey crypto.PubKey) (info Info, err error)

	// The following operations will *only* work on locally-stored keys
	Update(name, oldpass string, getNewpass func() (string, error)) error
	Import(name string, armor string) (err error)
	ImportPubKey(name string, armor string) (err error)
	Export(name string) (armor string, err error)
	ExportPubKey(name string) (armor string, err error)

	// *only* works on locally-stored keys. Temporary method until we redo the exporting API
	ExportPrivateKeyObject(name string, passphrase string) (crypto.PrivKey, error)
}

Keybase exposes operations on a generic keystore

func New

func New(db dbm.DB) Keybase

New creates a new keybase instance using the passed DB for reading and writing keys.

Example
// Select the encryption and storage for your cryptostore
cstore := New(
	dbm.NewMemDB(),
)

sec := Secp256k1

// Add keys and see they return in alphabetical order
bob, _, err := cstore.CreateMnemonic("Bob", English, "friend", sec)
if err != nil {
	// this should never happen
	fmt.Println(err)
} else {
	// return info here just like in List
	fmt.Println(bob.GetName())
}
cstore.CreateMnemonic("Alice", English, "secret", sec)
cstore.CreateMnemonic("Carl", English, "mitm", sec)
info, _ := cstore.List()
for _, i := range info {
	fmt.Println(i.GetName())
}

// We need to use passphrase to generate a signature
tx := []byte("deadbeef")
sig, pub, err := cstore.Sign("Bob", "friend", tx)
if err != nil {
	fmt.Println("don't accept real passphrase")
}

// and we can validate the signature with publicly available info
binfo, _ := cstore.Get("Bob")
if !binfo.GetPubKey().Equals(bob.GetPubKey()) {
	fmt.Println("Get and Create return different keys")
}

if pub.Equals(binfo.GetPubKey()) {
	fmt.Println("signed by Bob")
}
if !pub.VerifyBytes(tx, sig) {
	fmt.Println("invalid signature")
}
Output:

Bob
Alice
Bob
Carl
signed by Bob

type Language

type Language int

Language is a language to create the BIP 39 mnemonic in. Currently, only english is supported though. Find a list of all supported languages in the BIP 39 spec (word lists).

const (
	// English is the default language to create a mnemonic.
	// It is the only supported language by this package.
	English Language = iota + 1
	// Japanese is currently not supported.
	Japanese
	// Korean is currently not supported.
	Korean
	// Spanish is currently not supported.
	Spanish
	// ChineseSimplified is currently not supported.
	ChineseSimplified
	// ChineseTraditional is currently not supported.
	ChineseTraditional
	// French is currently not supported.
	French
	// Italian is currently not supported.
	Italian
)

type SigningAlgo

type SigningAlgo string

SigningAlgo defines an algorithm to derive key-pairs which can be used for cryptographic signing.

Directories

Path Synopsis
Package hd provides basic functionality Hierarchical Deterministic Wallets.
Package hd provides basic functionality Hierarchical Deterministic Wallets.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL