Compare commits

..

3 Commits

Author SHA1 Message Date
3a94f7e5a2 Merge pull request 'Ida/pbkdf2' (#1) from Ida/pbkdf2 into master
Reviewed-on: idaapayo/funga-eth#1
2022-01-19 13:52:48 +00:00
1f5d057a9a second pbkdf2 implementation 2022-01-19 14:37:22 +03:00
01598a8c59 pkdf2 implementation 2022-01-19 13:49:29 +03:00
11 changed files with 52 additions and 201 deletions

View File

@ -1,16 +0,0 @@
* 0.6.2
- Enable signing of binary message
* 0.6.1
- Avoid padding of addresses missing one nibble
* 0.6.0
- Upgrade confini
* 0.5.4
- Add message signer cli
- Add pbkdf2 support
- Add -0 flag for omitting newline on output
- Revert RLP to 2.0.1, to not break eth-tester in dependents
* 0.5.3
- Upgrade RLP to 3.0.0 (eliminates really annoying cytoolz warning on stdout)
---
changelog before 0.5.3 will be written later, sorry

View File

@ -41,7 +41,7 @@ def private_key_to_address(pk, result_format='hex'):
def is_address(address_hex): def is_address(address_hex):
try: try:
address_hex = strip_0x(address_hex, pad=False) address_hex = strip_0x(address_hex)
except ValueError: except ValueError:
return False return False
return len(address_hex) == 40 return len(address_hex) == 40
@ -57,10 +57,10 @@ def is_checksum_address(address_hex):
def to_checksum_address(address_hex): def to_checksum_address(address_hex):
address_hex = strip_0x(address_hex, pad=False) address_hex = strip_0x(address_hex)
address_hex = uniform(address_hex)
if len(address_hex) != 40: if len(address_hex) != 40:
raise ValueError('Invalid address length') raise ValueError('Invalid address length')
address_hex = uniform(address_hex)
h = sha3.keccak_256() h = sha3.keccak_256()
h.update(address_hex.encode('utf-8')) h.update(address_hex.encode('utf-8'))
z = h.digest() z = h.digest()

View File

@ -28,7 +28,7 @@ hash_keywords = [
'pbkdf2' 'pbkdf2'
] ]
default_scrypt_kdfparams = { default_kdfparams = {
'dklen': 32, 'dklen': 32,
'n': 1 << 18, 'n': 1 << 18,
'p': 1, 'p': 1,
@ -36,7 +36,7 @@ default_scrypt_kdfparams = {
'salt': os.urandom(32).hex(), 'salt': os.urandom(32).hex(),
} }
default_pbkdf2_kdfparams = { pbkdf2_kdfparams = {
'c': 100000, 'c': 100000,
'dklen': 32, 'dklen': 32,
'prf': 'sha256', 'prf': 'sha256',
@ -53,7 +53,7 @@ def to_mac(mac_key, ciphertext_bytes):
class Hashes: class Hashes:
@staticmethod @staticmethod
def from_scrypt(kdfparams=default_scrypt_kdfparams, passphrase=''): def from_scrypt(kdfparams=default_kdfparams, passphrase=''):
dklen = int(kdfparams['dklen']) dklen = int(kdfparams['dklen'])
n = int(kdfparams['n']) n = int(kdfparams['n'])
p = int(kdfparams['p']) p = int(kdfparams['p'])
@ -64,17 +64,21 @@ class Hashes:
dklen=dklen) dklen=dklen)
@staticmethod @staticmethod
def from_pbkdf2(kdfparams=default_pbkdf2_kdfparams, passphrase=''): def from_pbkdf2(kdfparams=pbkdf2_kdfparams, passphrase=''):
if kdfparams['prf'] == 'hmac-sha256': hashname = kdfparams['prf']
kdfparams['prf'].replace('hmac-sha256','sha256') pwd = passphrase.encode('utf-8')
salt = bytes.fromhex(kdfparams['salt'])
itr = int(kdfparams['c'])
dklen = int(kdfparams['dklen'])
derived_key = hashlib.pbkdf2_hmac( derived_key = hashlib.pbkdf2_hmac(
hash_name='sha256', hash_name=hashname,
password=passphrase.encode('utf-8'), password=pwd,
salt=bytes.fromhex(kdfparams['salt']), salt=salt,
iterations=int(kdfparams['c']), iterations=itr,
dklen=int(kdfparams['dklen']) dklen=dklen
) )
return derived_key return derived_key
@ -97,12 +101,12 @@ class Ciphers:
return ciphertext return ciphertext
def to_dict(private_key_bytes, kdf='scrypt', passphrase=''): def to_dict(private_key_bytes, kdf :str, passphrase=''):
private_key = coincurve.PrivateKey(secret=private_key_bytes) private_key = coincurve.PrivateKey(secret=private_key_bytes)
if kdf == 'scrypt': if kdf == 'scrypt':
encryption_key = Hashes.from_scrypt(passphrase=passphrase) encryption_key = Hashes.from_scrypt(passphrase=passphrase)
kdfparams = default_scrypt_kdfparams kdfparams = default_kdfparams
elif kdf == 'pbkdf2': elif kdf == 'pbkdf2':
encryption_key = Hashes.from_pbkdf2(passphrase=passphrase) encryption_key = Hashes.from_pbkdf2(passphrase=passphrase)

View File

@ -16,8 +16,10 @@ from funga.eth.keystore.keyfile import (
from_file, from_file,
to_dict, to_dict,
) )
# from testkeyfile import (
# from_file,
# to_dict
# )
from funga.eth.encoding import ( from funga.eth.encoding import (
private_key_to_address, private_key_to_address,
private_key_from_bytes, private_key_from_bytes,
@ -30,7 +32,6 @@ logg = logging.getLogger()
argparser = argparse.ArgumentParser() argparser = argparse.ArgumentParser()
argparser.add_argument('-d', '--decrypt', dest='d', type=str, help='decrypt file') argparser.add_argument('-d', '--decrypt', dest='d', type=str, help='decrypt file')
argparser.add_argument('--private-key', dest='private_key', action='store_true', help='output private key instead of address') argparser.add_argument('--private-key', dest='private_key', action='store_true', help='output private key instead of address')
argparser.add_argument('-0', dest='nonl', action='store_true', help='no newline at end of output')
argparser.add_argument('-z', action='store_true', help='zero-length password') argparser.add_argument('-z', action='store_true', help='zero-length password')
argparser.add_argument('-k', type=str, help='load key from file') argparser.add_argument('-k', type=str, help='load key from file')
argparser.add_argument('-v', action='store_true', help='be verbose') argparser.add_argument('-v', action='store_true', help='be verbose')
@ -80,12 +81,10 @@ def main():
else: else:
pk_bytes = os.urandom(32) pk_bytes = os.urandom(32)
pk = coincurve.PrivateKey(secret=pk_bytes) pk = coincurve.PrivateKey(secret=pk_bytes)
o = to_dict(pk_bytes, passphrase=passphrase) o = to_dict(pk_bytes, 'pbkdf2', passphrase)
r = json.dumps(o) r = json.dumps(o)
if not args.nonl: print(r)
r += "\n"
sys.stdout.write(r)
if __name__ == '__main__': if __name__ == '__main__':

View File

@ -1,62 +0,0 @@
# standard imports
import os
import logging
import sys
import json
import argparse
import getpass
# external impors
import coincurve
from hexathon import strip_0x
# local imports
from funga.error import DecryptError
from funga.eth.keystore.dict import DictKeystore
from funga.eth.signer import EIP155Signer
logging.basicConfig(level=logging.WARNING)
logg = logging.getLogger()
argparser = argparse.ArgumentParser()
argparser.add_argument('-f', type=str, help='Keyfile to use for signing')
argparser.add_argument('-z', action='store_true', help='zero-length password')
argparser.add_argument('-v', action='store_true', help='be verbose')
argparser.add_argument('-0', dest='nonl', action='store_true', help='no newline at end of output')
argparser.add_argument('-b', '--binary', dest='binary', action='store_true', help='parse input as binary hex')
argparser.add_argument('msg', type=str, help='Message to sign')
args = argparser.parse_args()
if args.v:
logg.setLevel(logging.DEBUG)
def main():
passphrase = os.environ.get('WALLET_PASSPHRASE', os.environ.get('PASSPHRASE'))
if args.z:
passphrase = ''
if passphrase == None:
passphrase = getpass.getpass('decryption phrase: ')
keystore = DictKeystore()
address = keystore.import_keystore_file(args.f, password=passphrase)
signer = EIP155Signer(keystore)
msg = None
if args.binary:
hx = strip_0x(args.msg, pad=True)
msg = bytes.fromhex(hx)
else:
msg = args.msg.encode('utf-8').hex()
sig = signer.sign_ethereum_message(address, msg, password=passphrase)
r = sig.hex()
if not args.nonl:
r += "\n"
sys.stdout.write(r)
if __name__ == '__main__':
main()

View File

@ -1,10 +1,9 @@
cryptography==3.2.1 cryptography==3.2.1
pysha3==1.0.2 pysha3==1.0.2
rlp==2.0.1 rlp==2.0.1
#rlp==3.0.0
json-rpc==1.13.0 json-rpc==1.13.0
confini~=0.6.0 confini~=0.5.1
coincurve==15.0.0 coincurve==15.0.0
hexathon~=0.1.6 hexathon~=0.1.0
pycryptodome==3.10.1 pycryptodome==3.10.1
funga==0.5.2 funga==0.5.1

View File

@ -33,7 +33,7 @@ f.close()
setup( setup(
name="funga-eth", name="funga-eth",
version="0.6.2", version="0.5.2",
description="Ethereum implementation of the funga keystore and signer", description="Ethereum implementation of the funga keystore and signer",
author="Louis Holbrook", author="Louis Holbrook",
author_email="dev@holbrook.no", author_email="dev@holbrook.no",
@ -55,9 +55,8 @@ setup(
'console_scripts': [ 'console_scripts': [
'funga-ethd=funga.eth.runnable.signer:main', 'funga-ethd=funga.eth.runnable.signer:main',
'eth-keyfile=funga.eth.runnable.keyfile:main', 'eth-keyfile=funga.eth.runnable.keyfile:main',
'eth-sign-msg=funga.eth.runnable.msg:main',
], ],
}, },
url='https://git.grassecon.net/chaintool/funga-eth', url='https://gitlab.com/chaintool/funga-eth',
include_package_data=True, include_package_data=True,
) )

View File

@ -5,18 +5,10 @@ import os
# external imports # external imports
from hexathon import strip_0x from hexathon import strip_0x
from pathlib import Path
import sys
path_root = Path('/home/vincent/ida/grassroots/funga-eth/funga/eth/keystore')
sys.path.append(str(path_root))
print(sys.path)
# local imports # local imports
from funga.eth.signer import EIP155Signer from funga.eth.signer import EIP155Signer
from funga.eth.keystore.dict import DictKeystore from funga.eth.keystore.dict import DictKeystore
from funga.eth.cli.handle import SignRequestHandler from funga.eth.cli.handle import SignRequestHandler
from funga.eth.transaction import EIP155Transaction from funga.eth.transaction import EIP155Transaction
@ -26,30 +18,30 @@ logg = logging.getLogger()
script_dir = os.path.dirname(os.path.realpath(__file__)) script_dir = os.path.dirname(os.path.realpath(__file__))
data_dir = os.path.join(script_dir, 'testdata') data_dir = os.path.join(script_dir, 'testdata')
class TestCli(unittest.TestCase): class TestCli(unittest.TestCase):
def setUp(self): def setUp(self):
# pk = bytes.fromhex('5087503f0a9cc35b38665955eb830c63f778453dd11b8fa5bd04bc41fd2cc6d6') #pk = bytes.fromhex('5087503f0a9cc35b38665955eb830c63f778453dd11b8fa5bd04bc41fd2cc6d6')
# pk_getter = pkGetter(pk) #pk_getter = pkGetter(pk)
self.keystore = DictKeystore() self.keystore = DictKeystore()
SignRequestHandler.keystore = self.keystore SignRequestHandler.keystore = self.keystore
self.signer = EIP155Signer(self.keystore) self.signer = EIP155Signer(self.keystore)
SignRequestHandler.signer = self.signer SignRequestHandler.signer = self.signer
self.handler = SignRequestHandler() self.handler = SignRequestHandler()
def test_new_account(self): def test_new_account(self):
q = { q = {
'id': 0, 'id': 0,
'method': 'personal_newAccount', 'method': 'personal_newAccount',
'params': [''], 'params': [''],
} }
(rpc_id, result) = self.handler.process_input(q) (rpc_id, result) = self.handler.process_input(q)
self.assertTrue(self.keystore.get(result)) self.assertTrue(self.keystore.get(result))
def test_sign_tx(self): def test_sign_tx(self):
keystore_file = os.path.join(data_dir, keystore_file = os.path.join(data_dir, 'UTC--2021-01-08T18-37-01.187235289Z--00a329c0648769a73afac7f9381e08fb43dbea72')
'UTC--2021-01-08T18-37-01.187235289Z--00a329c0648769a73afac7f9381e08fb43dbea72')
sender = self.keystore.import_keystore_file(keystore_file) sender = self.keystore.import_keystore_file(keystore_file)
tx_hexs = { tx_hexs = {
'nonce': '0x', 'nonce': '0x',
@ -70,31 +62,26 @@ class TestCli(unittest.TestCase):
# eth_signTransaction wraps personal_signTransaction, so here we test both already # eth_signTransaction wraps personal_signTransaction, so here we test both already
q = { q = {
'id': 0, 'id': 0,
'method': 'eth_signTransaction', 'method': 'eth_signTransaction',
'params': [tx_s], 'params': [tx_s],
} }
(rpc_id, result) = self.handler.process_input(q) (rpc_id, result) = self.handler.process_input(q)
logg.debug('result {}'.format(result)) logg.debug('result {}'.format(result))
self.assertEqual(strip_0x(result), self.assertEqual(strip_0x(result), 'f86c2a8504a817c8008252089435353535353535353535353535353535353535358203e884deadbeef82466aa0b7c1bbf52f736ada30fe253c7484176f44d6fd097a9720dc85ae5bbc7f060e54a07afee2563b0cf6d00333df51cc62b0d13c63108b2bce54ce2ad24e26ce7b4f25')
'f86c2a8504a817c8008252089435353535353535353535353535353535353535358203e884deadbeef82466aa0b7c1bbf52f736ada30fe253c7484176f44d6fd097a9720dc85ae5bbc7f060e54a07afee2563b0cf6d00333df51cc62b0d13c63108b2bce54ce2ad24e26ce7b4f25')
def test_sign_msg(self): def test_sign_msg(self):
keystore_file = os.path.join(data_dir, keystore_file = os.path.join(data_dir, 'UTC--2021-01-08T18-37-01.187235289Z--00a329c0648769a73afac7f9381e08fb43dbea72')
'UTC--2021-01-08T18-37-01.187235289Z--00a329c0648769a73afac7f9381e08fb43dbea72')
sender = self.keystore.import_keystore_file(keystore_file) sender = self.keystore.import_keystore_file(keystore_file)
q = { q = {
'id': 0, 'id': 0,
'method': 'eth_sign', 'method': 'eth_sign',
'params': [sender, '0xdeadbeef'], 'params': [sender, '0xdeadbeef'],
} }
(rpc_id, result) = self.handler.process_input(q) (rpc_id, result) = self.handler.process_input(q)
logg.debug('result msg {}'.format(result)) logg.debug('result msg {}'.format(result))
self.assertEqual(strip_0x(result), self.assertEqual(strip_0x(result), '50320dda75190a121b7b5979de66edadafd02bdfbe4f6d49552e79c01410d2464aae35e385c0e5b61663ff7b44ef65fa0ac7ad8a57472cf405db399b9dba3e1600')
'50320dda75190a121b7b5979de66edadafd02bdfbe4f6d49552e79c01410d2464aae35e385c0e5b61663ff7b44ef65fa0ac7ad8a57472cf405db399b9dba3e1600')
if __name__ == '__main__': if __name__ == '__main__':

View File

@ -1,59 +0,0 @@
#!/usr/bin/python
# standard imports
import unittest
import logging
import base64
import os
# external imports
from hexathon import (
strip_0x,
add_0x,
)
# local imports
from funga.error import UnknownAccountError
from funga.eth.keystore.dict import DictKeystore
from funga.eth.signer import EIP155Signer
logging.basicConfig(level=logging.DEBUG)
logg = logging.getLogger()
script_dir = os.path.realpath(os.path.dirname(__file__))
class TestDict(unittest.TestCase):
address_hex = None
db = None
def setUp(self):
self.db = DictKeystore()
keystore_filepath = os.path.join(script_dir, 'testdata',
'UTC--2022-01-24T10-34-04Z--cc47ad90-71a0-7fbe-0224-63326e27263a')
address_hex = self.db.import_keystore_file(keystore_filepath, 'test')
self.address_hex = add_0x(address_hex)
def tearDown(self):
pass
def test_get_key(self):
logg.debug('getting {}'.format(strip_0x(self.address_hex)))
pk = self.db.get(strip_0x(self.address_hex), '')
self.assertEqual(self.address_hex.lower(), '0xb8df77e1b4fa142e83bf9706f66fd76ad2a564f8')
bogus_account = os.urandom(20).hex()
with self.assertRaises(UnknownAccountError):
self.db.get(bogus_account, '')
def test_sign_message(self):
s = EIP155Signer(self.db)
z = s.sign_ethereum_message(strip_0x(self.address_hex), b'foo')
logg.debug('zzz {}'.format(str(z)))
if __name__ == '__main__':
unittest.main()

View File

@ -1 +0,0 @@
{"id":"cc47ad90-71a0-7fbe-0224-63326e27263a","version":3,"crypto":{"cipher":"aes-128-ctr","cipherparams":{"iv":"7bff67c888a9878a88e8548a4598322d"},"ciphertext":"0cb0e3c69d224d0a645f2784b64f507e5aecdc7bb8a7ea31963d25e6b8020ccf","kdf":"pbkdf2","kdfparams":{"c":10240,"dklen":32,"prf":"hmac-sha256","salt":"02f8b51b07a66a357c2d812952e6bee70fccc2e6a55e7cbd5c22d97d32fa8873"},"mac":"bb45aaabdb9fbbbde89631444ac39f8d76107381f16591799664274fd5d8c5bb"},"address":"b8df77e1b4fa142e83bf9706f66fd76ad2a564f8","name":"","meta":"{}"}

1
tests/testdata/foo2.json vendored Normal file
View File

@ -0,0 +1 @@
{"address": "a1De08A738F0bD3B261dC41d7E2102599bf648CA", "version": 3, "crypto": {"cipher": "aes-128-ctr", "ciphertext": "2240149943557906e6ee9bcb864d6148dce0c0d8245d1da8d466dcb39edcde6a", "cipherparams": {"iv": "a0c366fdfe86f21a4168b4f12059e7fa"}, "kdf": "pbkdf2", "kdfparams": {"c": 100000, "dklen": 32, "prf": "sha256", "salt": "73cb66c8cf0e60e36f7ec835a057638a17ed315cebb3b691574c32cfed827b6f"}, "mac": "6760ad0841da7976a41f134e021be450baa453efdec8fe5ba7790cfa79d0c14b"}, "id": "22e597ea-777e-11ec-be42-a8a7956d3851"}