Ida/pbkdf2 #2

Closed
idaapayo wants to merge 8 commits from idaapayo/funga-eth:Ida/pbkdf2 into master
3 changed files with 26 additions and 17 deletions
Showing only changes of commit b20853312d - Show all commits

View File

@ -28,7 +28,7 @@ hash_keywords = [
'pbkdf2' 'pbkdf2'
] ]
default_kdfparams = { default_scrypt_kdfparams = {
'dklen': 32, 'dklen': 32,
'n': 1 << 18, 'n': 1 << 18,
'p': 1, 'p': 1,
@ -53,7 +53,7 @@ def to_mac(mac_key, ciphertext_bytes):
class Hashes: class Hashes:
@staticmethod @staticmethod
def from_scrypt(kdfparams=default_kdfparams, passphrase=''): def from_scrypt(kdfparams=default_scrypt_kdfparams, passphrase=''):
dklen = int(kdfparams['dklen']) dklen = int(kdfparams['dklen'])
n = int(kdfparams['n']) n = int(kdfparams['n'])
p = int(kdfparams['p']) p = int(kdfparams['p'])
@ -65,20 +65,16 @@ class Hashes:
@staticmethod @staticmethod
def from_pbkdf2(kdfparams=pbkdf2_kdfparams, passphrase=''): def from_pbkdf2(kdfparams=pbkdf2_kdfparams, passphrase=''):
hashname = kdfparams['prf'] if kdfparams['prf'] == 'hmac-sha256':
pwd = passphrase.encode('utf-8') kdfparams['prf'].replace('sha256')
salt = bytes.fromhex(kdfparams['salt'])
itr = int(kdfparams['c'])
dklen = int(kdfparams['dklen'])
derived_key = hashlib.pbkdf2_hmac( derived_key = hashlib.pbkdf2_hmac(
hash_name=hashname, hash_name=kdfparams['prf'],
password=pwd, password=passphrase.encode('utf-8'),
salt=salt, salt=bytes.fromhex(kdfparams['salt']),
iterations=itr, iterations=int(kdfparams['c']),
dklen=dklen dklen=int(kdfparams['dklen'])
) )
return derived_key return derived_key
@ -106,7 +102,7 @@ def to_dict(private_key_bytes, kdf :str, passphrase=''):
if kdf == 'scrypt': if kdf == 'scrypt':
encryption_key = Hashes.from_scrypt(passphrase=passphrase) encryption_key = Hashes.from_scrypt(passphrase=passphrase)
Review

This is a potentially breaking change if this method is being used elsewhere. I suggest we default to scrypt for now.

This is a potentially breaking change if this method is being used elsewhere. I suggest we default to `scrypt` for now.
kdfparams = default_kdfparams kdfparams = default_scrypt_kdfparams
elif kdf == 'pbkdf2': elif kdf == 'pbkdf2':
encryption_key = Hashes.from_pbkdf2(passphrase=passphrase) encryption_key = Hashes.from_pbkdf2(passphrase=passphrase)

View File

@ -16,10 +16,15 @@ from funga.eth.keystore.keyfile import (
from_file, from_file,
to_dict, to_dict,
) )
# from testkeyfile import ( # from pathlib import Path
# import sys
# path_root = Path(__file__).parents[1]
# sys.path.append(str(path_root))
# from keystore.testkeyfile import (
# from_file, # from_file,
# to_dict # to_dict
# ) # )
from funga.eth.encoding import ( from funga.eth.encoding import (
private_key_to_address, private_key_to_address,
private_key_from_bytes, private_key_from_bytes,
@ -81,7 +86,7 @@ def main():
else: else:
pk_bytes = os.urandom(32) pk_bytes = os.urandom(32)
pk = coincurve.PrivateKey(secret=pk_bytes) pk = coincurve.PrivateKey(secret=pk_bytes)
o = to_dict(pk_bytes, 'pbkdf2', passphrase) o = to_dict(pk_bytes, 'scrypt', passphrase)
r = json.dumps(o) r = json.dumps(o)
print(r) print(r)

View File

@ -5,10 +5,18 @@ import os
# external imports # external imports
from hexathon import strip_0x, add_0x from hexathon import strip_0x, add_0x
from pathlib import Path
import sys
path_root = Path('/home/vincent/ida/grassroots/funga-eth/funga/eth/keystore')
sys.path.append(str(path_root))
print(sys.path)
# local imports # local imports
from funga.eth.signer import EIP155Signer from funga.eth.signer import EIP155Signer
from funga.eth.keystore.dict import DictKeystore from funga.eth.keystore.dict import DictKeystore
# import dicttest as d
from funga.eth.cli.handle import SignRequestHandler from funga.eth.cli.handle import SignRequestHandler
from funga.eth.transaction import EIP155Transaction from funga.eth.transaction import EIP155Transaction
@ -73,7 +81,7 @@ class TestCli(unittest.TestCase):
'f86c2a8504a817c8008252089435353535353535353535353535353535353535358203e884deadbeef82466aa0b7c1bbf52f736ada30fe253c7484176f44d6fd097a9720dc85ae5bbc7f060e54a07afee2563b0cf6d00333df51cc62b0d13c63108b2bce54ce2ad24e26ce7b4f25') 'f86c2a8504a817c8008252089435353535353535353535353535353535353535358203e884deadbeef82466aa0b7c1bbf52f736ada30fe253c7484176f44d6fd097a9720dc85ae5bbc7f060e54a07afee2563b0cf6d00333df51cc62b0d13c63108b2bce54ce2ad24e26ce7b4f25')
def pbkdf2_test(self): def test_pbkdf2(self):
keystore_filepath = os.path.join(data_dir, 'foo2.json') keystore_filepath = os.path.join(data_dir, 'foo2.json')
address_hex = self.keystore.import_keystore_file(keystore_filepath) address_hex = self.keystore.import_keystore_file(keystore_filepath)
logg.debug('getting {}'.format(address_hex)) logg.debug('getting {}'.format(address_hex))