Deprecate account management (#10213)

* Extract accounts from ethcore.

* Fix ethcore.

* Get rid of AccountProvider in test_helpers

* Fix rest of the code.

* Re-use EngineSigner, fix tests.

* Simplify EngineSigner to always have an Address.

* Fix RPC tests.

* Add deprecation notice to RPCs.

* Feature to disable accounts.

* extract accounts in RPC

* Run with accounts in tests.

* Fix RPC compilation and tests.

* Fix compilation of the binary.

* Fix compilation of the binary.

* Fix compilation with accounts enabled.

* Fix tests.

* Update submodule.

* Remove android.

* Use derive for Default

* Don't build secretstore by default.

* Add link to issue.

* Refresh Cargo.lock.

* Fix miner tests.

* Update rpc/Cargo.toml

Co-Authored-By: tomusdrw <tomusdrw@users.noreply.github.com>

* Fix private tests.

accounts/src/account_data.rs

@@ -0,0 +1,73 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Account Metadata
+
+use std::{
+	collections::HashMap,
+	time::Instant,
+};
+
+use ethkey::{Address, Password};
+use serde_derive::{Serialize, Deserialize};
+use serde_json;
+
+/// Type of unlock.
+#[derive(Clone, PartialEq)]
+pub enum Unlock {
+	/// If account is unlocked temporarily, it should be locked after first usage.
+	OneTime,
+	/// Account unlocked permanently can always sign message.
+	/// Use with caution.
+	Perm,
+	/// Account unlocked with a timeout
+	Timed(Instant),
+}
+
+/// Data associated with account.
+#[derive(Clone)]
+pub struct AccountData {
+	pub unlock: Unlock,
+	pub password: Password,
+}
+
+/// Collected account metadata
+#[derive(Default, Clone, Debug, PartialEq, Serialize, Deserialize)]
+pub struct AccountMeta {
+	/// The name of the account.
+	pub name: String,
+	/// The rest of the metadata of the account.
+	pub meta: String,
+	/// The 128-bit Uuid of the account, if it has one (brain-wallets don't).
+	pub uuid: Option<String>,
+}
+
+impl AccountMeta {
+	/// Read a hash map of Address -> AccountMeta
+	pub fn read<R>(reader: R) -> Result<HashMap<Address, Self>, serde_json::Error> where
+		R: ::std::io::Read,
+	{
+		serde_json::from_reader(reader)
+	}
+
+	/// Write a hash map of Address -> AccountMeta
+	pub fn write<W>(m: &HashMap<Address, Self>, writer: &mut W) -> Result<(), serde_json::Error> where
+		W: ::std::io::Write,
+	{
+		serde_json::to_writer(writer, m)
+	}
+}
+

accounts/src/error.rs

@@ -0,0 +1,56 @@
+// Copyright 2015-2018 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fmt;
+
+use ethstore::{Error as SSError};
+use hardware_wallet::{Error as HardwareError};
+
+/// Signing error
+#[derive(Debug)]
+pub enum SignError {
+	/// Account is not unlocked
+	NotUnlocked,
+	/// Account does not exist.
+	NotFound,
+	/// Low-level hardware device error.
+	Hardware(HardwareError),
+	/// Low-level error from store
+	SStore(SSError),
+}
+
+impl fmt::Display for SignError {
+	fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+		match *self {
+			SignError::NotUnlocked => write!(f, "Account is locked"),
+			SignError::NotFound => write!(f, "Account does not exist"),
+			SignError::Hardware(ref e) => write!(f, "{}", e),
+			SignError::SStore(ref e) => write!(f, "{}", e),
+		}
+	}
+}
+
+impl From<HardwareError> for SignError {
+	fn from(e: HardwareError) -> Self {
+		SignError::Hardware(e)
+	}
+}
+
+impl From<SSError> for SignError {
+	fn from(e: SSError) -> Self {
+		SignError::SStore(e)
+	}
+}

accounts/src/lib.rs

@@ -0,0 +1,751 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+#![warn(missing_docs)]
+
+//! Account management.
+
+mod account_data;
+mod error;
+mod stores;
+
+#[cfg(not(any(target_os = "linux", target_os = "macos", target_os = "windows")))]
+extern crate fake_hardware_wallet as hardware_wallet;
+
+use self::account_data::{Unlock, AccountData};
+use self::stores::AddressBook;
+
+use std::collections::HashMap;
+use std::time::{Instant, Duration};
+
+use common_types::transaction::{Action, Transaction};
+use ethkey::{Address, Message, Public, Secret, Password, Random, Generator};
+use ethstore::accounts_dir::MemoryDirectory;
+use ethstore::{
+	SimpleSecretStore, SecretStore, EthStore, EthMultiStore,
+	random_string, SecretVaultRef, StoreAccountRef, OpaqueSecret,
+};
+use log::{warn, debug};
+use parking_lot::RwLock;
+
+pub use ethkey::Signature;
+pub use ethstore::{Derivation, IndexDerivation, KeyFile, Error};
+pub use hardware_wallet::{Error as HardwareError, HardwareWalletManager, KeyPath, TransactionInfo};
+
+pub use self::account_data::AccountMeta;
+pub use self::error::SignError;
+
+type AccountToken = Password;
+
+/// Account management settings.
+#[derive(Debug, Default)]
+pub struct AccountProviderSettings {
+	/// Enable hardware wallet support.
+	pub enable_hardware_wallets: bool,
+	/// Use the classic chain key on the hardware wallet.
+	pub hardware_wallet_classic_key: bool,
+	/// Store raw account secret when unlocking the account permanently.
+	pub unlock_keep_secret: bool,
+	/// Disallowed accounts.
+	pub blacklisted_accounts: Vec<Address>,
+}
+
+/// Account management.
+/// Responsible for unlocking accounts.
+pub struct AccountProvider {
+	/// For performance reasons some methods can re-use unlocked secrets.
+	unlocked_secrets: RwLock<HashMap<StoreAccountRef, OpaqueSecret>>,
+	/// Unlocked account data.
+	unlocked: RwLock<HashMap<StoreAccountRef, AccountData>>,
+	/// Address book.
+	address_book: RwLock<AddressBook>,
+	/// Accounts on disk
+	sstore: Box<SecretStore>,
+	/// Accounts unlocked with rolling tokens
+	transient_sstore: EthMultiStore,
+	/// Accounts in hardware wallets.
+	hardware_store: Option<HardwareWalletManager>,
+	/// When unlocking account permanently we additionally keep a raw secret in memory
+	/// to increase the performance of transaction signing.
+	unlock_keep_secret: bool,
+	/// Disallowed accounts.
+	blacklisted_accounts: Vec<Address>,
+}
+
+fn transient_sstore() -> EthMultiStore {
+	EthMultiStore::open(Box::new(MemoryDirectory::default())).expect("MemoryDirectory load always succeeds; qed")
+}
+
+impl AccountProvider {
+	/// Creates new account provider.
+	pub fn new(sstore: Box<SecretStore>, settings: AccountProviderSettings) -> Self {
+		let mut hardware_store = None;
+
+		if settings.enable_hardware_wallets {
+			match HardwareWalletManager::new() {
+				Ok(manager) => {
+					manager.set_key_path(if settings.hardware_wallet_classic_key { KeyPath::EthereumClassic } else { KeyPath::Ethereum });
+					hardware_store = Some(manager)
+				},
+				Err(e) => debug!("Error initializing hardware wallets: {}", e),
+			}
+		}
+
+		if let Ok(accounts) = sstore.accounts() {
+			for account in accounts.into_iter().filter(|a| settings.blacklisted_accounts.contains(&a.address)) {
+				warn!("Local Account {} has a blacklisted (known to be weak) address and will be ignored",
+					account.address);
+			}
+		}
+
+		// Remove blacklisted accounts from address book.
+		let mut address_book = AddressBook::new(&sstore.local_path());
+		for addr in &settings.blacklisted_accounts {
+			address_book.remove(*addr);
+		}
+
+		AccountProvider {
+			unlocked_secrets: RwLock::new(HashMap::new()),
+			unlocked: RwLock::new(HashMap::new()),
+			address_book: RwLock::new(address_book),
+			sstore: sstore,
+			transient_sstore: transient_sstore(),
+			hardware_store: hardware_store,
+			unlock_keep_secret: settings.unlock_keep_secret,
+			blacklisted_accounts: settings.blacklisted_accounts,
+		}
+	}
+
+	/// Creates not disk backed provider.
+	pub fn transient_provider() -> Self {
+		AccountProvider {
+			unlocked_secrets: RwLock::new(HashMap::new()),
+			unlocked: RwLock::new(HashMap::new()),
+			address_book: RwLock::new(AddressBook::transient()),
+			sstore: Box::new(EthStore::open(Box::new(MemoryDirectory::default())).expect("MemoryDirectory load always succeeds; qed")),
+			transient_sstore: transient_sstore(),
+			hardware_store: None,
+			unlock_keep_secret: false,
+			blacklisted_accounts: vec![],
+		}
+	}
+
+	/// Creates new random account.
+	pub fn new_account(&self, password: &Password) -> Result<Address, Error> {
+		self.new_account_and_public(password).map(|d| d.0)
+	}
+
+	/// Creates new random account and returns address and public key
+	pub fn new_account_and_public(&self, password: &Password) -> Result<(Address, Public), Error> {
+		let acc = Random.generate().expect("secp context has generation capabilities; qed");
+		let public = acc.public().clone();
+		let secret = acc.secret().clone();
+		let account = self.sstore.insert_account(SecretVaultRef::Root, secret, password)?;
+		Ok((account.address, public))
+	}
+
+	/// Inserts new account into underlying store.
+	/// Does not unlock account!
+	pub fn insert_account(&self, secret: Secret, password: &Password) -> Result<Address, Error> {
+		let account = self.sstore.insert_account(SecretVaultRef::Root, secret, password)?;
+		if self.blacklisted_accounts.contains(&account.address) {
+			self.sstore.remove_account(&account, password)?;
+			return Err(Error::InvalidAccount.into());
+		}
+		Ok(account.address)
+	}
+
+	/// Generates new derived account based on the existing one
+	/// If password is not provided, account must be unlocked
+	/// New account will be created with the same password (if save: true)
+	pub fn derive_account(&self, address: &Address, password: Option<Password>, derivation: Derivation, save: bool)
+		-> Result<Address, SignError>
+	{
+		let account = self.sstore.account_ref(&address)?;
+		let password = password.map(Ok).unwrap_or_else(|| self.password(&account))?;
+		Ok(
+			if save { self.sstore.insert_derived(SecretVaultRef::Root, &account, &password, derivation)?.address }
+			else { self.sstore.generate_derived(&account, &password, derivation)? }
+		)
+	}
+
+	/// Import a new presale wallet.
+	pub fn import_presale(&self, presale_json: &[u8], password: &Password) -> Result<Address, Error> {
+		let account = self.sstore.import_presale(SecretVaultRef::Root, presale_json, password)?;
+		Ok(Address::from(account.address).into())
+	}
+
+	/// Import a new wallet.
+	pub fn import_wallet(&self, json: &[u8], password: &Password, gen_id: bool) -> Result<Address, Error> {
+		let account = self.sstore.import_wallet(SecretVaultRef::Root, json, password, gen_id)?;
+		if self.blacklisted_accounts.contains(&account.address) {
+			self.sstore.remove_account(&account, password)?;
+			return Err(Error::InvalidAccount.into());
+		}
+		Ok(Address::from(account.address).into())
+	}
+
+	/// Checks whether an account with a given address is present.
+	pub fn has_account(&self, address: Address) -> bool {
+		self.sstore.account_ref(&address).is_ok() && !self.blacklisted_accounts.contains(&address)
+	}
+
+	/// Returns addresses of all accounts.
+	pub fn accounts(&self) -> Result<Vec<Address>, Error> {
+		let accounts = self.sstore.accounts()?;
+		Ok(accounts
+			.into_iter()
+			.map(|a| a.address)
+			.filter(|address| !self.blacklisted_accounts.contains(address))
+			.collect()
+		)
+	}
+
+	/// Returns the address of default account.
+	pub fn default_account(&self) -> Result<Address, Error> {
+		Ok(self.accounts()?.first().cloned().unwrap_or_default())
+	}
+
+	/// Returns addresses of hardware accounts.
+	pub fn hardware_accounts(&self) -> Result<Vec<Address>, Error> {
+		if let Some(accounts) = self.hardware_store.as_ref().map(|h| h.list_wallets()) {
+			if !accounts.is_empty() {
+				return Ok(accounts.into_iter().map(|a| a.address).collect());
+			}
+		}
+		Err(Error::Custom("No hardware wallet accounts were found".into()))
+	}
+
+	/// Get a list of paths to locked hardware wallets
+	pub fn locked_hardware_accounts(&self) -> Result<Vec<String>, SignError> {
+		match self.hardware_store.as_ref().map(|h| h.list_locked_wallets()) {
+			None => Err(SignError::NotFound),
+			Some(Err(e)) => Err(SignError::Hardware(e)),
+			Some(Ok(s)) => Ok(s),
+		}
+	}
+
+	/// Provide a pin to a locked hardware wallet on USB path to unlock it
+	pub fn hardware_pin_matrix_ack(&self, path: &str, pin: &str) -> Result<bool, SignError> {
+		match self.hardware_store.as_ref().map(|h| h.pin_matrix_ack(path, pin)) {
+			None => Err(SignError::NotFound),
+			Some(Err(e)) => Err(SignError::Hardware(e)),
+			Some(Ok(s)) => Ok(s),
+		}
+	}
+
+	/// Returns each address along with metadata.
+	pub fn addresses_info(&self) -> HashMap<Address, AccountMeta> {
+		self.address_book.read().get()
+	}
+
+	/// Returns each address along with metadata.
+	pub fn set_address_name(&self, account: Address, name: String) {
+		self.address_book.write().set_name(account, name)
+	}
+
+	/// Returns each address along with metadata.
+	pub fn set_address_meta(&self, account: Address, meta: String) {
+		self.address_book.write().set_meta(account, meta)
+	}
+
+	/// Removes and address from the address book
+	pub fn remove_address(&self, addr: Address) {
+		self.address_book.write().remove(addr)
+	}
+
+	/// Returns each account along with name and meta.
+	pub fn accounts_info(&self) -> Result<HashMap<Address, AccountMeta>, Error> {
+		let r = self.sstore.accounts()?
+			.into_iter()
+			.filter(|a| !self.blacklisted_accounts.contains(&a.address))
+			.map(|a| (a.address.clone(), self.account_meta(a.address).ok().unwrap_or_default()))
+			.collect();
+		Ok(r)
+	}
+
+	/// Returns each hardware account along with name and meta.
+	pub fn hardware_accounts_info(&self) -> Result<HashMap<Address, AccountMeta>, Error> {
+		let r = self.hardware_accounts()?
+			.into_iter()
+			.map(|address| (address.clone(), self.account_meta(address).ok().unwrap_or_default()))
+			.collect();
+		Ok(r)
+	}
+
+	/// Returns each hardware account along with name and meta.
+	pub fn is_hardware_address(&self, address: &Address) -> bool {
+		self.hardware_store.as_ref().and_then(|s| s.wallet_info(address)).is_some()
+	}
+
+	/// Returns each account along with name and meta.
+	pub fn account_meta(&self, address: Address) -> Result<AccountMeta, Error> {
+		if let Some(info) = self.hardware_store.as_ref().and_then(|s| s.wallet_info(&address)) {
+			Ok(AccountMeta {
+				name: info.name,
+				meta: info.manufacturer,
+				uuid: None,
+			})
+		} else {
+			let account = self.sstore.account_ref(&address)?;
+			Ok(AccountMeta {
+				name: self.sstore.name(&account)?,
+				meta: self.sstore.meta(&account)?,
+				uuid: self.sstore.uuid(&account).ok().map(Into::into),	// allowed to not have a Uuid
+			})
+		}
+	}
+
+	/// Returns account public key.
+	pub fn account_public(&self, address: Address, password: &Password) -> Result<Public, Error> {
+		self.sstore.public(&self.sstore.account_ref(&address)?, password)
+	}
+
+	/// Returns each account along with name and meta.
+	pub fn set_account_name(&self, address: Address, name: String) -> Result<(), Error> {
+		self.sstore.set_name(&self.sstore.account_ref(&address)?, name)?;
+		Ok(())
+	}
+
+	/// Returns each account along with name and meta.
+	pub fn set_account_meta(&self, address: Address, meta: String) -> Result<(), Error> {
+		self.sstore.set_meta(&self.sstore.account_ref(&address)?, meta)?;
+		Ok(())
+	}
+
+	/// Returns `true` if the password for `account` is `password`. `false` if not.
+	pub fn test_password(&self, address: &Address, password: &Password) -> Result<bool, Error> {
+		self.sstore.test_password(&self.sstore.account_ref(&address)?, password)
+			.map_err(Into::into)
+	}
+
+	/// Permanently removes an account.
+	pub fn kill_account(&self, address: &Address, password: &Password) -> Result<(), Error> {
+		self.sstore.remove_account(&self.sstore.account_ref(&address)?, &password)?;
+		Ok(())
+	}
+
+	/// Changes the password of `account` from `password` to `new_password`. Fails if incorrect `password` given.
+	pub fn change_password(&self, address: &Address, password: Password, new_password: Password) -> Result<(), Error> {
+		self.sstore.change_password(&self.sstore.account_ref(address)?, &password, &new_password)
+	}
+
+	/// Exports an account for given address.
+	pub fn export_account(&self, address: &Address, password: Password) -> Result<KeyFile, Error> {
+		self.sstore.export_account(&self.sstore.account_ref(address)?, &password)
+	}
+
+	/// Helper method used for unlocking accounts.
+	fn unlock_account(&self, address: Address, password: Password, unlock: Unlock) -> Result<(), Error> {
+		let account = self.sstore.account_ref(&address)?;
+
+		// check if account is already unlocked permanently, if it is, do nothing
+		let mut unlocked = self.unlocked.write();
+		if let Some(data) = unlocked.get(&account) {
+			if let Unlock::Perm = data.unlock {
+				return Ok(())
+			}
+		}
+
+		if self.unlock_keep_secret && unlock == Unlock::Perm {
+			// verify password and get the secret
+			let secret = self.sstore.raw_secret(&account, &password)?;
+			self.unlocked_secrets.write().insert(account.clone(), secret);
+		} else {
+			// verify password by signing dump message
+			// result may be discarded
+			let _ = self.sstore.sign(&account, &password, &Default::default())?;
+		}
+
+		let data = AccountData {
+			unlock: unlock,
+			password: password,
+		};
+
+		unlocked.insert(account, data);
+		Ok(())
+	}
+
+	fn password(&self, account: &StoreAccountRef) -> Result<Password, SignError> {
+		let mut unlocked = self.unlocked.write();
+		let data = unlocked.get(account).ok_or(SignError::NotUnlocked)?.clone();
+		if let Unlock::OneTime = data.unlock {
+			unlocked.remove(account).expect("data exists: so key must exist: qed");
+		}
+		if let Unlock::Timed(ref end) = data.unlock {
+			if Instant::now() > *end {
+				unlocked.remove(account).expect("data exists: so key must exist: qed");
+				return Err(SignError::NotUnlocked);
+			}
+		}
+		Ok(data.password)
+	}
+
+	/// Unlocks account permanently.
+	pub fn unlock_account_permanently(&self, account: Address, password: Password) -> Result<(), Error> {
+		self.unlock_account(account, password, Unlock::Perm)
+	}
+
+	/// Unlocks account temporarily (for one signing).
+	pub fn unlock_account_temporarily(&self, account: Address, password: Password) -> Result<(), Error> {
+		self.unlock_account(account, password, Unlock::OneTime)
+	}
+
+	/// Unlocks account temporarily with a timeout.
+	pub fn unlock_account_timed(&self, account: Address, password: Password, duration: Duration) -> Result<(), Error> {
+		self.unlock_account(account, password, Unlock::Timed(Instant::now() + duration))
+	}
+
+	/// Checks if given account is unlocked
+	pub fn is_unlocked(&self, address: &Address) -> bool {
+		let unlocked = self.unlocked.read();
+		let unlocked_secrets = self.unlocked_secrets.read();
+		self.sstore.account_ref(address)
+			.map(|r| unlocked.get(&r).is_some() || unlocked_secrets.get(&r).is_some())
+			.unwrap_or(false)
+	}
+
+	/// Checks if given account is unlocked permanently
+	pub fn is_unlocked_permanently(&self, address: &Address) -> bool {
+		let unlocked = self.unlocked.read();
+		self.sstore.account_ref(address)
+			.map(|r| unlocked.get(&r).map_or(false, |account| account.unlock == Unlock::Perm))
+			.unwrap_or(false)
+	}
+
+	/// Signs the message. If password is not provided the account must be unlocked.
+	pub fn sign(&self, address: Address, password: Option<Password>, message: Message) -> Result<Signature, SignError> {
+		let account = self.sstore.account_ref(&address)?;
+		match self.unlocked_secrets.read().get(&account) {
+			Some(secret) => {
+				Ok(self.sstore.sign_with_secret(&secret, &message)?)
+			},
+			None => {
+				let password = password.map(Ok).unwrap_or_else(|| self.password(&account))?;
+				Ok(self.sstore.sign(&account, &password, &message)?)
+			}
+		}
+	}
+
+	/// Signs message using the derived secret. If password is not provided the account must be unlocked.
+	pub fn sign_derived(&self, address: &Address, password: Option<Password>, derivation: Derivation, message: Message)
+		-> Result<Signature, SignError>
+	{
+		let account = self.sstore.account_ref(address)?;
+		let password = password.map(Ok).unwrap_or_else(|| self.password(&account))?;
+		Ok(self.sstore.sign_derived(&account, &password, derivation, &message)?)
+	}
+
+	/// Signs given message with supplied token. Returns a token to use in next signing within this session.
+	pub fn sign_with_token(&self, address: Address, token: AccountToken, message: Message) -> Result<(Signature, AccountToken), SignError> {
+		let account = self.sstore.account_ref(&address)?;
+		let is_std_password = self.sstore.test_password(&account, &token)?;
+
+		let new_token = Password::from(random_string(16));
+		let signature = if is_std_password {
+			// Insert to transient store
+			self.sstore.copy_account(&self.transient_sstore, SecretVaultRef::Root, &account, &token, &new_token)?;
+			// sign
+			self.sstore.sign(&account, &token, &message)?
+		} else {
+			// check transient store
+			self.transient_sstore.change_password(&account, &token, &new_token)?;
+			// and sign
+			self.transient_sstore.sign(&account, &new_token, &message)?
+		};
+
+		Ok((signature, new_token))
+	}
+
+	/// Decrypts a message with given token. Returns a token to use in next operation for this account.
+	pub fn decrypt_with_token(&self, address: Address, token: AccountToken, shared_mac: &[u8], message: &[u8])
+		-> Result<(Vec<u8>, AccountToken), SignError>
+	{
+		let account = self.sstore.account_ref(&address)?;
+		let is_std_password = self.sstore.test_password(&account, &token)?;
+
+		let new_token = Password::from(random_string(16));
+		let message = if is_std_password {
+			// Insert to transient store
+			self.sstore.copy_account(&self.transient_sstore, SecretVaultRef::Root, &account, &token, &new_token)?;
+			// decrypt
+			self.sstore.decrypt(&account, &token, shared_mac, message)?
+		} else {
+			// check transient store
+			self.transient_sstore.change_password(&account, &token, &new_token)?;
+			// and decrypt
+			self.transient_sstore.decrypt(&account, &token, shared_mac, message)?
+		};
+
+		Ok((message, new_token))
+	}
+
+	/// Decrypts a message. If password is not provided the account must be unlocked.
+	pub fn decrypt(&self, address: Address, password: Option<Password>, shared_mac: &[u8], message: &[u8]) -> Result<Vec<u8>, SignError> {
+		let account = self.sstore.account_ref(&address)?;
+		let password = password.map(Ok).unwrap_or_else(|| self.password(&account))?;
+		Ok(self.sstore.decrypt(&account, &password, shared_mac, message)?)
+	}
+
+	/// Agree on shared key.
+	pub fn agree(&self, address: Address, password: Option<Password>, other_public: &Public) -> Result<Secret, SignError> {
+		let account = self.sstore.account_ref(&address)?;
+		let password = password.map(Ok).unwrap_or_else(|| self.password(&account))?;
+		Ok(self.sstore.agree(&account, &password, other_public)?)
+	}
+
+	/// Returns the underlying `SecretStore` reference if one exists.
+	pub fn list_geth_accounts(&self, testnet: bool) -> Vec<Address> {
+		self.sstore.list_geth_accounts(testnet).into_iter().map(|a| Address::from(a).into()).collect()
+	}
+
+	/// Returns the underlying `SecretStore` reference if one exists.
+	pub fn import_geth_accounts(&self, desired: Vec<Address>, testnet: bool) -> Result<Vec<Address>, Error> {
+		self.sstore.import_geth_accounts(SecretVaultRef::Root, desired, testnet)
+			.map(|a| a.into_iter().map(|a| a.address).collect())
+			.map_err(Into::into)
+	}
+
+	/// Create new vault.
+	pub fn create_vault(&self, name: &str, password: &Password) -> Result<(), Error> {
+		self.sstore.create_vault(name, password)
+			.map_err(Into::into)
+	}
+
+	/// Open existing vault.
+	pub fn open_vault(&self, name: &str, password: &Password) -> Result<(), Error> {
+		self.sstore.open_vault(name, password)
+			.map_err(Into::into)
+	}
+
+	/// Close previously opened vault.
+	pub fn close_vault(&self, name: &str) -> Result<(), Error> {
+		self.sstore.close_vault(name)
+			.map_err(Into::into)
+	}
+
+	/// List all vaults
+	pub fn list_vaults(&self) -> Result<Vec<String>, Error> {
+		self.sstore.list_vaults()
+			.map_err(Into::into)
+	}
+
+	/// List all currently opened vaults
+	pub fn list_opened_vaults(&self) -> Result<Vec<String>, Error> {
+		self.sstore.list_opened_vaults()
+			.map_err(Into::into)
+	}
+
+	/// Change vault password.
+	pub fn change_vault_password(&self, name: &str, new_password: &Password) -> Result<(), Error> {
+		self.sstore.change_vault_password(name, new_password)
+			.map_err(Into::into)
+	}
+
+	/// Change vault of the given address.
+	pub fn change_vault(&self, address: Address, new_vault: &str) -> Result<(), Error> {
+		let new_vault_ref = if new_vault.is_empty() { SecretVaultRef::Root } else { SecretVaultRef::Vault(new_vault.to_owned()) };
+		let old_account_ref = self.sstore.account_ref(&address)?;
+		self.sstore.change_account_vault(new_vault_ref, old_account_ref)
+			.map_err(Into::into)
+			.map(|_| ())
+	}
+
+	/// Get vault metadata string.
+	pub fn get_vault_meta(&self, name: &str) -> Result<String, Error> {
+		self.sstore.get_vault_meta(name)
+			.map_err(Into::into)
+	}
+
+	/// Set vault metadata string.
+	pub fn set_vault_meta(&self, name: &str, meta: &str) -> Result<(), Error> {
+		self.sstore.set_vault_meta(name, meta)
+			.map_err(Into::into)
+	}
+
+	/// Sign message with hardware wallet.
+	pub fn sign_message_with_hardware(&self, address: &Address, message: &[u8]) -> Result<Signature, SignError> {
+		match self.hardware_store.as_ref().map(|s| s.sign_message(address, message)) {
+			None | Some(Err(HardwareError::KeyNotFound)) => Err(SignError::NotFound),
+			Some(Err(e)) => Err(From::from(e)),
+			Some(Ok(s)) => Ok(s),
+		}
+	}
+
+	/// Sign transaction with hardware wallet.
+	pub fn sign_transaction_with_hardware(&self, address: &Address, transaction: &Transaction, chain_id: Option<u64>, rlp_encoded_transaction: &[u8]) -> Result<Signature, SignError> {
+		let t_info = TransactionInfo {
+			nonce: transaction.nonce,
+			gas_price: transaction.gas_price,
+			gas_limit: transaction.gas,
+			to: match transaction.action {
+				Action::Create => None,
+				Action::Call(ref to) => Some(to.clone()),
+			},
+			value: transaction.value,
+			data: transaction.data.to_vec(),
+			chain_id: chain_id,
+		};
+		match self.hardware_store.as_ref().map(|s| s.sign_transaction(&address, &t_info, rlp_encoded_transaction)) {
+			None | Some(Err(HardwareError::KeyNotFound)) => Err(SignError::NotFound),
+			Some(Err(e)) => Err(From::from(e)),
+			Some(Ok(s)) => Ok(s),
+		}
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use super::{AccountProvider, Unlock};
+	use std::time::{Duration, Instant};
+	use ethkey::{Generator, Random, Address};
+	use ethstore::{StoreAccountRef, Derivation};
+	use ethereum_types::H256;
+
+	#[test]
+	fn unlock_account_temp() {
+		let kp = Random.generate().unwrap();
+		let ap = AccountProvider::transient_provider();
+		assert!(ap.insert_account(kp.secret().clone(), &"test".into()).is_ok());
+		assert!(ap.unlock_account_temporarily(kp.address(), "test1".into()).is_err());
+		assert!(ap.unlock_account_temporarily(kp.address(), "test".into()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_err());
+	}
+
+	#[test]
+	fn derived_account_nosave() {
+		let kp = Random.generate().unwrap();
+		let ap = AccountProvider::transient_provider();
+		assert!(ap.insert_account(kp.secret().clone(), &"base".into()).is_ok());
+		assert!(ap.unlock_account_permanently(kp.address(), "base".into()).is_ok());
+
+		let derived_addr = ap.derive_account(
+			&kp.address(),
+			None,
+			Derivation::SoftHash(H256::from(999)),
+			false,
+		).expect("Derivation should not fail");
+
+		assert!(ap.unlock_account_permanently(derived_addr, "base".into()).is_err(),
+			"There should be an error because account is not supposed to be saved");
+	}
+
+	#[test]
+	fn derived_account_save() {
+		let kp = Random.generate().unwrap();
+		let ap = AccountProvider::transient_provider();
+		assert!(ap.insert_account(kp.secret().clone(), &"base".into()).is_ok());
+		assert!(ap.unlock_account_permanently(kp.address(), "base".into()).is_ok());
+
+		let derived_addr = ap.derive_account(
+			&kp.address(),
+			None,
+			Derivation::SoftHash(H256::from(999)),
+			true,
+		).expect("Derivation should not fail");
+
+		assert!(ap.unlock_account_permanently(derived_addr, "base_wrong".into()).is_err(),
+			"There should be an error because password is invalid");
+
+		assert!(ap.unlock_account_permanently(derived_addr, "base".into()).is_ok(),
+			"Should be ok because account is saved and password is valid");
+	}
+
+	#[test]
+	fn derived_account_sign() {
+		let kp = Random.generate().unwrap();
+		let ap = AccountProvider::transient_provider();
+		assert!(ap.insert_account(kp.secret().clone(), &"base".into()).is_ok());
+		assert!(ap.unlock_account_permanently(kp.address(), "base".into()).is_ok());
+
+		let derived_addr = ap.derive_account(
+			&kp.address(),
+			None,
+			Derivation::SoftHash(H256::from(1999)),
+			true,
+		).expect("Derivation should not fail");
+		ap.unlock_account_permanently(derived_addr, "base".into())
+			.expect("Should be ok because account is saved and password is valid");
+
+		let msg = Default::default();
+		let signed_msg1 = ap.sign(derived_addr, None, msg)
+			.expect("Signing with existing unlocked account should not fail");
+		let signed_msg2 = ap.sign_derived(
+			&kp.address(),
+			None,
+			Derivation::SoftHash(H256::from(1999)),
+			msg,
+		).expect("Derived signing with existing unlocked account should not fail");
+
+		assert_eq!(signed_msg1, signed_msg2,
+			"Signed messages should match");
+	}
+
+	#[test]
+	fn unlock_account_perm() {
+		let kp = Random.generate().unwrap();
+		let ap = AccountProvider::transient_provider();
+		assert!(ap.insert_account(kp.secret().clone(), &"test".into()).is_ok());
+		assert!(ap.unlock_account_permanently(kp.address(), "test1".into()).is_err());
+		assert!(ap.unlock_account_permanently(kp.address(), "test".into()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
+		assert!(ap.unlock_account_temporarily(kp.address(), "test".into()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
+	}
+
+	#[test]
+	fn unlock_account_timer() {
+		let kp = Random.generate().unwrap();
+		let ap = AccountProvider::transient_provider();
+		assert!(ap.insert_account(kp.secret().clone(), &"test".into()).is_ok());
+		assert!(ap.unlock_account_timed(kp.address(), "test1".into(), Duration::from_secs(60)).is_err());
+		assert!(ap.unlock_account_timed(kp.address(), "test".into(), Duration::from_secs(60)).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
+		ap.unlocked.write().get_mut(&StoreAccountRef::root(kp.address())).unwrap().unlock = Unlock::Timed(Instant::now());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_err());
+	}
+
+	#[test]
+	fn should_sign_and_return_token() {
+		// given
+		let kp = Random.generate().unwrap();
+		let ap = AccountProvider::transient_provider();
+		assert!(ap.insert_account(kp.secret().clone(), &"test".into()).is_ok());
+
+		// when
+		let (_signature, token) = ap.sign_with_token(kp.address(), "test".into(), Default::default()).unwrap();
+
+		// then
+		ap.sign_with_token(kp.address(), token.clone(), Default::default())
+			.expect("First usage of token should be correct.");
+		assert!(ap.sign_with_token(kp.address(), token, Default::default()).is_err(), "Second usage of the same token should fail.");
+	}
+
+	#[test]
+	fn should_not_return_blacklisted_account() {
+		// given
+		let mut ap = AccountProvider::transient_provider();
+		let acc = ap.new_account(&"test".into()).unwrap();
+		ap.blacklisted_accounts = vec![acc];
+
+		// then
+		assert_eq!(ap.accounts_info().unwrap().keys().cloned().collect::<Vec<Address>>(), vec![]);
+		assert_eq!(ap.accounts().unwrap(), vec![]);
+	}
+}

accounts/src/stores.rs

@@ -0,0 +1,189 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Address Book Store
+
+use std::{fs, fmt, hash, ops};
+use std::collections::HashMap;
+use std::path::{Path, PathBuf};
+
+use ethkey::Address;
+use log::{trace, warn};
+
+use crate::AccountMeta;
+
+/// Disk-backed map from Address to String. Uses JSON.
+pub struct AddressBook {
+	cache: DiskMap<Address, AccountMeta>,
+}
+
+impl AddressBook {
+	/// Creates new address book at given directory.
+	pub fn new(path: &Path) -> Self {
+		let mut r = AddressBook {
+			cache: DiskMap::new(path, "address_book.json")
+		};
+		r.cache.revert(AccountMeta::read);
+		r
+	}
+
+	/// Creates transient address book (no changes are saved to disk).
+	pub fn transient() -> Self {
+		AddressBook {
+			cache: DiskMap::transient()
+		}
+	}
+
+	/// Get the address book.
+	pub fn get(&self) -> HashMap<Address, AccountMeta> {
+		self.cache.clone()
+	}
+
+	fn save(&self) {
+		self.cache.save(AccountMeta::write)
+	}
+
+	/// Sets new name for given address.
+	pub fn set_name(&mut self, a: Address, name: String) {
+		{
+			let x = self.cache.entry(a)
+				.or_insert_with(|| AccountMeta {name: Default::default(), meta: "{}".to_owned(), uuid: None});
+			x.name = name;
+		}
+		self.save();
+	}
+
+	/// Sets new meta for given address.
+	pub fn set_meta(&mut self, a: Address, meta: String) {
+		{
+			let x = self.cache.entry(a)
+				.or_insert_with(|| AccountMeta {name: "Anonymous".to_owned(), meta: Default::default(), uuid: None});
+			x.meta = meta;
+		}
+		self.save();
+	}
+
+	/// Removes an entry
+	pub fn remove(&mut self, a: Address) {
+		self.cache.remove(&a);
+		self.save();
+	}
+}
+
+/// Disk-serializable HashMap
+#[derive(Debug)]
+struct DiskMap<K: hash::Hash + Eq, V> {
+	path: PathBuf,
+	cache: HashMap<K, V>,
+	transient: bool,
+}
+
+impl<K: hash::Hash + Eq, V> ops::Deref for DiskMap<K, V> {
+	type Target = HashMap<K, V>;
+	fn deref(&self) -> &Self::Target {
+		&self.cache
+	}
+}
+
+impl<K: hash::Hash + Eq, V> ops::DerefMut for DiskMap<K, V> {
+	fn deref_mut(&mut self) -> &mut Self::Target {
+		&mut self.cache
+	}
+}
+
+impl<K: hash::Hash + Eq, V> DiskMap<K, V> {
+	pub fn new(path: &Path, file_name: &str) -> Self {
+		let mut path = path.to_owned();
+		path.push(file_name);
+		trace!(target: "diskmap", "path={:?}", path);
+		DiskMap {
+			path: path,
+			cache: HashMap::new(),
+			transient: false,
+		}
+	}
+
+	pub fn transient() -> Self {
+		let mut map = DiskMap::new(&PathBuf::new(), "diskmap.json".into());
+		map.transient = true;
+		map
+	}
+
+	fn revert<F, E>(&mut self, read: F) where
+		F: Fn(fs::File) -> Result<HashMap<K, V>, E>,
+		E: fmt::Display,
+	{
+		if self.transient { return; }
+		trace!(target: "diskmap", "revert {:?}", self.path);
+		let _ = fs::File::open(self.path.clone())
+			.map_err(|e| trace!(target: "diskmap", "Couldn't open disk map: {}", e))
+			.and_then(|f| read(f).map_err(|e| warn!(target: "diskmap", "Couldn't read disk map: {}", e)))
+			.and_then(|m| {
+				self.cache = m;
+				Ok(())
+			});
+	}
+
+	fn save<F, E>(&self, write: F) where
+		F: Fn(&HashMap<K, V>, &mut fs::File) -> Result<(), E>,
+		E: fmt::Display,
+	{
+		if self.transient { return; }
+		trace!(target: "diskmap", "save {:?}", self.path);
+		let _ = fs::File::create(self.path.clone())
+			.map_err(|e| warn!(target: "diskmap", "Couldn't open disk map for writing: {}", e))
+			.and_then(|mut f| {
+				write(&self.cache, &mut f).map_err(|e| warn!(target: "diskmap", "Couldn't write to disk map: {}", e))
+			});
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use super::AddressBook;
+	use std::collections::HashMap;
+	use tempdir::TempDir;
+	use crate::account_data::AccountMeta;
+
+	#[test]
+	fn should_save_and_reload_address_book() {
+		let tempdir = TempDir::new("").unwrap();
+		let mut b = AddressBook::new(tempdir.path());
+		b.set_name(1.into(), "One".to_owned());
+		b.set_meta(1.into(), "{1:1}".to_owned());
+		let b = AddressBook::new(tempdir.path());
+		assert_eq!(b.get(), vec![
+		   (1, AccountMeta {name: "One".to_owned(), meta: "{1:1}".to_owned(), uuid: None})
+		].into_iter().map(|(a, b)| (a.into(), b)).collect::<HashMap<_, _>>());
+	}
+
+	#[test]
+	fn should_remove_address() {
+		let tempdir = TempDir::new("").unwrap();
+		let mut b = AddressBook::new(tempdir.path());
+
+		b.set_name(1.into(), "One".to_owned());
+		b.set_name(2.into(), "Two".to_owned());
+		b.set_name(3.into(), "Three".to_owned());
+		b.remove(2.into());
+
+		let b = AddressBook::new(tempdir.path());
+		assert_eq!(b.get(), vec![
+			(1, AccountMeta{name: "One".to_owned(), meta: "{}".to_owned(), uuid: None}),
+			(3, AccountMeta{name: "Three".to_owned(), meta: "{}".to_owned(), uuid: None}),
+		].into_iter().map(|(a, b)| (a.into(), b)).collect::<HashMap<_, _>>());
+	}
+}