mirror of
https://github.com/kremalicious/metamask-extension.git
synced 2024-12-23 01:39:44 +01:00
Add new eth-lightwallet salting to vault.
eth-lightwallet was previously not salting vault passwords, potentially making it easier to crack them once obtained. This branch incorporates the API changes to allow us to take advantage of the new salting logic. This is still throwing deprecation warnings, but that's actually a bug in eth-lightwallet I wrote, [I've submitted a PR for that here](https://github.com/ConsenSys/eth-lightwallet/pull/116). Fixes #555
This commit is contained in:
parent
153b6b73d8
commit
36dc63bc04
@ -3,7 +3,7 @@ const inherits = require('util').inherits
|
|||||||
const async = require('async')
|
const async = require('async')
|
||||||
const ethUtil = require('ethereumjs-util')
|
const ethUtil = require('ethereumjs-util')
|
||||||
const EthQuery = require('eth-query')
|
const EthQuery = require('eth-query')
|
||||||
const LightwalletKeyStore = require('eth-lightwallet').keystore
|
const KeyStore = require('eth-lightwallet').keystore
|
||||||
const clone = require('clone')
|
const clone = require('clone')
|
||||||
const extend = require('xtend')
|
const extend = require('xtend')
|
||||||
const createId = require('web3-provider-engine/util/random-id')
|
const createId = require('web3-provider-engine/util/random-id')
|
||||||
@ -50,15 +50,15 @@ IdentityStore.prototype.createNewVault = function (password, entropy, cb) {
|
|||||||
if (serializedKeystore) {
|
if (serializedKeystore) {
|
||||||
this.configManager.setData({})
|
this.configManager.setData({})
|
||||||
}
|
}
|
||||||
|
|
||||||
this._createIdmgmt(password, null, entropy, (err) => {
|
this._createIdmgmt(password, null, entropy, (err) => {
|
||||||
if (err) return cb(err)
|
if (err) return cb(err)
|
||||||
|
|
||||||
this._loadIdentities()
|
|
||||||
this._didUpdate()
|
|
||||||
this._autoFaucet()
|
this._autoFaucet()
|
||||||
|
|
||||||
this.configManager.setShowSeedWords(true)
|
this.configManager.setShowSeedWords(true)
|
||||||
var seedWords = this._idmgmt.getSeed()
|
var seedWords = this._idmgmt.getSeed()
|
||||||
|
|
||||||
cb(null, seedWords)
|
cb(null, seedWords)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
@ -143,6 +143,7 @@ IdentityStore.prototype.revealAccount = function (cb) {
|
|||||||
|
|
||||||
keyStore.setDefaultHdDerivationPath(this.hdPathString)
|
keyStore.setDefaultHdDerivationPath(this.hdPathString)
|
||||||
keyStore.generateNewAddress(derivedKey, 1)
|
keyStore.generateNewAddress(derivedKey, 1)
|
||||||
|
|
||||||
configManager.setWallet(keyStore.serialize())
|
configManager.setWallet(keyStore.serialize())
|
||||||
|
|
||||||
this._loadIdentities()
|
this._loadIdentities()
|
||||||
@ -436,72 +437,57 @@ IdentityStore.prototype._mayBeFauceting = function (i) {
|
|||||||
//
|
//
|
||||||
|
|
||||||
IdentityStore.prototype.tryPassword = function (password, cb) {
|
IdentityStore.prototype.tryPassword = function (password, cb) {
|
||||||
this._createIdmgmt(password, null, null, cb)
|
var serializedKeystore = this.configManager.getWallet()
|
||||||
}
|
var keyStore = KeyStore.deserialize(serializedKeystore)
|
||||||
|
|
||||||
IdentityStore.prototype._createIdmgmt = function (password, seed, entropy, cb) {
|
keyStore.keyFromPassword(password, (err, pwDerivedKey) => {
|
||||||
const configManager = this.configManager
|
|
||||||
|
|
||||||
var keyStore = null
|
|
||||||
LightwalletKeyStore.deriveKeyFromPassword(password, (err, derivedKey) => {
|
|
||||||
if (err) return cb(err)
|
if (err) return cb(err)
|
||||||
var serializedKeystore = configManager.getWallet()
|
|
||||||
|
|
||||||
if (seed) {
|
const isCorrect = keyStore.isDerivedKeyCorrect(pwDerivedKey)
|
||||||
try {
|
|
||||||
keyStore = this._restoreFromSeed(password, seed, derivedKey)
|
|
||||||
} catch (e) {
|
|
||||||
return cb(e)
|
|
||||||
}
|
|
||||||
|
|
||||||
// returning user, recovering from storage
|
|
||||||
} else if (serializedKeystore) {
|
|
||||||
keyStore = LightwalletKeyStore.deserialize(serializedKeystore)
|
|
||||||
var isCorrect = keyStore.isDerivedKeyCorrect(derivedKey)
|
|
||||||
if (!isCorrect) return cb(new Error('Lightwallet - password incorrect'))
|
if (!isCorrect) return cb(new Error('Lightwallet - password incorrect'))
|
||||||
|
|
||||||
// first time here
|
|
||||||
} else {
|
|
||||||
keyStore = this._createFirstWallet(entropy, derivedKey)
|
|
||||||
}
|
|
||||||
|
|
||||||
this._keyStore = keyStore
|
|
||||||
this._idmgmt = new IdManagement({
|
|
||||||
keyStore: keyStore,
|
|
||||||
derivedKey: derivedKey,
|
|
||||||
hdPathSTring: this.hdPathString,
|
|
||||||
configManager: this.configManager,
|
|
||||||
})
|
|
||||||
|
|
||||||
cb()
|
cb()
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
IdentityStore.prototype._restoreFromSeed = function (password, seed, derivedKey) {
|
IdentityStore.prototype._createIdmgmt = function (password, seedPhrase, entropy, cb) {
|
||||||
const configManager = this.configManager
|
const opts = { password }
|
||||||
var keyStore = new LightwalletKeyStore(seed, derivedKey, this.hdPathString)
|
if (seedPhrase) {
|
||||||
keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
|
opts.seedPhrase = seedPhrase
|
||||||
keyStore.setDefaultHdDerivationPath(this.hdPathString)
|
|
||||||
|
|
||||||
keyStore.generateNewAddress(derivedKey, 1)
|
|
||||||
configManager.setWallet(keyStore.serialize())
|
|
||||||
if (global.METAMASK_DEBUG) {
|
|
||||||
console.log('restored from seed. saved to keystore')
|
|
||||||
}
|
}
|
||||||
return keyStore
|
|
||||||
|
KeyStore.createVault(opts, (err, keyStore) => {
|
||||||
|
if (err) return cb(err)
|
||||||
|
|
||||||
|
this._keyStore = keyStore
|
||||||
|
|
||||||
|
keyStore.keyFromPassword(password, (err, derivedKey) => {
|
||||||
|
if (err) return cb(err)
|
||||||
|
|
||||||
|
keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
|
||||||
|
|
||||||
|
this._createFirstWallet(derivedKey)
|
||||||
|
|
||||||
|
this._idmgmt = new IdManagement({
|
||||||
|
keyStore: keyStore,
|
||||||
|
derivedKey: derivedKey,
|
||||||
|
configManager: this.configManager,
|
||||||
|
})
|
||||||
|
|
||||||
|
cb()
|
||||||
|
this._loadIdentities()
|
||||||
|
this._didUpdate()
|
||||||
|
})
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
IdentityStore.prototype._createFirstWallet = function (entropy, derivedKey) {
|
IdentityStore.prototype._createFirstWallet = function (derivedKey) {
|
||||||
const configManager = this.configManager
|
const keyStore = this._keyStore
|
||||||
var secretSeed = LightwalletKeyStore.generateRandomSeed(entropy)
|
|
||||||
var keyStore = new LightwalletKeyStore(secretSeed, derivedKey, this.hdPathString)
|
|
||||||
keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
|
|
||||||
keyStore.setDefaultHdDerivationPath(this.hdPathString)
|
keyStore.setDefaultHdDerivationPath(this.hdPathString)
|
||||||
|
keyStore.generateNewAddress(derivedKey)
|
||||||
keyStore.generateNewAddress(derivedKey, 1)
|
var addresses = keyStore.getAddresses()
|
||||||
configManager.setWallet(keyStore.serialize())
|
this._ethStore.addAccount(addresses[0])
|
||||||
console.log('saved to keystore')
|
this.configManager.setWallet(keyStore.serialize())
|
||||||
return keyStore
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// get addresses and normalize address hexString
|
// get addresses and normalize address hexString
|
||||||
|
@ -23,6 +23,7 @@ describe('IdentityStore', function() {
|
|||||||
})
|
})
|
||||||
|
|
||||||
idStore.createNewVault(password, entropy, (err, seeds) => {
|
idStore.createNewVault(password, entropy, (err, seeds) => {
|
||||||
|
assert.ifError(err, 'createNewVault threw error')
|
||||||
seedWords = seeds
|
seedWords = seeds
|
||||||
originalKeystore = idStore._idmgmt.keyStore
|
originalKeystore = idStore._idmgmt.keyStore
|
||||||
done()
|
done()
|
||||||
@ -59,6 +60,7 @@ describe('IdentityStore', function() {
|
|||||||
describe('#recoverFromSeed BIP44 compliance', function() {
|
describe('#recoverFromSeed BIP44 compliance', function() {
|
||||||
let seedWords = 'picnic injury awful upper eagle junk alert toss flower renew silly vague'
|
let seedWords = 'picnic injury awful upper eagle junk alert toss flower renew silly vague'
|
||||||
let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a'
|
let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a'
|
||||||
|
const salt = 'lightwalletSalt'
|
||||||
|
|
||||||
let password = 'secret!'
|
let password = 'secret!'
|
||||||
let accounts = []
|
let accounts = []
|
||||||
@ -70,7 +72,7 @@ describe('IdentityStore', function() {
|
|||||||
idStore = new IdentityStore({
|
idStore = new IdentityStore({
|
||||||
configManager: configManagerGen(),
|
configManager: configManagerGen(),
|
||||||
ethStore: {
|
ethStore: {
|
||||||
addAccount(acct) { accounts.push(acct) },
|
addAccount(acct) { accounts.push('0x' + acct) },
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
Loading…
Reference in New Issue
Block a user