1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 01:39:44 +01:00

Add new eth-lightwallet salting to vault.

eth-lightwallet was previously not salting vault passwords, potentially making it easier to crack them once obtained.

This branch incorporates the API changes to allow us to take advantage of the new salting logic.

This is still throwing deprecation warnings, but that's actually a bug in eth-lightwallet I wrote, [I've submitted a PR for that here](https://github.com/ConsenSys/eth-lightwallet/pull/116).

Fixes #555
This commit is contained in:
Dan Finlay 2016-09-09 19:42:18 -07:00
parent 153b6b73d8
commit 36dc63bc04
2 changed files with 46 additions and 58 deletions

View File

@ -3,7 +3,7 @@ const inherits = require('util').inherits
const async = require('async') const async = require('async')
const ethUtil = require('ethereumjs-util') const ethUtil = require('ethereumjs-util')
const EthQuery = require('eth-query') const EthQuery = require('eth-query')
const LightwalletKeyStore = require('eth-lightwallet').keystore const KeyStore = require('eth-lightwallet').keystore
const clone = require('clone') const clone = require('clone')
const extend = require('xtend') const extend = require('xtend')
const createId = require('web3-provider-engine/util/random-id') const createId = require('web3-provider-engine/util/random-id')
@ -50,15 +50,15 @@ IdentityStore.prototype.createNewVault = function (password, entropy, cb) {
if (serializedKeystore) { if (serializedKeystore) {
this.configManager.setData({}) this.configManager.setData({})
} }
this._createIdmgmt(password, null, entropy, (err) => { this._createIdmgmt(password, null, entropy, (err) => {
if (err) return cb(err) if (err) return cb(err)
this._loadIdentities()
this._didUpdate()
this._autoFaucet() this._autoFaucet()
this.configManager.setShowSeedWords(true) this.configManager.setShowSeedWords(true)
var seedWords = this._idmgmt.getSeed() var seedWords = this._idmgmt.getSeed()
cb(null, seedWords) cb(null, seedWords)
}) })
} }
@ -143,6 +143,7 @@ IdentityStore.prototype.revealAccount = function (cb) {
keyStore.setDefaultHdDerivationPath(this.hdPathString) keyStore.setDefaultHdDerivationPath(this.hdPathString)
keyStore.generateNewAddress(derivedKey, 1) keyStore.generateNewAddress(derivedKey, 1)
configManager.setWallet(keyStore.serialize()) configManager.setWallet(keyStore.serialize())
this._loadIdentities() this._loadIdentities()
@ -436,72 +437,57 @@ IdentityStore.prototype._mayBeFauceting = function (i) {
// //
IdentityStore.prototype.tryPassword = function (password, cb) { IdentityStore.prototype.tryPassword = function (password, cb) {
this._createIdmgmt(password, null, null, cb) var serializedKeystore = this.configManager.getWallet()
} var keyStore = KeyStore.deserialize(serializedKeystore)
IdentityStore.prototype._createIdmgmt = function (password, seed, entropy, cb) { keyStore.keyFromPassword(password, (err, pwDerivedKey) => {
const configManager = this.configManager
var keyStore = null
LightwalletKeyStore.deriveKeyFromPassword(password, (err, derivedKey) => {
if (err) return cb(err) if (err) return cb(err)
var serializedKeystore = configManager.getWallet()
if (seed) { const isCorrect = keyStore.isDerivedKeyCorrect(pwDerivedKey)
try {
keyStore = this._restoreFromSeed(password, seed, derivedKey)
} catch (e) {
return cb(e)
}
// returning user, recovering from storage
} else if (serializedKeystore) {
keyStore = LightwalletKeyStore.deserialize(serializedKeystore)
var isCorrect = keyStore.isDerivedKeyCorrect(derivedKey)
if (!isCorrect) return cb(new Error('Lightwallet - password incorrect')) if (!isCorrect) return cb(new Error('Lightwallet - password incorrect'))
// first time here
} else {
keyStore = this._createFirstWallet(entropy, derivedKey)
}
this._keyStore = keyStore
this._idmgmt = new IdManagement({
keyStore: keyStore,
derivedKey: derivedKey,
hdPathSTring: this.hdPathString,
configManager: this.configManager,
})
cb() cb()
}) })
} }
IdentityStore.prototype._restoreFromSeed = function (password, seed, derivedKey) { IdentityStore.prototype._createIdmgmt = function (password, seedPhrase, entropy, cb) {
const configManager = this.configManager const opts = { password }
var keyStore = new LightwalletKeyStore(seed, derivedKey, this.hdPathString) if (seedPhrase) {
keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'}) opts.seedPhrase = seedPhrase
keyStore.setDefaultHdDerivationPath(this.hdPathString)
keyStore.generateNewAddress(derivedKey, 1)
configManager.setWallet(keyStore.serialize())
if (global.METAMASK_DEBUG) {
console.log('restored from seed. saved to keystore')
} }
return keyStore
KeyStore.createVault(opts, (err, keyStore) => {
if (err) return cb(err)
this._keyStore = keyStore
keyStore.keyFromPassword(password, (err, derivedKey) => {
if (err) return cb(err)
keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
this._createFirstWallet(derivedKey)
this._idmgmt = new IdManagement({
keyStore: keyStore,
derivedKey: derivedKey,
configManager: this.configManager,
})
cb()
this._loadIdentities()
this._didUpdate()
})
})
} }
IdentityStore.prototype._createFirstWallet = function (entropy, derivedKey) { IdentityStore.prototype._createFirstWallet = function (derivedKey) {
const configManager = this.configManager const keyStore = this._keyStore
var secretSeed = LightwalletKeyStore.generateRandomSeed(entropy)
var keyStore = new LightwalletKeyStore(secretSeed, derivedKey, this.hdPathString)
keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
keyStore.setDefaultHdDerivationPath(this.hdPathString) keyStore.setDefaultHdDerivationPath(this.hdPathString)
keyStore.generateNewAddress(derivedKey)
keyStore.generateNewAddress(derivedKey, 1) var addresses = keyStore.getAddresses()
configManager.setWallet(keyStore.serialize()) this._ethStore.addAccount(addresses[0])
console.log('saved to keystore') this.configManager.setWallet(keyStore.serialize())
return keyStore
} }
// get addresses and normalize address hexString // get addresses and normalize address hexString

View File

@ -23,6 +23,7 @@ describe('IdentityStore', function() {
}) })
idStore.createNewVault(password, entropy, (err, seeds) => { idStore.createNewVault(password, entropy, (err, seeds) => {
assert.ifError(err, 'createNewVault threw error')
seedWords = seeds seedWords = seeds
originalKeystore = idStore._idmgmt.keyStore originalKeystore = idStore._idmgmt.keyStore
done() done()
@ -59,6 +60,7 @@ describe('IdentityStore', function() {
describe('#recoverFromSeed BIP44 compliance', function() { describe('#recoverFromSeed BIP44 compliance', function() {
let seedWords = 'picnic injury awful upper eagle junk alert toss flower renew silly vague' let seedWords = 'picnic injury awful upper eagle junk alert toss flower renew silly vague'
let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a' let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a'
const salt = 'lightwalletSalt'
let password = 'secret!' let password = 'secret!'
let accounts = [] let accounts = []
@ -70,7 +72,7 @@ describe('IdentityStore', function() {
idStore = new IdentityStore({ idStore = new IdentityStore({
configManager: configManagerGen(), configManager: configManagerGen(),
ethStore: { ethStore: {
addAccount(acct) { accounts.push(acct) }, addAccount(acct) { accounts.push('0x' + acct) },
}, },
}) })
}) })