Merge pull request #938 from tronprotocol/add_keystore

add keystore

Author: zergweak

.gitignore

@@ -51,3 +51,4 @@ src/main/resources/META-INF/
 /output_witness/
 output*
 nodeId.properties
+Wallet

build.gradle

@@ -286,8 +286,8 @@ def binaryRelease(taskName, jarName, mainClass) {
     }
 }
 
-
 artifacts {
     archives(binaryRelease('buildSolidityNodeJar', 'SolidityNode', 'org.tron.program.SolidityNode'),
-            binaryRelease('buildFullNodeJar', 'FullNode', 'org.tron.program.FullNode'))
-}
+            binaryRelease('buildFullNodeJar', 'FullNode', 'org.tron.program.FullNode'),
+            binaryRelease('buildKeystoreFactoryJar', 'KeystoreFactory', 'org.tron.program.KeystoreFactory'))
+}

src/main/java/org/tron/core/config/args/Args.java

@@ -36,10 +36,14 @@
 import org.tron.common.crypto.ECKey;
 import org.tron.common.overlay.discover.Node;
 import org.tron.core.Constant;
+import org.tron.common.utils.ByteArray;
 import org.tron.core.Wallet;
 import org.tron.core.config.Configuration;
 import org.tron.core.config.Parameter.ChainConstant;
 import org.tron.core.db.AccountStore;
+import org.tron.keystore.CipherException;
+import org.tron.keystore.Credentials;
+import org.tron.keystore.WalletUtils;
 
 @Slf4j
 @NoArgsConstructor
@@ -280,7 +284,6 @@ public static void setParam(final String[] args, final String confFileName) {
       INSTANCE.setLocalWitnesses(new LocalWitnesses(INSTANCE.privateKey));
       logger.debug("Got privateKey from cmd");
     } else if (config.hasPath("localwitness")) {
-
       INSTANCE.localWitnesses = new LocalWitnesses();
       List<String> localwitness = config.getStringList("localwitness");
       if (localwitness.size() > 1) {
@@ -289,6 +292,30 @@ public static void setParam(final String[] args, final String confFileName) {
       }
       INSTANCE.localWitnesses.setPrivateKeys(localwitness);
       logger.debug("Got privateKey from config.conf");
+    } else if (config.hasPath("localwitnesskeystore")) {
+      INSTANCE.localWitnesses = new LocalWitnesses();
+      List<String> privateKeys = new ArrayList<String>();
+      if (INSTANCE.isWitness()) {
+        List<String> localwitness = config.getStringList("localwitnesskeystore");
+        if (localwitness.size() > 0) {
+          String fileName = System.getProperty("user.dir") + "/" + localwitness.get(0);
+          System.out.println("Please input your password.");
+          String password = WalletUtils.inputPassword();
+          try {
+            Credentials credentials = WalletUtils
+                .loadCredentials(password, new File(fileName));
+            ECKey ecKeyPair = credentials.getEcKeyPair();
+            String prikey = ByteArray.toHexString(ecKeyPair.getPrivKeyBytes());
+            privateKeys.add(prikey);
+          } catch (IOException e) {
+            logger.warn(e.getMessage());
+          } catch (CipherException e) {
+            logger.warn(e.getMessage());
+          }
+        }
+      }
+      INSTANCE.localWitnesses.setPrivateKeys(privateKeys);
+      logger.debug("Got privateKey from keystore");
     }
 
     if (INSTANCE.isWitness() && CollectionUtils.isEmpty(INSTANCE.localWitnesses.getPrivateKeys())) {

src/main/java/org/tron/keystore/CipherException.java

@@ -0,0 +1,19 @@
+package org.tron.keystore;
+
+/**
+ * Cipher exception wrapper.
+ */
+public class CipherException extends Exception {
+
+    public CipherException(String message) {
+        super(message);
+    }
+
+    public CipherException(Throwable cause) {
+        super(cause);
+    }
+
+    public CipherException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}

src/main/java/org/tron/keystore/Credentials.java

@@ -0,0 +1,61 @@
+package org.tron.keystore;
+
+import org.tron.common.crypto.ECKey;
+import org.tron.common.utils.ByteArray;
+
+/**
+ * Credentials wrapper.
+ */
+public class Credentials {
+
+    private final ECKey ecKeyPair;
+    private final String address;
+
+    private Credentials(ECKey ecKeyPair, String address) {
+        this.ecKeyPair = ecKeyPair;
+        this.address = address;
+    }
+
+    public ECKey getEcKeyPair() {
+        return ecKeyPair;
+    }
+
+    public String getAddress() {
+        return address;
+    }
+
+    public static Credentials create(ECKey ecKeyPair) {
+        String address = org.tron.core.Wallet.encode58Check(ecKeyPair.getAddress());
+        return new Credentials(ecKeyPair, address);
+    }
+
+    public static Credentials create(String privateKey) {
+        ECKey eCkey = ECKey.fromPrivate(ByteArray.fromHexString(privateKey));
+        return create(eCkey);
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+
+        Credentials that = (Credentials) o;
+
+        if (ecKeyPair != null ? !ecKeyPair.equals(that.ecKeyPair) : that.ecKeyPair != null) {
+            return false;
+        }
+
+        return address != null ? address.equals(that.address) : that.address == null;
+    }
+
+    @Override
+    public int hashCode() {
+        int result = ecKeyPair != null ? ecKeyPair.hashCode() : 0;
+        result = 31 * result + (address != null ? address.hashCode() : 0);
+        return result;
+    }
+}

src/main/java/org/tron/keystore/Wallet.java

@@ -0,0 +1,239 @@
+package org.tron.keystore;
+
+import static java.nio.charset.StandardCharsets.UTF_8;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.util.Arrays;
+import java.util.UUID;
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import org.spongycastle.crypto.digests.SHA256Digest;
+import org.spongycastle.crypto.generators.PKCS5S2ParametersGenerator;
+import org.spongycastle.crypto.generators.SCrypt;
+import org.spongycastle.crypto.params.KeyParameter;
+import org.tron.common.crypto.ECKey;
+import org.tron.common.crypto.Hash;
+import org.tron.common.utils.ByteArray;
+
+/**
+ * <p>Ethereum wallet file management. For reference, refer to <a href="https://github.com/ethereum/wiki/wiki/Web3-Secret-Storage-Definition">
+ * Web3 Secret Storage Definition</a> or the <a href="https://github.com/ethereum/go-ethereum/blob/master/accounts/key_store_passphrase.go">
+ * Go Ethereum client implementation</a>.</p>
+ *
+ * <p><strong>Note:</strong> the Bouncy Castle Scrypt implementation {@link SCrypt}, fails to comply
+ * with the following Ethereum reference <a href="https://github.com/ethereum/wiki/wiki/Web3-Secret-Storage-Definition#scrypt">
+ * Scrypt test vector</a>:</p>
+ *
+ * <pre>
+ * {@code
+ * // Only value of r that cost (as an int) could be exceeded for is 1
+ * if (r == 1 && N_STANDARD > 65536)
+ * {
+ *     throw new IllegalArgumentException("Cost parameter N_STANDARD must be > 1 and < 65536.");
+ * }
+ * }
+ * </pre>
+ */
+public class Wallet {
+
+  private static final int N_LIGHT = 1 << 12;
+  private static final int P_LIGHT = 6;
+
+  private static final int N_STANDARD = 1 << 18;
+  private static final int P_STANDARD = 1;
+
+  private static final int R = 8;
+  private static final int DKLEN = 32;
+
+  private static final int CURRENT_VERSION = 3;
+
+  private static final String CIPHER = "aes-128-ctr";
+  protected static final String AES_128_CTR = "pbkdf2";
+  protected static final String SCRYPT = "scrypt";
+
+  public static WalletFile create(String password, ECKey ecKeyPair, int n, int p)
+      throws CipherException {
+
+    byte[] salt = generateRandomBytes(32);
+
+    byte[] derivedKey = generateDerivedScryptKey(password.getBytes(UTF_8), salt, n, R, p, DKLEN);
+
+    byte[] encryptKey = Arrays.copyOfRange(derivedKey, 0, 16);
+    byte[] iv = generateRandomBytes(16);
+
+    byte[] privateKeyBytes = ecKeyPair.getPrivKeyBytes();
+
+    byte[] cipherText = performCipherOperation(Cipher.ENCRYPT_MODE, iv, encryptKey,
+        privateKeyBytes);
+
+    byte[] mac = generateMac(derivedKey, cipherText);
+
+    return createWalletFile(ecKeyPair, cipherText, iv, salt, mac, n, p);
+  }
+
+  public static WalletFile createStandard(String password, ECKey ecKeyPair)
+      throws CipherException {
+    return create(password, ecKeyPair, N_STANDARD, P_STANDARD);
+  }
+
+  public static WalletFile createLight(String password, ECKey ecKeyPair)
+      throws CipherException {
+    return create(password, ecKeyPair, N_LIGHT, P_LIGHT);
+  }
+
+  private static WalletFile createWalletFile(
+      ECKey ecKeyPair, byte[] cipherText, byte[] iv, byte[] salt, byte[] mac,
+      int n, int p) {
+
+    WalletFile walletFile = new WalletFile();
+    walletFile.setAddress(org.tron.core.Wallet.encode58Check(ecKeyPair.getAddress()));
+
+    WalletFile.Crypto crypto = new WalletFile.Crypto();
+    crypto.setCipher(CIPHER);
+    crypto.setCiphertext(ByteArray.toHexString(cipherText));
+    walletFile.setCrypto(crypto);
+
+    WalletFile.CipherParams cipherParams = new WalletFile.CipherParams();
+    cipherParams.setIv(ByteArray.toHexString(iv));
+    crypto.setCipherparams(cipherParams);
+
+    crypto.setKdf(SCRYPT);
+    WalletFile.ScryptKdfParams kdfParams = new WalletFile.ScryptKdfParams();
+    kdfParams.setDklen(DKLEN);
+    kdfParams.setN(n);
+    kdfParams.setP(p);
+    kdfParams.setR(R);
+    kdfParams.setSalt(ByteArray.toHexString(salt));
+    crypto.setKdfparams(kdfParams);
+
+    crypto.setMac(ByteArray.toHexString(mac));
+    walletFile.setCrypto(crypto);
+    walletFile.setId(UUID.randomUUID().toString());
+    walletFile.setVersion(CURRENT_VERSION);
+
+    return walletFile;
+  }
+
+  private static byte[] generateDerivedScryptKey(
+      byte[] password, byte[] salt, int n, int r, int p, int dkLen) throws CipherException {
+    return SCrypt.generate(password, salt, n, r, p, dkLen);
+  }
+
+  private static byte[] generateAes128CtrDerivedKey(
+      byte[] password, byte[] salt, int c, String prf) throws CipherException {
+
+    if (!prf.equals("hmac-sha256")) {
+      throw new CipherException("Unsupported prf:" + prf);
+    }
+
+    // Java 8 supports this, but you have to convert the password to a character array, see
+    // http://stackoverflow.com/a/27928435/3211687
+
+    PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest());
+    gen.init(password, salt, c);
+    return ((KeyParameter) gen.generateDerivedParameters(256)).getKey();
+  }
+
+  private static byte[] performCipherOperation(
+      int mode, byte[] iv, byte[] encryptKey, byte[] text) throws CipherException {
+
+    try {
+      IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
+      Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
+
+      SecretKeySpec secretKeySpec = new SecretKeySpec(encryptKey, "AES");
+      cipher.init(mode, secretKeySpec, ivParameterSpec);
+      return cipher.doFinal(text);
+    } catch (NoSuchPaddingException | NoSuchAlgorithmException
+        | InvalidAlgorithmParameterException | InvalidKeyException
+        | BadPaddingException | IllegalBlockSizeException e) {
+      throw new CipherException("Error performing cipher operation", e);
+    }
+  }
+
+  private static byte[] generateMac(byte[] derivedKey, byte[] cipherText) {
+    byte[] result = new byte[16 + cipherText.length];
+
+    System.arraycopy(derivedKey, 16, result, 0, 16);
+    System.arraycopy(cipherText, 0, result, 16, cipherText.length);
+
+    return Hash.sha3(result);
+  }
+
+  public static ECKey decrypt(String password, WalletFile walletFile)
+      throws CipherException {
+
+    validate(walletFile);
+
+    WalletFile.Crypto crypto = walletFile.getCrypto();
+
+    byte[] mac = ByteArray.fromHexString(crypto.getMac());
+    byte[] iv = ByteArray.fromHexString(crypto.getCipherparams().getIv());
+    byte[] cipherText = ByteArray.fromHexString(crypto.getCiphertext());
+
+    byte[] derivedKey;
+
+    WalletFile.KdfParams kdfParams = crypto.getKdfparams();
+    if (kdfParams instanceof WalletFile.ScryptKdfParams) {
+      WalletFile.ScryptKdfParams scryptKdfParams =
+          (WalletFile.ScryptKdfParams) crypto.getKdfparams();
+      int dklen = scryptKdfParams.getDklen();
+      int n = scryptKdfParams.getN();
+      int p = scryptKdfParams.getP();
+      int r = scryptKdfParams.getR();
+      byte[] salt = ByteArray.fromHexString(scryptKdfParams.getSalt());
+      derivedKey = generateDerivedScryptKey(password.getBytes(UTF_8), salt, n, r, p, dklen);
+    } else if (kdfParams instanceof WalletFile.Aes128CtrKdfParams) {
+      WalletFile.Aes128CtrKdfParams aes128CtrKdfParams =
+          (WalletFile.Aes128CtrKdfParams) crypto.getKdfparams();
+      int c = aes128CtrKdfParams.getC();
+      String prf = aes128CtrKdfParams.getPrf();
+      byte[] salt = ByteArray.fromHexString(aes128CtrKdfParams.getSalt());
+
+      derivedKey = generateAes128CtrDerivedKey(password.getBytes(UTF_8), salt, c, prf);
+    } else {
+      throw new CipherException("Unable to deserialize params: " + crypto.getKdf());
+    }
+
+    byte[] derivedMac = generateMac(derivedKey, cipherText);
+
+    if (!Arrays.equals(derivedMac, mac)) {
+      throw new CipherException("Invalid password provided");
+    }
+
+    byte[] encryptKey = Arrays.copyOfRange(derivedKey, 0, 16);
+    byte[] privateKey = performCipherOperation(Cipher.DECRYPT_MODE, iv, encryptKey, cipherText);
+
+    return ECKey.fromPrivate(privateKey);
+
+  }
+
+  static void validate(WalletFile walletFile) throws CipherException {
+    WalletFile.Crypto crypto = walletFile.getCrypto();
+
+    if (walletFile.getVersion() != CURRENT_VERSION) {
+      throw new CipherException("Wallet version is not supported");
+    }
+
+    if (!crypto.getCipher().equals(CIPHER)) {
+      throw new CipherException("Wallet cipher is not supported");
+    }
+
+    if (!crypto.getKdf().equals(AES_128_CTR) && !crypto.getKdf().equals(SCRYPT)) {
+      throw new CipherException("KDF type is not supported");
+    }
+  }
+
+  static byte[] generateRandomBytes(int size) {
+    byte[] bytes = new byte[size];
+    new SecureRandom().nextBytes(bytes);
+    return bytes;
+  }
+}