Documentation

Overview

    Package keystore implements encrypted storage of secp256k1 private keys.

    Keys are stored as encrypted JSON files according to the Web3 Secret Storage specification. See https://github.com/ethereum/wiki/wiki/Web3-Secret-Storage-Definition for more information.

    Index

    Constants

    View Source
    const (
    
    	// StandardScryptN is the N parameter of Scrypt encryption algorithm, using 256MB
    	// memory and taking approximately 1s CPU time on a modern processor.
    	StandardScryptN = 1 << 18
    
    	// StandardScryptP is the P parameter of Scrypt encryption algorithm, using 256MB
    	// memory and taking approximately 1s CPU time on a modern processor.
    	StandardScryptP = 1
    
    	// LightScryptN is the N parameter of Scrypt encryption algorithm, using 4MB
    	// memory and taking approximately 100ms CPU time on a modern processor.
    	LightScryptN = 1 << 12
    
    	// LightScryptP is the P parameter of Scrypt encryption algorithm, using 4MB
    	// memory and taking approximately 100ms CPU time on a modern processor.
    	LightScryptP = 6
    )
    View Source
    const KeyStoreScheme = "keystore"

      KeyStoreScheme is the protocol scheme prefixing account and wallet URLs.

      Variables

      View Source
      var (
      	ErrLocked  = accounts.NewAuthNeededError("password or unlock")
      	ErrNoMatch = errors.New("no key for given address or file")
      	ErrDecrypt = errors.New("could not decrypt key with given password")
      
      	// ErrAccountAlreadyExists is returned if an account attempted to import is
      	// already present in the keystore.
      	ErrAccountAlreadyExists = errors.New("account already exists")
      )
      View Source
      var KeyStoreType = reflect.TypeOf(&KeyStore{})

        KeyStoreType is the reflect type of a keystore backend.

        Functions

        func DecryptDataV3

        func DecryptDataV3(cryptoJson CryptoJSON, auth string) ([]byte, error)

        func EncryptKey

        func EncryptKey(key *Key, auth string, scryptN, scryptP int) ([]byte, error)

          EncryptKey encrypts a key using the specified scrypt parameters into a json blob that can be decrypted later on.

          func StoreKey

          func StoreKey(dir, auth string, scryptN, scryptP int) (accounts.Account, error)

            StoreKey generates a key, encrypts with 'auth' and stores in the given directory

            Types

            type AmbiguousAddrError

            type AmbiguousAddrError struct {
            	Addr    common.Address
            	Matches []accounts.Account
            }

              AmbiguousAddrError is returned when attempting to unlock an address for which more than one file exists.

              func (*AmbiguousAddrError) Error

              func (err *AmbiguousAddrError) Error() string

              type CryptoJSON

              type CryptoJSON struct {
              	Cipher       string                 `json:"cipher"`
              	CipherText   string                 `json:"ciphertext"`
              	CipherParams cipherparamsJSON       `json:"cipherparams"`
              	KDF          string                 `json:"kdf"`
              	KDFParams    map[string]interface{} `json:"kdfparams"`
              	MAC          string                 `json:"mac"`
              }

              func EncryptDataV3

              func EncryptDataV3(data, auth []byte, scryptN, scryptP int) (CryptoJSON, error)

                Encryptdata encrypts the data given as 'data' with the password 'auth'.

                type Key

                type Key struct {
                	Id uuid.UUID // Version 4 "random" for unique id not derived from key data
                	// to simplify lookups we also store the address
                	Address common.Address
                	// we only store privkey as pubkey/address can be derived from it
                	// privkey in this struct is always in plaintext
                	PrivateKey *ecdsa.PrivateKey
                }

                func DecryptKey

                func DecryptKey(keyjson []byte, auth string) (*Key, error)

                  DecryptKey decrypts a key from a json blob, returning the private key itself.

                  func NewKeyForDirectICAP

                  func NewKeyForDirectICAP(rand io.Reader) *Key

                    NewKeyForDirectICAP generates a key whose address fits into < 155 bits so it can fit into the Direct ICAP spec. for simplicity and easier compatibility with other libs, we retry until the first byte is 0.

                    func (*Key) MarshalJSON

                    func (k *Key) MarshalJSON() (j []byte, err error)

                    func (*Key) UnmarshalJSON

                    func (k *Key) UnmarshalJSON(j []byte) (err error)

                    type KeyStore

                    type KeyStore struct {
                    	// contains filtered or unexported fields
                    }

                      KeyStore manages a key storage directory on disk.

                      func NewKeyStore

                      func NewKeyStore(keydir string, scryptN, scryptP int) *KeyStore

                        NewKeyStore creates a keystore for the given directory.

                        func NewPlaintextKeyStore

                        func NewPlaintextKeyStore(keydir string) *KeyStore

                          NewPlaintextKeyStore creates a keystore for the given directory. Deprecated: Use NewKeyStore.

                          func (*KeyStore) Accounts

                          func (ks *KeyStore) Accounts() []accounts.Account

                            Accounts returns all key files present in the directory.

                            func (*KeyStore) Delete

                            func (ks *KeyStore) Delete(a accounts.Account, passphrase string) error

                              Delete deletes the key matched by account if the passphrase is correct. If the account contains no filename, the address must match a unique key.

                              func (*KeyStore) Export

                              func (ks *KeyStore) Export(a accounts.Account, passphrase, newPassphrase string) (keyJSON []byte, err error)

                                Export exports as a JSON key, encrypted with newPassphrase.

                                func (*KeyStore) Find

                                func (ks *KeyStore) Find(a accounts.Account) (accounts.Account, error)

                                  Find resolves the given account into a unique entry in the keystore.

                                  func (*KeyStore) HasAddress

                                  func (ks *KeyStore) HasAddress(addr common.Address) bool

                                    HasAddress reports whether a key with the given address is present.

                                    func (*KeyStore) Import

                                    func (ks *KeyStore) Import(keyJSON []byte, passphrase, newPassphrase string) (accounts.Account, error)

                                      Import stores the given encrypted JSON key into the key directory.

                                      func (*KeyStore) ImportECDSA

                                      func (ks *KeyStore) ImportECDSA(priv *ecdsa.PrivateKey, passphrase string) (accounts.Account, error)

                                        ImportECDSA stores the given key into the key directory, encrypting it with the passphrase.

                                        func (*KeyStore) ImportPreSaleKey

                                        func (ks *KeyStore) ImportPreSaleKey(keyJSON []byte, passphrase string) (accounts.Account, error)

                                          ImportPreSaleKey decrypts the given Ethereum presale wallet and stores a key file in the key directory. The key file is encrypted with the same passphrase.

                                          func (*KeyStore) Lock

                                          func (ks *KeyStore) Lock(addr common.Address) error

                                            Lock removes the private key with the given address from memory.

                                            func (*KeyStore) NewAccount

                                            func (ks *KeyStore) NewAccount(passphrase string) (accounts.Account, error)

                                              NewAccount generates a new key and stores it into the key directory, encrypting it with the passphrase.

                                              func (*KeyStore) SignHash

                                              func (ks *KeyStore) SignHash(a accounts.Account, hash []byte) ([]byte, error)

                                                SignHash calculates a ECDSA signature for the given hash. The produced signature is in the [R || S || V] format where V is 0 or 1.

                                                func (*KeyStore) SignHashWithPassphrase

                                                func (ks *KeyStore) SignHashWithPassphrase(a accounts.Account, passphrase string, hash []byte) (signature []byte, err error)

                                                  SignHashWithPassphrase signs hash if the private key matching the given address can be decrypted with the given passphrase. The produced signature is in the [R || S || V] format where V is 0 or 1.

                                                  func (*KeyStore) SignTx

                                                  func (ks *KeyStore) SignTx(a accounts.Account, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error)

                                                    SignTx signs the given transaction with the requested account.

                                                    func (*KeyStore) SignTxWithPassphrase

                                                    func (ks *KeyStore) SignTxWithPassphrase(a accounts.Account, passphrase string, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error)

                                                      SignTxWithPassphrase signs the transaction if the private key matching the given address can be decrypted with the given passphrase.

                                                      func (*KeyStore) Subscribe

                                                      func (ks *KeyStore) Subscribe(sink chan<- accounts.WalletEvent) event.Subscription

                                                        Subscribe implements accounts.Backend, creating an async subscription to receive notifications on the addition or removal of keystore wallets.

                                                        func (*KeyStore) TimedUnlock

                                                        func (ks *KeyStore) TimedUnlock(a accounts.Account, passphrase string, timeout time.Duration) error

                                                          TimedUnlock unlocks the given account with the passphrase. The account stays unlocked for the duration of timeout. A timeout of 0 unlocks the account until the program exits. The account must match a unique key file.

                                                          If the account address is already unlocked for a duration, TimedUnlock extends or shortens the active unlock timeout. If the address was previously unlocked indefinitely the timeout is not altered.

                                                          func (*KeyStore) Unlock

                                                          func (ks *KeyStore) Unlock(a accounts.Account, passphrase string) error

                                                            Unlock unlocks the given account indefinitely.

                                                            func (*KeyStore) Update

                                                            func (ks *KeyStore) Update(a accounts.Account, passphrase, newPassphrase string) error

                                                              Update changes the passphrase of an existing account.

                                                              func (*KeyStore) Wallets

                                                              func (ks *KeyStore) Wallets() []accounts.Wallet

                                                                Wallets implements accounts.Backend, returning all single-key wallets from the keystore directory.