Set both key generation and ECDSA nonce to use mixed entropy

* Move random entropy functions to new package randentropy * Add function to get n bytes entropy where up to first 32 bytes are mixed with OS entropy sources
2015-02-04 17:06:06 +01:00
parent e40c1c62ce
commit 8c056aebe1
4 changed files with 92 additions and 18 deletions
--- a/crypto/key_store_passphrase.go
+++ b/crypto/key_store_passphrase.go
@ -68,10 +68,10 @@ import (
 	"code.google.com/p/go.crypto/scrypt"
 	"crypto/aes"
 	"crypto/cipher"
-	crand "crypto/rand"
 	"encoding/hex"
 	"encoding/json"
 	"errors"
+	"github.com/ethereum/go-ethereum/crypto/randentropy"
 	"io"
 	"os"
 	"path"
@ -116,7 +116,7 @@ func (ks keyStorePassphrase) GetKeyAddresses() (addresses [][]byte, err error) {

 func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
 	authArray := []byte(auth)
-	salt := GetEntropyCSPRNG(32)
+	salt := randentropy.GetEntropyMixed(32)
 	derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen)
 	if err != nil {
 		return err
@ -131,7 +131,7 @@ func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) {
 		return err
 	}

-	iv := GetEntropyCSPRNG(aes.BlockSize) // 16
+	iv := randentropy.GetEntropyMixed(aes.BlockSize) // 16
 	AES256CBCEncrypter := cipher.NewCBCEncrypter(AES256Block, iv)
 	cipherText := make([]byte, len(toEncrypt))
 	AES256CBCEncrypter.CryptBlocks(cipherText, toEncrypt)
@ -196,12 +196,3 @@ func DecryptKey(ks keyStorePassphrase, keyAddr []byte, auth string) (keyBytes []
 	}
 	return keyBytes, keyId, err
 }
-
-func GetEntropyCSPRNG(n int) []byte {
-	mainBuff := make([]byte, n)
-	_, err := io.ReadFull(crand.Reader, mainBuff)
-	if err != nil {
-		panic("key generation: reading from crypto/rand failed: " + err.Error())
-	}
-	return mainBuff
-}