Add type for passwords. (#8920)

* Add type for passwords. * Fix test. * Simplify `Drop` impls of `Password` and `Memzero`. * Spaces to tabs. * Custom `Drop` impl for `Password`.
openethereum · Jun 22, 2018 · 41348de · 41348de
1 parent c473ab9
commit 41348de
Show file tree

Hide file tree

Showing 61 changed files with 550 additions and 457 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/ethcore/crypto/src/lib.rs b/ethcore/crypto/src/lib.rs
@@ -56,9 +56,9 @@ impl<T> Keccak256<[u8; 32]> for T where T: AsRef<[u8]> {
 	}
 }
 
-pub fn derive_key_iterations(password: &str, salt: &[u8; 32], c: u32) -> (Vec<u8>, Vec<u8>) {
+pub fn derive_key_iterations(password: &[u8], salt: &[u8; 32], c: u32) -> (Vec<u8>, Vec<u8>) {
 	let mut derived_key = [0u8; KEY_LENGTH];
-	pbkdf2::sha256(c, pbkdf2::Salt(salt), pbkdf2::Secret(password.as_bytes()), &mut derived_key);
+	pbkdf2::sha256(c, pbkdf2::Salt(salt), pbkdf2::Secret(password), &mut derived_key);
 	let derived_right_bits = &derived_key[0..KEY_LENGTH_AES];
 	let derived_left_bits = &derived_key[KEY_LENGTH_AES..KEY_LENGTH];
 	(derived_right_bits.to_vec(), derived_left_bits.to_vec())

diff --git a/ethcore/crypto/src/scrypt.rs b/ethcore/crypto/src/scrypt.rs
@@ -18,7 +18,7 @@ use error::ScryptError;
 use rcrypto::scrypt::{scrypt, ScryptParams};
 use super::{KEY_LENGTH_AES, KEY_LENGTH};
 
-pub fn derive_key(pass: &str, salt: &[u8; 32], n: u32, p: u32, r: u32) -> Result<(Vec<u8>, Vec<u8>), ScryptError> {
+pub fn derive_key(pass: &[u8], salt: &[u8; 32], n: u32, p: u32, r: u32) -> Result<(Vec<u8>, Vec<u8>), ScryptError> {
 	// sanity checks
 	let log_n = (32 - n.leading_zeros() - 1) as u8;
 	if log_n as u32 >= r * 16 {
@@ -31,7 +31,7 @@ pub fn derive_key(pass: &str, salt: &[u8; 32], n: u32, p: u32, r: u32) -> Result
 
 	let mut derived_key = vec![0u8; KEY_LENGTH];
 	let scrypt_params = ScryptParams::new(log_n, r, p);
-	scrypt(pass.as_bytes(), salt, &scrypt_params, &mut derived_key);
+	scrypt(pass, salt, &scrypt_params, &mut derived_key);
 	let derived_right_bits = &derived_key[0..KEY_LENGTH_AES];
 	let derived_left_bits = &derived_key[KEY_LENGTH_AES..KEY_LENGTH];
 	Ok((derived_right_bits.to_vec(), derived_left_bits.to_vec()))

diff --git a/ethcore/private-tx/src/encryptor.rs b/ethcore/private-tx/src/encryptor.rs
@@ -26,7 +26,7 @@ use parking_lot::Mutex;
 use ethcore::account_provider::AccountProvider;
 use ethereum_types::{H128, H256, Address};
 use ethjson;
-use ethkey::{Signature, Public};
+use ethkey::{Signature, Password, Public};
 use crypto;
 use futures::Future;
 use fetch::{Fetch, Client as FetchClient, Method, BodyReader, Request};
@@ -71,7 +71,7 @@ pub struct EncryptorConfig {
 	/// Account used for signing requests to key server
 	pub key_server_account: Option<Address>,
 	/// Passwords used to unlock accounts
-	pub passwords: Vec<String>,
+	pub passwords: Vec<Password>,
 }
 
 struct EncryptionSession {

diff --git a/ethcore/private-tx/src/lib.rs b/ethcore/private-tx/src/lib.rs
@@ -85,6 +85,7 @@ use ethcore::account_provider::AccountProvider;
 use ethcore::miner::{self, Miner, MinerService};
 use ethcore::trace::{Tracer, VMTracer};
 use rustc_hex::FromHex;
+use ethkey::Password;
 
 // Source avaiable at https://github.com/parity-contracts/private-tx/blob/master/contracts/PrivateContract.sol
 const DEFAULT_STUB_CONTRACT: &'static str = include_str!("../res/private.evm");
@@ -102,7 +103,7 @@ pub struct ProviderConfig {
 	/// Account used for signing public transactions created from private transactions
 	pub signer_account: Option<Address>,
 	/// Passwords used to unlock accounts
-	pub passwords: Vec<String>,
+	pub passwords: Vec<Password>,
 }
 
 #[derive(Debug)]
@@ -121,7 +122,7 @@ pub struct Provider {
 	encryptor: Box<Encryptor>,
 	validator_accounts: HashSet<Address>,
 	signer_account: Option<Address>,
-	passwords: Vec<String>,
+	passwords: Vec<Password>,
 	notify: RwLock<Vec<Weak<ChainNotify>>>,
 	transactions_for_signing: Mutex<SigningStore>,
 	// TODO [ToDr] Move the Mutex/RwLock inside `VerificationStore` after refactored to `drain`.
@@ -670,7 +671,7 @@ impl Importer for Arc<Provider> {
 }
 
 /// Try to unlock account using stored password, return found password if any
-fn find_account_password(passwords: &Vec<String>, account_provider: &AccountProvider, account: &Address) -> Option<String> {
+fn find_account_password(passwords: &Vec<Password>, account_provider: &AccountProvider, account: &Address) -> Option<Password> {
 	for password in passwords {
 		if let Ok(true) = account_provider.test_password(account, password) {
 			return Some(password.clone());

diff --git a/ethcore/private-tx/tests/private_contract.rs b/ethcore/private-tx/tests/private_contract.rs
@@ -55,9 +55,9 @@ fn private_contract() {
 	let key3 = KeyPair::from_secret(Secret::from("0000000000000000000000000000000000000000000000000000000000000013")).unwrap();
 	let key4 = KeyPair::from_secret(Secret::from("0000000000000000000000000000000000000000000000000000000000000014")).unwrap();
 	let ap = Arc::new(AccountProvider::transient_provider());
-	ap.insert_account(key1.secret().clone(), "").unwrap();
-	ap.insert_account(key3.secret().clone(), "").unwrap();
-	ap.insert_account(key4.secret().clone(), "").unwrap();
+	ap.insert_account(key1.secret().clone(), &"".into()).unwrap();
+	ap.insert_account(key3.secret().clone(), &"".into()).unwrap();
+	ap.insert_account(key4.secret().clone(), &"".into()).unwrap();
 
 	let config = ProviderConfig{
 		validator_accounts: vec![key3.address(), key4.address()],