package keystore
import "github.com/ethereum/go-ethereum/accounts/keystore"
Package keystore implements encrypted storage of secp256k1 private keys.
Keys are stored as encrypted JSON files according to the Web3 Secret Storage specification. See https://github.com/ethereum/wiki/wiki/Web3-Secret-Storage-Definition for more information.
Index ¶
- Constants
- Variables
- func DecryptDataV3(cryptoJson CryptoJSON, auth string) ([]byte, error)
- func EncryptKey(key *Key, auth string, scryptN, scryptP int) ([]byte, error)
- func StoreKey(dir, auth string, scryptN, scryptP int) (accounts.Account, error)
- type AmbiguousAddrError
- type CryptoJSON
- type Key
- func DecryptKey(keyjson []byte, auth string) (*Key, error)
- func NewKeyForDirectICAP(rand io.Reader) *Key
- func (k *Key) MarshalJSON() (j []byte, err error)
- func (k *Key) UnmarshalJSON(j []byte) (err error)
- type KeyStore
- func NewKeyStore(keydir string, scryptN, scryptP int) *KeyStore
- func (ks *KeyStore) Accounts() []accounts.Account
- func (ks *KeyStore) Delete(a accounts.Account, passphrase string) error
- func (ks *KeyStore) Export(a accounts.Account, passphrase, newPassphrase string) (keyJSON []byte, err error)
- func (ks *KeyStore) Find(a accounts.Account) (accounts.Account, error)
- func (ks *KeyStore) HasAddress(addr common.Address) bool
- func (ks *KeyStore) Import(keyJSON []byte, passphrase, newPassphrase string) (accounts.Account, error)
- func (ks *KeyStore) ImportECDSA(priv *ecdsa.PrivateKey, passphrase string) (accounts.Account, error)
- func (ks *KeyStore) ImportPreSaleKey(keyJSON []byte, passphrase string) (accounts.Account, error)
- func (ks *KeyStore) Lock(addr common.Address) error
- func (ks *KeyStore) NewAccount(passphrase string) (accounts.Account, error)
- func (ks *KeyStore) SignHash(a accounts.Account, hash []byte) ([]byte, error)
- func (ks *KeyStore) SignHashWithPassphrase(a accounts.Account, passphrase string, hash []byte) (signature []byte, err error)
- func (ks *KeyStore) SignTx(a accounts.Account, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error)
- func (ks *KeyStore) SignTxWithPassphrase(a accounts.Account, passphrase string, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error)
- func (ks *KeyStore) Subscribe(sink chan<- accounts.WalletEvent) event.Subscription
- func (ks *KeyStore) TimedUnlock(a accounts.Account, passphrase string, timeout time.Duration) error
- func (ks *KeyStore) Unlock(a accounts.Account, passphrase string) error
- func (ks *KeyStore) Update(a accounts.Account, passphrase, newPassphrase string) error
- func (ks *KeyStore) Wallets() []accounts.Wallet
Constants ¶
const ( // StandardScryptN is the N parameter of Scrypt encryption algorithm, using 256MB // memory and taking approximately 1s CPU time on a modern processor. StandardScryptN = 1 << 18 // StandardScryptP is the P parameter of Scrypt encryption algorithm, using 256MB // memory and taking approximately 1s CPU time on a modern processor. StandardScryptP = 1 // LightScryptN is the N parameter of Scrypt encryption algorithm, using 4MB // memory and taking approximately 100ms CPU time on a modern processor. LightScryptN = 1 << 12 // LightScryptP is the P parameter of Scrypt encryption algorithm, using 4MB // memory and taking approximately 100ms CPU time on a modern processor. LightScryptP = 6 )
const KeyStoreScheme = "keystore"
KeyStoreScheme is the protocol scheme prefixing account and wallet URLs.
Variables ¶
var ( ErrLocked = accounts.NewAuthNeededError("password or unlock") ErrNoMatch = errors.New("no key for given address or file") ErrDecrypt = errors.New("could not decrypt key with given password") // ErrAccountAlreadyExists is returned if an account attempted to import is // already present in the keystore. ErrAccountAlreadyExists = errors.New("account already exists") )
KeyStoreType is the reflect type of a keystore backend.
Functions ¶
func DecryptDataV3 ¶
func DecryptDataV3(cryptoJson CryptoJSON, auth string) ([]byte, error)
func EncryptKey ¶
EncryptKey encrypts a key using the specified scrypt parameters into a json blob that can be decrypted later on.
func StoreKey ¶
StoreKey generates a key, encrypts with 'auth' and stores in the given directory
Types ¶
type AmbiguousAddrError ¶
AmbiguousAddrError is returned when an address matches multiple files.
func (*AmbiguousAddrError) Error ¶
func (err *AmbiguousAddrError) Error() string
type CryptoJSON ¶
type CryptoJSON struct {
Cipher string `json:"cipher"`
CipherText string `json:"ciphertext"`
CipherParams cipherparamsJSON `json:"cipherparams"`
KDF string `json:"kdf"`
KDFParams map[string]interface{} `json:"kdfparams"`
MAC string `json:"mac"`
}
func EncryptDataV3 ¶
func EncryptDataV3(data, auth []byte, scryptN, scryptP int) (CryptoJSON, error)
EncryptDataV3 encrypts the data given as 'data' with the password 'auth'.
type Key ¶
type Key struct {
Id uuid.UUID // Version 4 "random" for unique id not derived from key data
// to simplify lookups we also store the address
Address common.Address
// we only store privkey as pubkey/address can be derived from it
// privkey in this struct is always in plaintext
PrivateKey *ecdsa.PrivateKey
}
func DecryptKey ¶
DecryptKey decrypts a key from a json blob, returning the private key itself.
func NewKeyForDirectICAP ¶
NewKeyForDirectICAP generates a key whose address fits into < 155 bits so it can fit into the Direct ICAP spec. for simplicity and easier compatibility with other libs, we retry until the first byte is 0.
func (*Key) MarshalJSON ¶
func (*Key) UnmarshalJSON ¶
type KeyStore ¶
type KeyStore struct {
// contains filtered or unexported fields
}
KeyStore manages a key storage directory on disk.
func NewKeyStore ¶
NewKeyStore creates a keystore for the given directory.
func (*KeyStore) Accounts ¶
Accounts returns all key files present in the directory.
func (*KeyStore) Delete ¶
Delete deletes the key matched by account if the passphrase is correct. If the account contains no filename, the address must match a unique key.
func (*KeyStore) Export ¶
func (ks *KeyStore) Export(a accounts.Account, passphrase, newPassphrase string) (keyJSON []byte, err error)
Export exports as a JSON key, encrypted with newPassphrase.
func (*KeyStore) Find ¶
Find resolves the given account into a unique entry in the keystore.
func (*KeyStore) HasAddress ¶
HasAddress reports whether a key with the given address is present.
func (*KeyStore) Import ¶
func (ks *KeyStore) Import(keyJSON []byte, passphrase, newPassphrase string) (accounts.Account, error)
Import stores the given encrypted JSON key into the key directory.
func (*KeyStore) ImportECDSA ¶
func (ks *KeyStore) ImportECDSA(priv *ecdsa.PrivateKey, passphrase string) (accounts.Account, error)
ImportECDSA stores the given key into the key directory, encrypting it with the passphrase.
func (*KeyStore) ImportPreSaleKey ¶
ImportPreSaleKey decrypts the given Ethereum presale wallet and stores a key file in the key directory. The key file is encrypted with the same passphrase.
func (*KeyStore) Lock ¶
Lock removes the private key with the given address from memory.
func (*KeyStore) NewAccount ¶
NewAccount generates a new key and stores it into the key directory, encrypting it with the passphrase.
func (*KeyStore) SignHash ¶
SignHash calculates a ECDSA signature for the given hash. The produced signature is in the [R || S || V] format where V is 0 or 1.
func (*KeyStore) SignHashWithPassphrase ¶
func (ks *KeyStore) SignHashWithPassphrase(a accounts.Account, passphrase string, hash []byte) (signature []byte, err error)
SignHashWithPassphrase signs hash if the private key matching the given address can be decrypted with the given passphrase. The produced signature is in the [R || S || V] format where V is 0 or 1.
func (*KeyStore) SignTx ¶
func (ks *KeyStore) SignTx(a accounts.Account, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error)
SignTx signs the given transaction with the requested account.
func (*KeyStore) SignTxWithPassphrase ¶
func (ks *KeyStore) SignTxWithPassphrase(a accounts.Account, passphrase string, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error)
SignTxWithPassphrase signs the transaction if the private key matching the given address can be decrypted with the given passphrase.
func (*KeyStore) Subscribe ¶
func (ks *KeyStore) Subscribe(sink chan<- accounts.WalletEvent) event.Subscription
Subscribe implements accounts.Backend, creating an async subscription to receive notifications on the addition or removal of keystore wallets.
func (*KeyStore) TimedUnlock ¶
TimedUnlock unlocks the given account with the passphrase. The account stays unlocked for the duration of timeout. A timeout of 0 unlocks the account until the program exits. The account must match a unique key file.
If the account address is already unlocked for a duration, TimedUnlock extends or shortens the active unlock timeout. If the address was previously unlocked indefinitely the timeout is not altered.
func (*KeyStore) Unlock ¶
Unlock unlocks the given account indefinitely.
func (*KeyStore) Update ¶
Update changes the passphrase of an existing account.
func (*KeyStore) Wallets ¶
Wallets implements accounts.Backend, returning all single-key wallets from the keystore directory.
Source Files ¶
account_cache.go file_cache.go key.go keystore.go passphrase.go plain.go presale.go wallet.go watch.go
- Version
- v1.15.11 (latest)
- Published
- May 5, 2025
- Platform
- linux/amd64
- Imports
- 35 packages
- Last checked
- 21 hours ago –
Tools for package owners.