hdkeystore

package
v2.7.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 2, 2026 License: GPL-3.0 Imports: 19 Imported by: 39

Documentation

Index

Constants

View Source 
const (

	// MinSeedBytes is the minimum number of bytes allowed for a seed to
	// a master node.
	MinSeedBytes = 16 // 128 bits

	// MaxSeedBytes is the maximum number of bytes allowed for a seed to
	// a master node.
	MaxSeedBytes = 64 // 512 bits

	// The hierarchy described by BIP0043 is:
	//  m/<purpose>'/*
	// This is further extended by BIP0044 to:
	//  m/44'/<coin type>'/<account>'
	// BIP0044,m/44'/
	//openwallet coin type is 88': m/44'/88'
	OpenwCoinTypePath = "m/44'/88'"
)
View Source 
const (
	CipherAes256GCM = "aes-256-gcm"

	// StandardScryptN is the N parameter of Scrypt encryption algorithm, using 256MB
	// memory and taking approximately 1s CPU time on a modern processor.
	StandardScryptN = 1 << 18

	// HighSecurityScryptN is the N parameter for Scrypt with higher security,
	// using approximately 1GB memory and taking a few seconds on a modern CPU.
	HighSecurityScryptN = 1 << 20

	// StandardScryptP is the P parameter of Scrypt encryption algorithm, using 256MB
	// memory and taking approximately 1s CPU time on a modern processor.
	StandardScryptP = 1

	// LightScryptN is the N parameter of Scrypt encryption algorithm, using 4MB
	// memory and taking approximately 100ms CPU time on a modern processor.
	LightScryptN = 1 << 12

	// LightScryptP is the P parameter of Scrypt encryption algorithm, using 4MB
	// memory and taking approximately 100ms CPU time on a modern processor.
	LightScryptP = 6

	//种子长度
	SeedLen = 64
)

Variables

View Source 
var (

	//KeyID首字节的标识
	KeyIDVer = []byte{0x48}
	// ErrInvalidSeedLen describes an error in which the provided seed or
	// seed length is not in the allowed range.
	ErrInvalidSeedLen = fmt.Errorf("seed length must be between %d and %d "+
		"bits", MinSeedBytes*8, MaxSeedBytes*8)
)
View Source 
var (
	//ErrLocked  = accounts.NewAuthNeededError("password or unlock")
	ErrNoMatch = errors.New("no key for given address or file")
	//ErrDecrypt 机密出错
	ErrDecrypt = errors.New("could not decrypt key with given passphrase")
)

Functions

func AesGCMDecrypt added in v2.7.0 

func AesGCMDecrypt(encryptedData, key, additionalData []byte) ([]byte, error)

AesGCMDecrypt AES-GCM 解密基础方法 会自动验证: 1. 认证标签(AuthTag)- 确保密文未被篡改 2. 附加认证数据(AAD)- 确保关联数据未被篡改 任何一项验证失败都会返回错误,拒绝解密

func AesGCMDecryptToLocker added in v2.7.0 

func AesGCMDecryptToLocker(dst, encryptedData, key, additionalData []byte) error

AesGCMDecryptToLocker 安全解密,将明文直接写入 dst,避免临时分配 dst 必须足够大以容纳明文(最大 len(encryptedData) - 12 - 16)

func AesGCMEncrypt added in v2.7.0 

func AesGCMEncrypt(plaintext, key, additionalData []byte) ([]byte, error)

AesGCMEncrypt AES-GCM 加密基础方法 返回格式:Byte(Nonce + Ciphertext + AuthTag) Nonce: 12 字节(GCM 标准) AuthTag: 16 字节(128-bit 认证标签)

func BuildAAD added in v2.7.0 

func BuildAAD(keyID, rootPath, salt string, version, memory, time, threads, keyLen int) []byte

func ClearData added in v2.7.0 

func ClearData(slices ...[]byte)

ClearData 最终清空底层数组的函数

func DeriveKeyArgon2id added in v2.7.0 

func DeriveKeyArgon2id(password, salt []byte) []byte

DeriveKeyArgon2id 使用 Argon2id 派生 32 字节密钥(适合 AES-256)

func EncryptKeyByAes256GCMAndArgon2 added in v2.7.0 

func EncryptKeyByAes256GCMAndArgon2(hdkey *HDKey, plainSeed []byte, auth *memguard.LockedBuffer) ([]byte, error)

EncryptKeyByAes256GCMAndArgon2 encrypts a key using the specified scrypt parameters into a json blob that can be decrypted later on.

func GenerateLockedSeed added in v2.7.0 

func GenerateLockedSeed(size int) (*memguard.LockedBuffer, error)

GenerateLockedSeed 生成种子并直接放入锁定内存

func GenerateSeed 

func GenerateSeed(length uint8) ([]byte, error)

GenerateSeed returns a cryptographically secure random seed that can be used as the input for the NewMaster function to generate a new master node.

The length is in bytes and it must be between 16 and 64 (128 to 512 bits). The recommended length is 32 (256 bits) as defined by the RecommendedSeedLen constant.

func GetExtendSeed 

func GetExtendSeed(seed []byte, masterKey string) ([]byte, error)

GetExtendSeed 获得某个币种的扩展种子

func GetRandomSecure added in v2.7.0 

func GetRandomSecure(l int) ([]byte, error)

GetRandomSecure 使用加密安全的随机数生成器生成指定字节数组(推荐)

func KeyFileName 

func KeyFileName(alias, rootId string) string

keyFileName implements the naming convention for keyfiles: wallet--<alias>-<rootId>

func StoreLockerHDKey added in v2.7.0 

func StoreLockerHDKey(dir, alias string, auth *memguard.LockedBuffer) (string, error)

StoreLockerHDKey 重要:当前版本只使用这个创建钱包文件入口,使用AES-256-GCM保存文件

Types

type AADCall added in v2.7.0 

type AADCall func(keyID string) ([]byte, error)

type HDKey 

type HDKey struct {
	//私钥别名
	Alias string
	//账户路径
	RootPath string
	//账户的扩展ID
	KeyID string
	// contains filtered or unexported fields
}

HDKey 分层确定性密钥,基于BIP32模型创建的账户模型

func DecryptHDKeyByAes256GCMAndArgon2 added in v2.7.0 

func DecryptHDKeyByAes256GCMAndArgon2(keyjson []byte, auth *memguard.LockedBuffer, aadCall AADCall) (*HDKey, error)

DecryptHDKeyByAes256GCMAndArgon2 decrypts a key from a json blob, returning the private key itself.

func NewHDKey 

func NewHDKey(seed []byte, alias, rootPath string) (*HDKey, error)

NewHDKey 通过userkey,私钥种子,根私钥标识符,账户路径,创建HDKey

func (*HDKey) DerivedKeyWithPath 

func (k *HDKey) DerivedKeyWithPath(path string, curveType uint32) (*owkeychain.ExtendedKey, error)

DerivedKeyWithPath 根据BIP32的规则获取子密钥,例如:m/<purpose>'/* @param path string "" (root key) "m" (root key) "/" (root key) "m/0'" (hardened child #0 of the root key) "/0'" (hardened child #0 of the root key) "0'" (hardened child #0 of the root key) "m/44'/1'/2'" (BIP44 testnet account #2) "/44'/1'/2'" (BIP44 testnet account #2) "44'/1'/2'" (BIP44 testnet account #2)

The following paths are invalid:

"m / 0 / 1" (contains spaces) "m/b/c" (alphabetical characters instead of numerical indexes) "m/1.2^3" (contains illegal characters) @param curveType string ECC_CURVE_SECP256K1 ECC_CURVE_SECP256R1 ECC_CURVE_ED25519 DerivedKeyWithPath 安全地派生子密钥

func (*HDKey) DestroySeed added in v2.7.0 

func (k *HDKey) DestroySeed()

DestroySeed 主动清零加密内存的种子数据

func (*HDKey) FileName 

func (k *HDKey) FileName() string

FileName 文件名

func (*HDKey) Seed 

func (k *HDKey) Seed(fn func(seed []byte) error) error

Seed 安全地提供种子访问,通过回调确保明文及时清零

func (*HDKey) SetAADCall added in v2.7.0 

func (k *HDKey) SetAADCall(call AADCall)

type HDKeystore 

type HDKeystore struct {
	// contains filtered or unexported fields
}

HDKeystore HDKey的存粗工具类

func NewHDKeystore 

func NewHDKeystore(keydir string, scryptN, scryptP int) *HDKeystore

NewHDKeystore 实例化HDKeystore

func (HDKeystore) GetKey 

func (ks HDKeystore) GetKey(rootId, filename string, auth *memguard.LockedBuffer) (*HDKey, error)

GetKey 通过accountId读取钥匙

func (HDKeystore) GetKeyFromBase64 added in v2.7.0 

func (ks HDKeystore) GetKeyFromBase64(keyJsonB64 string, auth *memguard.LockedBuffer, aadCall AADCall) (*HDKey, error)

func (HDKeystore) GetLockerKey added in v2.7.0 

func (ks HDKeystore) GetLockerKey(path string, auth *memguard.LockedBuffer, aadCall AADCall) (*HDKey, error)

GetLockerKey 通过accountId读取钥匙

func (*HDKeystore) JoinDirPath added in v2.7.0 

func (ks *HDKeystore) JoinDirPath(dir, filename string) string

func (*HDKeystore) JoinPath 

func (ks *HDKeystore) JoinPath(filename string) string

JoinPath 文件路径组合

func (*HDKeystore) StoreLockerKeyWithSeed added in v2.7.0 

func (ks *HDKeystore) StoreLockerKeyWithSeed(
	filename string,
	meta *HDKey,
	plainSeed []byte,
	auth *memguard.LockedBuffer,
) error

StoreLockerKeyWithSeed 接收明文 seed(仅在锁定内存中有效)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.