DecodePrivateKey loads private key from private key bytes form.
(keyBytes []byte, masterKey []byte)
| 51 | |
| 52 | // DecodePrivateKey loads private key from private key bytes form. |
| 53 | func DecodePrivateKey(keyBytes []byte, masterKey []byte) (key *asymmetric.PrivateKey, err error) { |
| 54 | var ( |
| 55 | isBinaryKey bool |
| 56 | decData []byte |
| 57 | ) |
| 58 | |
| 59 | // It's very impossible to get an raw private key base58 decodable. |
| 60 | // So if it's not base58 decodable we just make fileContent the encData |
| 61 | encData, version, err := base58.CheckDecode(string(keyBytes)) |
| 62 | switch err { |
| 63 | case base58.ErrChecksum: |
| 64 | return |
| 65 | |
| 66 | case base58.ErrInvalidFormat: |
| 67 | // be compatible with the original binary private key format |
| 68 | isBinaryKey = true |
| 69 | encData = keyBytes |
| 70 | } |
| 71 | |
| 72 | if version != 0 && version != PrivateKeyStoreVersion { |
| 73 | return nil, ErrInvalidBase58Version |
| 74 | } |
| 75 | |
| 76 | if isBinaryKey { |
| 77 | decData, err = symmetric.DecryptWithPassword(encData, masterKey, []byte(oldPrivateKDFSalt)) |
| 78 | if err != nil { |
| 79 | log.Error("decrypt private key error") |
| 80 | return |
| 81 | } |
| 82 | |
| 83 | // sha256 + privateKey |
| 84 | if len(decData) != hash.HashBSize+asymmetric.PrivateKeyBytesLen { |
| 85 | log.WithFields(log.Fields{ |
| 86 | "expected": hash.HashBSize + asymmetric.PrivateKeyBytesLen, |
| 87 | "actual": len(decData), |
| 88 | }).Error("wrong binary private key file size") |
| 89 | return nil, ErrNotKeyFile |
| 90 | } |
| 91 | |
| 92 | computedHash := hash.DoubleHashB(decData[hash.HashBSize:]) |
| 93 | if !bytes.Equal(computedHash, decData[:hash.HashBSize]) { |
| 94 | return nil, ErrHashNotMatch |
| 95 | } |
| 96 | key, _ = asymmetric.PrivKeyFromBytes(decData[hash.HashBSize:]) |
| 97 | } else { |
| 98 | decData, err = symmetric.DecryptWithPassword(encData, masterKey, privateKDFSalt) |
| 99 | if err != nil { |
| 100 | log.Error("decrypt private key error") |
| 101 | return |
| 102 | } |
| 103 | |
| 104 | // privateKey |
| 105 | if len(decData) != asymmetric.PrivateKeyBytesLen { |
| 106 | log.WithFields(log.Fields{ |
| 107 | "expected": asymmetric.PrivateKeyBytesLen, |
| 108 | "actual": len(decData), |
| 109 | }).Error("wrong base58 private key file size") |
| 110 | return nil, ErrNotKeyFile |
no test coverage detected