quorum/crypto/crypto.go

package crypto

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/ecdsa"
	"crypto/elliptic"
	"crypto/rand"
	"crypto/sha256"
	"fmt"
	"io"
	"os"

	"encoding/hex"
	"encoding/json"
	"errors"

	"code.google.com/p/go-uuid/uuid"
	"code.google.com/p/go.crypto/pbkdf2"
	"code.google.com/p/go.crypto/ripemd160"
	"github.com/ethereum/go-ethereum/crypto/ecies"
	"github.com/ethereum/go-ethereum/crypto/secp256k1"
	"github.com/ethereum/go-ethereum/crypto/sha3"
	"github.com/ethereum/go-ethereum/ethutil"
)

func init() {
	// specify the params for the s256 curve
	ecies.AddParamsForCurve(S256(), ecies.ECIES_AES128_SHA256)
}

func Sha3(data ...[]byte) []byte {
	d := sha3.NewKeccak256()
	for _, b := range data {
		d.Write(b)
	}
	return d.Sum(nil)
}

// Creates an ethereum address given the bytes and the nonce
func CreateAddress(b []byte, nonce uint64) []byte {
	return Sha3(ethutil.NewValue([]interface{}{b, nonce}).Encode())[12:]
}

func Sha256(data []byte) []byte {
	hash := sha256.Sum256(data)

	return hash[:]
}

func Ripemd160(data []byte) []byte {
	ripemd := ripemd160.New()
	ripemd.Write(data)

	return ripemd.Sum(nil)
}

func Ecrecover(data []byte) []byte {
	var in = struct {
		hash []byte
		sig  []byte
	}{data[:32], data[32:]}

	r, _ := secp256k1.RecoverPubkey(in.hash, in.sig)

	return r
}

// New methods using proper ecdsa keys from the stdlib
func ToECDSA(prv []byte) *ecdsa.PrivateKey {
	if len(prv) == 0 {
		return nil
	}

	priv := new(ecdsa.PrivateKey)
	priv.PublicKey.Curve = S256()
	priv.D = ethutil.BigD(prv)
	priv.PublicKey.X, priv.PublicKey.Y = S256().ScalarBaseMult(prv)
	return priv
}

func FromECDSA(prv *ecdsa.PrivateKey) []byte {
	if prv == nil {
		return nil
	}
	return prv.D.Bytes()
}

func ToECDSAPub(pub []byte) *ecdsa.PublicKey {
	if len(pub) == 0 {
		return nil
	}
	x, y := elliptic.Unmarshal(S256(), pub)
	return &ecdsa.PublicKey{S256(), x, y}
}

func FromECDSAPub(pub *ecdsa.PublicKey) []byte {
	if pub == nil || pub.X == nil || pub.Y == nil {
		return nil
	}
	return elliptic.Marshal(S256(), pub.X, pub.Y)
}

// HexToECDSA parses a secp256k1 private key.
func HexToECDSA(hexkey string) (*ecdsa.PrivateKey, error) {
	b, err := hex.DecodeString(hexkey)
	if err != nil {
		return nil, errors.New("invalid hex string")
	}
	if len(b) != 32 {
		return nil, errors.New("invalid length, need 256 bits")
	}
	return ToECDSA(b), nil
}

// LoadECDSA loads a secp256k1 private key from the given file.
func LoadECDSA(file string) (*ecdsa.PrivateKey, error) {
	buf := make([]byte, 32)
	fd, err := os.Open(file)
	if err != nil {
		return nil, err
	}
	defer fd.Close()
	if _, err := io.ReadFull(fd, buf); err != nil {
		return nil, err
	}
	return ToECDSA(buf), nil
}

func GenerateKey() (*ecdsa.PrivateKey, error) {
	return ecdsa.GenerateKey(S256(), rand.Reader)
}

func SigToPub(hash, sig []byte) *ecdsa.PublicKey {
	s := Ecrecover(append(hash, sig...))
	x, y := elliptic.Unmarshal(S256(), s)

	return &ecdsa.PublicKey{S256(), x, y}
}

func Sign(hash []byte, prv *ecdsa.PrivateKey) (sig []byte, err error) {
	if len(hash) != 32 {
		return nil, fmt.Errorf("hash is required to be exactly 32 bytes (%d)", len(hash))
	}

	sig, err = secp256k1.Sign(hash, ethutil.LeftPadBytes(prv.D.Bytes(), prv.Params().BitSize/8))
	return
}

func Encrypt(pub *ecdsa.PublicKey, message []byte) ([]byte, error) {
	return ecies.Encrypt(rand.Reader, ecies.ImportECDSAPublic(pub), message, nil, nil)
}

func Decrypt(prv *ecdsa.PrivateKey, ct []byte) ([]byte, error) {
	key := ecies.ImportECDSA(prv)
	return key.Decrypt(rand.Reader, ct, nil, nil)
}

// creates a Key and stores that in the given KeyStore by decrypting a presale key JSON
func ImportPreSaleKey(keyStore KeyStore2, keyJSON []byte, password string) (*Key, error) {
	key, err := decryptPreSaleKey(keyJSON, password)
	if err != nil {
		return nil, err
	}
	key.Id = uuid.NewRandom()
	err = keyStore.StoreKey(key, password)
	return key, err
}

func decryptPreSaleKey(fileContent []byte, password string) (key *Key, err error) {
	preSaleKeyStruct := struct {
		EncSeed string
		EthAddr string
		Email   string
		BtcAddr string
	}{}
	err = json.Unmarshal(fileContent, &preSaleKeyStruct)
	if err != nil {
		return nil, err
	}
	encSeedBytes, err := hex.DecodeString(preSaleKeyStruct.EncSeed)
	iv := encSeedBytes[:16]
	cipherText := encSeedBytes[16:]
	/*
		See https://github.com/ethereum/pyethsaletool

		pyethsaletool generates the encryption key from password by
		2000 rounds of PBKDF2 with HMAC-SHA-256 using password as salt (:().
		16 byte key length within PBKDF2 and resulting key is used as AES key
	*/
	passBytes := []byte(password)
	derivedKey := pbkdf2.Key(passBytes, passBytes, 2000, 16, sha256.New)
	plainText, err := aesCBCDecrypt(derivedKey, cipherText, iv)
	ethPriv := Sha3(plainText)
	ecKey := ToECDSA(ethPriv)
	key = &Key{
		Id:         nil,
		Address:    PubkeyToAddress(ecKey.PublicKey),
		PrivateKey: ecKey,
	}
	derivedAddr := ethutil.Bytes2Hex(key.Address)
	expectedAddr := preSaleKeyStruct.EthAddr
	if derivedAddr != expectedAddr {
		err = errors.New("decrypted addr not equal to expected addr")
	}
	return key, err
}

func aesCBCDecrypt(key []byte, cipherText []byte, iv []byte) (plainText []byte, err error) {
	aesBlock, err := aes.NewCipher(key)
	if err != nil {
		return plainText, err
	}
	decrypter := cipher.NewCBCDecrypter(aesBlock, iv)
	paddedPlainText := make([]byte, len(cipherText))
	decrypter.CryptBlocks(paddedPlainText, cipherText)
	plainText = PKCS7Unpad(paddedPlainText)
	if plainText == nil {
		err = errors.New("Decryption failed: PKCS7Unpad failed after decryption")
	}
	return plainText, err
}

// From https://leanpub.com/gocrypto/read#leanpub-auto-block-cipher-modes
func PKCS7Pad(in []byte) []byte {
	padding := 16 - (len(in) % 16)
	if padding == 0 {
		padding = 16
	}
	for i := 0; i < padding; i++ {
		in = append(in, byte(padding))
	}
	return in
}

func PKCS7Unpad(in []byte) []byte {
	if len(in) == 0 {
		return nil
	}

	padding := in[len(in)-1]
	if int(padding) > len(in) || padding > aes.BlockSize {
		return nil
	} else if padding == 0 {
		return nil
	}

	for i := len(in) - 1; i > len(in)-int(padding)-1; i-- {
		if in[i] != padding {
			return nil
		}
	}
	return in[:len(in)-int(padding)]
}

func PubkeyToAddress(p ecdsa.PublicKey) []byte {
	pubBytes := FromECDSAPub(&p)
	return Sha3(pubBytes[1:])[12:]
}
ethcrypto => crypto 2014-10-31 04:37:43 -07:00			`package crypto`
move ethutil helper crypto functions to ethcrypto/crypto 2014-06-29 07:57:12 -07:00
			`import (`
Add ImportPreSaleKey * ImportPreSaleKey takes a KeyStore, a presale key JSON (e.g. file content) and a password string. It stores the key in the given key store. * Refactored common AES decryption and moved some functions to crypto.go 2015-01-20 14:55:13 -08:00			`"crypto/aes"`
			`"crypto/cipher"`
Added Encrypt & Decrypt using the ECIES w/ tests 2014-12-09 15:03:21 -08:00			`"crypto/ecdsa"`
			`"crypto/elliptic"`
			`"crypto/rand"`
ECRECOVER RIPEMD160 SHA256 2014-10-08 03:00:50 -07:00			`"crypto/sha256"`
Pad private key when signing & length check for hashes in sign 2015-01-22 09:12:05 -08:00			`"fmt"`
crypto: add key loading functions 2015-02-10 03:29:50 -08:00			`"io"`
			`"os"`
ECRECOVER RIPEMD160 SHA256 2014-10-08 03:00:50 -07:00
Merge branch 'import_presale_keys' of https://github.com/Gustav-Simonsson/go-ethereum into Gustav-Simonsson-import_presale_keys Conflicts: crypto/crypto.go 2015-01-22 13:42:39 -08:00			`"encoding/hex"`
			`"encoding/json"`
Add ImportPreSaleKey * ImportPreSaleKey takes a KeyStore, a presale key JSON (e.g. file content) and a password string. It stores the key in the given key store. * Refactored common AES decryption and moved some functions to crypto.go 2015-01-20 14:55:13 -08:00			`"errors"`
ECRECOVER RIPEMD160 SHA256 2014-10-08 03:00:50 -07:00
Add ImportPreSaleKey * ImportPreSaleKey takes a KeyStore, a presale key JSON (e.g. file content) and a password string. It stores the key in the given key store. * Refactored common AES decryption and moved some functions to crypto.go 2015-01-20 14:55:13 -08:00			`"code.google.com/p/go-uuid/uuid"`
			`"code.google.com/p/go.crypto/pbkdf2"`
ECRECOVER RIPEMD160 SHA256 2014-10-08 03:00:50 -07:00			`"code.google.com/p/go.crypto/ripemd160"`
Moved ECIES to repo & added secondary title for webview * ECIES moved from obscuren to ethereum * Added html META[name=badge] to reflect menuItem.secondaryTitle 2015-02-13 15:25:47 -08:00			`"github.com/ethereum/go-ethereum/crypto/ecies"`
Moved `obscuren` secp256k1-go 2015-01-21 15:35:00 -08:00			`"github.com/ethereum/go-ethereum/crypto/secp256k1"`
Moved sha3 from `obscuren` 2015-01-21 15:25:00 -08:00			`"github.com/ethereum/go-ethereum/crypto/sha3"`
Merge eth-go repository into go-ethereum mist, etheruem have been moved to cmd/ 2014-10-23 06:01:27 -07:00			`"github.com/ethereum/go-ethereum/ethutil"`
move ethutil helper crypto functions to ethcrypto/crypto 2014-06-29 07:57:12 -07:00			`)`

Added Encrypt & Decrypt using the ECIES w/ tests 2014-12-09 15:03:21 -08:00			`func init() {`
			`// specify the params for the s256 curve`
			`ecies.AddParamsForCurve(S256(), ecies.ECIES_AES128_SHA256)`
			`}`

crypto: make it easier to run Sha3 on multiple inputs crypto.Sha3(append(foo, bar)) --> crypto.Sha3(foo, bar) crypto.Sha3([]byte{}) --> crypto.Sha3() 2015-01-27 05:29:33 -08:00			`func Sha3(data ...[]byte) []byte {`
move ethutil helper crypto functions to ethcrypto/crypto 2014-06-29 07:57:12 -07:00			`d := sha3.NewKeccak256()`
crypto: make it easier to run Sha3 on multiple inputs crypto.Sha3(append(foo, bar)) --> crypto.Sha3(foo, bar) crypto.Sha3([]byte{}) --> crypto.Sha3() 2015-01-27 05:29:33 -08:00			`for _, b := range data {`
			`d.Write(b)`
			`}`
move ethutil helper crypto functions to ethcrypto/crypto 2014-06-29 07:57:12 -07:00			`return d.Sum(nil)`
			`}`
move CreateAddress from ethutil/common to ethcrypto 2014-06-29 08:08:33 -07:00
			`// Creates an ethereum address given the bytes and the nonce`
Fixed address generation 2014-07-03 01:03:58 -07:00			`func CreateAddress(b []byte, nonce uint64) []byte {`
Renamed Sha3Bin to Sha3 2014-10-08 03:06:39 -07:00			`return Sha3(ethutil.NewValue([]interface{}{b, nonce}).Encode())[12:]`
move CreateAddress from ethutil/common to ethcrypto 2014-06-29 08:08:33 -07:00			`}`
ECRECOVER RIPEMD160 SHA256 2014-10-08 03:00:50 -07:00
			`func Sha256(data []byte) []byte {`
			`hash := sha256.Sum256(data)`

			`return hash[:]`
			`}`

			`func Ripemd160(data []byte) []byte {`
			`ripemd := ripemd160.New()`
			`ripemd.Write(data)`

			`return ripemd.Sum(nil)`
			`}`

			`func Ecrecover(data []byte) []byte {`
			`var in = struct {`
			`hash []byte`
			`sig []byte`
			`}{data[:32], data[32:]}`

			`r, _ := secp256k1.RecoverPubkey(in.hash, in.sig)`

			`return r`
			`}`
Added Encrypt & Decrypt using the ECIES w/ tests 2014-12-09 15:03:21 -08:00
Changed new methods to use ecdsa package for pub prv keys 2014-12-10 05:17:10 -08:00			`// New methods using proper ecdsa keys from the stdlib`
			`func ToECDSA(prv []byte) *ecdsa.PrivateKey {`
Added length checkes 2014-12-12 13:24:04 -08:00			`if len(prv) == 0 {`
			`return nil`
			`}`

Changed new methods to use ecdsa package for pub prv keys 2014-12-10 05:17:10 -08:00			`priv := new(ecdsa.PrivateKey)`
			`priv.PublicKey.Curve = S256()`
			`priv.D = ethutil.BigD(prv)`
			`priv.PublicKey.X, priv.PublicKey.Y = S256().ScalarBaseMult(prv)`
			`return priv`
Added Encrypt & Decrypt using the ECIES w/ tests 2014-12-09 15:03:21 -08:00			`}`

Changed new methods to use ecdsa package for pub prv keys 2014-12-10 05:17:10 -08:00			`func FromECDSA(prv *ecdsa.PrivateKey) []byte {`
Added length checkes 2014-12-12 13:24:04 -08:00			`if prv == nil {`
			`return nil`
			`}`
Changed new methods to use ecdsa package for pub prv keys 2014-12-10 05:17:10 -08:00			`return prv.D.Bytes()`
Added Encrypt & Decrypt using the ECIES w/ tests 2014-12-09 15:03:21 -08:00			`}`

Added length checkes 2014-12-12 13:24:04 -08:00			`func ToECDSAPub(pub []byte) *ecdsa.PublicKey {`
			`if len(pub) == 0 {`
			`return nil`
			`}`
Added Encrypt & Decrypt using the ECIES w/ tests 2014-12-09 15:03:21 -08:00			`x, y := elliptic.Unmarshal(S256(), pub)`
Changed new methods to use ecdsa package for pub prv keys 2014-12-10 05:17:10 -08:00			`return &ecdsa.PublicKey{S256(), x, y}`
			`}`

Added length checkes 2014-12-12 13:24:04 -08:00			`func FromECDSAPub(pub *ecdsa.PublicKey) []byte {`
Fixed whisper pub key bug * Unrecoverable messages would cause segfault when recovering invalid pub key 2015-01-30 04:24:20 -08:00			`if pub == nil \|\| pub.X == nil \|\| pub.Y == nil {`
Added length checkes 2014-12-12 13:24:04 -08:00			`return nil`
			`}`
			`return elliptic.Marshal(S256(), pub.X, pub.Y)`
			`}`

crypto: add key loading functions 2015-02-10 03:29:50 -08:00			`// HexToECDSA parses a secp256k1 private key.`
			`func HexToECDSA(hexkey string) (*ecdsa.PrivateKey, error) {`
			`b, err := hex.DecodeString(hexkey)`
			`if err != nil {`
			`return nil, errors.New("invalid hex string")`
			`}`
			`if len(b) != 32 {`
			`return nil, errors.New("invalid length, need 256 bits")`
			`}`
			`return ToECDSA(b), nil`
			`}`

			`// LoadECDSA loads a secp256k1 private key from the given file.`
			`func LoadECDSA(file string) (*ecdsa.PrivateKey, error) {`
			`buf := make([]byte, 32)`
			`fd, err := os.Open(file)`
			`if err != nil {`
			`return nil, err`
			`}`
			`defer fd.Close()`
			`if _, err := io.ReadFull(fd, buf); err != nil {`
			`return nil, err`
			`}`
			`return ToECDSA(buf), nil`
			`}`

Changed new methods to use ecdsa package for pub prv keys 2014-12-10 05:17:10 -08:00			`func GenerateKey() (*ecdsa.PrivateKey, error) {`
			`return ecdsa.GenerateKey(S256(), rand.Reader)`
			`}`

			`func SigToPub(hash, sig []byte) *ecdsa.PublicKey {`
			`s := Ecrecover(append(hash, sig...))`
			`x, y := elliptic.Unmarshal(S256(), s)`

			`return &ecdsa.PublicKey{S256(), x, y}`
			`}`

			`func Sign(hash []byte, prv *ecdsa.PrivateKey) (sig []byte, err error) {`
Pad private key when signing & length check for hashes in sign 2015-01-22 09:12:05 -08:00			`if len(hash) != 32 {`
			`return nil, fmt.Errorf("hash is required to be exactly 32 bytes (%d)", len(hash))`
			`}`

Use curve params instead of hardcoded 32 bytes 2015-01-22 09:15:11 -08:00			`sig, err = secp256k1.Sign(hash, ethutil.LeftPadBytes(prv.D.Bytes(), prv.Params().BitSize/8))`
Changed new methods to use ecdsa package for pub prv keys 2014-12-10 05:17:10 -08:00			`return`
			`}`
Added Encrypt & Decrypt using the ECIES w/ tests 2014-12-09 15:03:21 -08:00
Changed new methods to use ecdsa package for pub prv keys 2014-12-10 05:17:10 -08:00			`func Encrypt(pub *ecdsa.PublicKey, message []byte) ([]byte, error) {`
			`return ecies.Encrypt(rand.Reader, ecies.ImportECDSAPublic(pub), message, nil, nil)`
Added Encrypt & Decrypt using the ECIES w/ tests 2014-12-09 15:03:21 -08:00			`}`

Changed new methods to use ecdsa package for pub prv keys 2014-12-10 05:17:10 -08:00			`func Decrypt(prv *ecdsa.PrivateKey, ct []byte) ([]byte, error) {`
			`key := ecies.ImportECDSA(prv)`
Added Encrypt & Decrypt using the ECIES w/ tests 2014-12-09 15:03:21 -08:00			`return key.Decrypt(rand.Reader, ct, nil, nil)`
			`}`
Add ImportPreSaleKey * ImportPreSaleKey takes a KeyStore, a presale key JSON (e.g. file content) and a password string. It stores the key in the given key store. * Refactored common AES decryption and moved some functions to crypto.go 2015-01-20 14:55:13 -08:00
			`// creates a Key and stores that in the given KeyStore by decrypting a presale key JSON`
			`func ImportPreSaleKey(keyStore KeyStore2, keyJSON []byte, password string) (*Key, error) {`
			`key, err := decryptPreSaleKey(keyJSON, password)`
			`if err != nil {`
			`return nil, err`
			`}`
Address pull request comments * Use crypto.Sign instead of directly calling secp256k1 lib * Rename UserAccount to Account and Addr to Address (for consistency) * Change AccountManager.Sign to take ptr to Account instead of address byte array * Simplify copying of Accounts in Accounts() * PubkeyToAddress and GetEntropyCSPRNG now exported 2015-01-27 20:12:57 -08:00			`key.Id = uuid.NewRandom()`
Add ImportPreSaleKey * ImportPreSaleKey takes a KeyStore, a presale key JSON (e.g. file content) and a password string. It stores the key in the given key store. * Refactored common AES decryption and moved some functions to crypto.go 2015-01-20 14:55:13 -08:00			`err = keyStore.StoreKey(key, password)`
			`return key, err`
			`}`

			`func decryptPreSaleKey(fileContent []byte, password string) (key *Key, err error) {`
			`preSaleKeyStruct := struct {`
			`EncSeed string`
			`EthAddr string`
			`Email string`
			`BtcAddr string`
			`}{}`
			`err = json.Unmarshal(fileContent, &preSaleKeyStruct)`
			`if err != nil {`
			`return nil, err`
			`}`
			`encSeedBytes, err := hex.DecodeString(preSaleKeyStruct.EncSeed)`
			`iv := encSeedBytes[:16]`
			`cipherText := encSeedBytes[16:]`
			`/*`
			`See https://github.com/ethereum/pyethsaletool`

			`pyethsaletool generates the encryption key from password by`
			`2000 rounds of PBKDF2 with HMAC-SHA-256 using password as salt (:().`
			`16 byte key length within PBKDF2 and resulting key is used as AES key`
			`*/`
			`passBytes := []byte(password)`
			`derivedKey := pbkdf2.Key(passBytes, passBytes, 2000, 16, sha256.New)`
CamelCase aesCBCDecrypt 2015-01-21 10:08:05 -08:00			`plainText, err := aesCBCDecrypt(derivedKey, cipherText, iv)`
Add ImportPreSaleKey * ImportPreSaleKey takes a KeyStore, a presale key JSON (e.g. file content) and a password string. It stores the key in the given key store. * Refactored common AES decryption and moved some functions to crypto.go 2015-01-20 14:55:13 -08:00			`ethPriv := Sha3(plainText)`
			`ecKey := ToECDSA(ethPriv)`
			`key = &Key{`
			`Id: nil,`
Address pull request comments * Use crypto.Sign instead of directly calling secp256k1 lib * Rename UserAccount to Account and Addr to Address (for consistency) * Change AccountManager.Sign to take ptr to Account instead of address byte array * Simplify copying of Accounts in Accounts() * PubkeyToAddress and GetEntropyCSPRNG now exported 2015-01-27 20:12:57 -08:00			`Address: PubkeyToAddress(ecKey.PublicKey),`
Add ImportPreSaleKey * ImportPreSaleKey takes a KeyStore, a presale key JSON (e.g. file content) and a password string. It stores the key in the given key store. * Refactored common AES decryption and moved some functions to crypto.go 2015-01-20 14:55:13 -08:00			`PrivateKey: ecKey,`
			`}`
Add accounts package and refactor key stores * Add initial UserAccount and AccountManager structs * Add NewAccount, Sign and Accounts functions * Refactor key stores to use key address as main identifier while keeping the UUID. * Use key address as file/dir names instead of UUID 2015-01-24 17:07:20 -08:00			`derivedAddr := ethutil.Bytes2Hex(key.Address)`
Add ImportPreSaleKey * ImportPreSaleKey takes a KeyStore, a presale key JSON (e.g. file content) and a password string. It stores the key in the given key store. * Refactored common AES decryption and moved some functions to crypto.go 2015-01-20 14:55:13 -08:00			`expectedAddr := preSaleKeyStruct.EthAddr`
			`if derivedAddr != expectedAddr {`
			`err = errors.New("decrypted addr not equal to expected addr")`
			`}`
			`return key, err`
			`}`

CamelCase aesCBCDecrypt 2015-01-21 10:08:05 -08:00			`func aesCBCDecrypt(key []byte, cipherText []byte, iv []byte) (plainText []byte, err error) {`
Add ImportPreSaleKey * ImportPreSaleKey takes a KeyStore, a presale key JSON (e.g. file content) and a password string. It stores the key in the given key store. * Refactored common AES decryption and moved some functions to crypto.go 2015-01-20 14:55:13 -08:00			`aesBlock, err := aes.NewCipher(key)`
			`if err != nil {`
			`return plainText, err`
			`}`
			`decrypter := cipher.NewCBCDecrypter(aesBlock, iv)`
			`paddedPlainText := make([]byte, len(cipherText))`
			`decrypter.CryptBlocks(paddedPlainText, cipherText)`
			`plainText = PKCS7Unpad(paddedPlainText)`
			`if plainText == nil {`
			`err = errors.New("Decryption failed: PKCS7Unpad failed after decryption")`
			`}`
			`return plainText, err`
			`}`

			`// From https://leanpub.com/gocrypto/read#leanpub-auto-block-cipher-modes`
			`func PKCS7Pad(in []byte) []byte {`
			`padding := 16 - (len(in) % 16)`
			`if padding == 0 {`
			`padding = 16`
			`}`
			`for i := 0; i < padding; i++ {`
			`in = append(in, byte(padding))`
			`}`
			`return in`
			`}`

			`func PKCS7Unpad(in []byte) []byte {`
			`if len(in) == 0 {`
			`return nil`
			`}`

			`padding := in[len(in)-1]`
			`if int(padding) > len(in) \|\| padding > aes.BlockSize {`
			`return nil`
			`} else if padding == 0 {`
			`return nil`
			`}`

			`for i := len(in) - 1; i > len(in)-int(padding)-1; i-- {`
			`if in[i] != padding {`
			`return nil`
			`}`
			`}`
			`return in[:len(in)-int(padding)]`
			`}`
Add accounts package and refactor key stores * Add initial UserAccount and AccountManager structs * Add NewAccount, Sign and Accounts functions * Refactor key stores to use key address as main identifier while keeping the UUID. * Use key address as file/dir names instead of UUID 2015-01-24 17:07:20 -08:00
Address pull request comments * Use crypto.Sign instead of directly calling secp256k1 lib * Rename UserAccount to Account and Addr to Address (for consistency) * Change AccountManager.Sign to take ptr to Account instead of address byte array * Simplify copying of Accounts in Accounts() * PubkeyToAddress and GetEntropyCSPRNG now exported 2015-01-27 20:12:57 -08:00			`func PubkeyToAddress(p ecdsa.PublicKey) []byte {`
Add accounts package and refactor key stores * Add initial UserAccount and AccountManager structs * Add NewAccount, Sign and Accounts functions * Refactor key stores to use key address as main identifier while keeping the UUID. * Use key address as file/dir names instead of UUID 2015-01-24 17:07:20 -08:00			`pubBytes := FromECDSAPub(&p)`
			`return Sha3(pubBytes[1:])[12:]`
			`}`