Open ghost opened 5 years ago
in trueconsensus/fastchain/genkeys.go WriteNewKeys function. (which called in pbftserverengine.go -> main() -> cfg.GenerateKeysToFile() -> WriteNewKeys(cfg.Network.NumKeys, cfg.Logistics.KD))
trueconsensus/fastchain/genkeys.go
WriteNewKeys
func WriteNewKeys(kcount int, kdir string) { for k := 0; k < kcount; k++ { privateKey, _ := ecdsa.GenerateKey(ethcrypto.S256(), rand.Reader) publicKey := &privateKey.PublicKey pemEncoded := hex.EncodeToString(ethcrypto.FromECDSA(privateKey)) pemEncodedPub := hex.EncodeToString(ethcrypto.FromECDSAPub(publicKey)) pemkeyFname := fmt.Sprintf("sign%v.pem", k) err1 := ioutil.WriteFile(path.Join(kdir, pemkeyFname), []byte(pemEncoded), 0600) common.CheckErr(err1) pubkeyFname := fmt.Sprintf("sign%v.pub", k) err2 := ioutil.WriteFile(path.Join(kdir, pubkeyFname), []byte(pemEncodedPub), 0644) common.CheckErr(err2) } }
ethcrypto.FromECDSA just make privatekey to byte type. function save the pemkey as pemEncoded which Unencrypted.
ethcrypto.FromECDSA
If some node be attacked, the attacker can steal pemkey of users with a malicious software.
in
trueconsensus/fastchain/genkeys.goWriteNewKeysfunction. (which called in pbftserverengine.go -> main() -> cfg.GenerateKeysToFile() -> WriteNewKeys(cfg.Network.NumKeys, cfg.Logistics.KD))ethcrypto.FromECDSAjust make privatekey to byte type. function save the pemkey as pemEncoded which Unencrypted.If some node be attacked, the attacker can steal pemkey of users with a malicious software.