modify console /account ,fix gm account issue when without password

client/gm_account.py

@@ -72,35 +72,38 @@ def save_to_file(self, filename, password=None):
                 self.cbc_iv, bytes(self.keypair.private_key, "utf-8"))
             key = str(base64.b64encode(encrypt_value), "utf-8")
             content["encrypt"] = True
+            passwdBytes = bytes(password, "utf-8")
+            content["mac"] = sm3.sm3_hash(passwdBytes)
         content["private_key"] = key
         content["type"] = "gm"
         # set mac of the password
-        passwdBytes = bytes(password, "utf-8")
-        content["mac"] = sm3.sm3_hash(passwdBytes)
+
         with open(filename, "w") as dump_f:
             json.dump(content, dump_f, indent=4)
             dump_f.close()
 
     # 从文件加载，格式是json
     def load_from_file(self, filename, password=None):
-        if password is None:
-            return
+        #if password is None:
+        #    return
         with open(filename, "r") as dump_f:
             content = json.load(dump_f)
             dump_f.close()
 
         if content["type"] != "gm":
             return
-        # get and compare mac
-        expected_mac = content["mac"]
-        password = self.pwd_ljust(password)
-        passwdBytes = bytes(password, "utf-8")
-        mac = sm3.sm3_hash(passwdBytes)
-        if not hmac.compare_digest(mac, expected_mac):
-            raise ValueError("MAC mismatch")
+
         key = content["private_key"]
-        crypt_sm4 = CryptSM4()
-        crypt_sm4.set_key(bytes(password, "utf-8"), SM4_DECRYPT)
-        key = base64.b64decode(bytes(key, "utf-8"))
-        key = str(crypt_sm4.crypt_cbc(self.cbc_iv, key), "utf-8")
+        # get and compare mac
+        if password is not None:
+            expected_mac = content["mac"]
+            password = self.pwd_ljust(password)
+            passwdBytes = bytes(password, "utf-8")
+            mac = sm3.sm3_hash(passwdBytes)
+            if not hmac.compare_digest(mac, expected_mac):
+                raise ValueError("MAC mismatch")
+            crypt_sm4 = CryptSM4()
+            crypt_sm4.set_key(bytes(password, "utf-8"), SM4_DECRYPT)
+            key = base64.b64decode(bytes(key, "utf-8"))
+            key = str(crypt_sm4.crypt_cbc(self.cbc_iv, key), "utf-8")
         self.from_key(key)

console_utils/cmd_account.py

@@ -78,6 +78,9 @@ def create_gm_account(self, name, password):
             print("account save to :", keyfile)
 
     def create_ecdsa_account(self, name, password):
+        if password is None or len(password) < 6:
+            print("\n!!!-> WARNING: Create ECDSA keystore need Password len >=6. etc: [ ****** ] <-!!! \n")
+            return
         ac = Account.create(password)
         print("new address :\t", ac.address)
         print("new privkey :\t", encode_hex(ac.key))
@@ -133,11 +136,12 @@ def newaccount(self, inputparams):
                 "account name should no more than {}".format(max_account_len),
             )
             sys.exit(1)
-        password = inputparams[1]
-        forcewrite = False
-        if len(inputparams) == 3 and inputparams[2] == "save":
-            forcewrite = True
-        print("starting : {} {}  , if save:{}".format(name, password, forcewrite))
+        password = None
+        if len(inputparams) > 1:
+            password = inputparams[1]
+        else:
+            print(f"\n!!! -> WARNING : create account WITHOUT Password is NOT Safe. at : [ {name} ] <-!!!\n")
+        print("starting : {} {}  ".format(name, password))
         if self.crypto_type == CRYPTO_TYPE_GM:
             self.create_gm_account(name, password)
         else:

tests/testgmaccount.py

@@ -1,12 +1,21 @@
 import sys
-
+sys.path.append("./")
 from client.gm_account import GM_Account
 from client.signer_impl import Signer_GM;
 from eth_utils import decode_hex,encode_hex
 from eth_utils.crypto import set_crypto_type, CRYPTO_TYPE_GM
 set_crypto_type("gm")
 from gmssl import sm2, func
 from gmssl import sm2_helper
+
+print("\n\ntest create new account")
+account = GM_Account()
+account.create()
+#print("create account detail: ", account.getdetail())
+
+privatekey = "77afa2e920597092d3374993bcc98e82911b5302337d3e4cc5d457c3dee3f96d"
+
+
 def test_gmaccount_spec():
     privkey = "82dcd33c98a23d5d06f9331554e14ab4044a1d71b169b7a38b61c214f0690f80"
     account = GM_Account()
@@ -37,50 +46,59 @@ def test_gmaccount_spec():
 
 
 
-test_gmaccount_spec()
-sys.exit(0)
-'''
-私钥：77afa2e920597092d3374993bcc98e82911b5302337d3e4cc5d457c3dee3f96d
-公钥：0d91c4a0712cb8bd826dadc3458458d0ae120d54b4f3d8dc914d3bf18cfc41ec9ee30ca57402f80b6c847cd684d0382d295b4b497e6d11b56d9bb24df7d44e4d
-地址：0xb925aa05369c23ab1b46d9f4faca08126536ae85
-'''
-print("\n\ntest create new account")
-account = GM_Account()
-account.create()
-print("create account detail: ", account.getdetail())
 
 
-privatekey = "77afa2e920597092d3374993bcc98e82911b5302337d3e4cc5d457c3dee3f96d"
-print("\n\ntest from private key and set to  crypto content,key:", privatekey)
-filename = "bin/accounts/gm_account1.json"
-print("filename :", filename)
-account1 = GM_Account()
-account1.from_key(privatekey)
-print(account1.getdetail())
-account1.save_to_file(filename, "123456")
-account11 = GM_Account()
-account11.load_from_file(filename, "123456")
-print("load account detail: ", account11.getdetail())
-
-
-print("\n\ntest account save to plain file ,from key: ", privatekey)
-filename = "bin/accounts/gm_account2.json"
-print("filename: ", filename)
-account2 = GM_Account()
-account2.from_key(privatekey)
-account2.save_to_file(filename)
-account21 = GM_Account()
-account21.load_from_file(filename)
-print("load from plain file: ", account21.getdetail())
-
-
-'''
-publicKey ="FA05C51AD1162133DFDF862ECA5E4A481B52FB37FF83E53D45FD18BBD6F32668A92C4692EEB305684E3B9D4ACE767F91D5D108234A9F07936020A92210BA9447"
-privatekey = "5EB4DF17021CC719B678D970C620690A11B29C8357D71FA4FF9BF7FB6D89767A"
-
-'''
-print("\n\n test other")
-privatekey = "5EB4DF17021CC719B678D970C620690A11B29C8357D71FA4FF9BF7FB6D89767A"
-account3 = GM_Account()
-account3.from_key(privatekey)
-print(account3.getdetail())
+
+def test_gmaccount_save_withpass():
+    '''
+    私钥：77afa2e920597092d3374993bcc98e82911b5302337d3e4cc5d457c3dee3f96d
+    公钥：0d91c4a0712cb8bd826dadc3458458d0ae120d54b4f3d8dc914d3bf18cfc41ec9ee30ca57402f80b6c847cd684d0382d295b4b497e6d11b56d9bb24df7d44e4d
+    地址：0xb925aa05369c23ab1b46d9f4faca08126536ae85
+    '''
+    global privatekey
+    print("\n\ntest from private key and set to  crypto content,key:", privatekey)
+
+    filename = "bin/accounts/gm_account_pass.json"
+    print("filename :", filename)
+    account1 = GM_Account()
+    account1.from_key(privatekey)
+    print(account1.getdetail())
+    pwd =  "123456"
+    account1.save_to_file(filename,pwd)
+    account11 = GM_Account()
+    account11.create()
+    account11.load_from_file(filename, pwd)
+    print("load account detail: ", account11.getdetail())
+
+
+
+    '''
+    publicKey ="FA05C51AD1162133DFDF862ECA5E4A481B52FB37FF83E53D45FD18BBD6F32668A92C4692EEB305684E3B9D4ACE767F91D5D108234A9F07936020A92210BA9447"
+    privatekey = "5EB4DF17021CC719B678D970C620690A11B29C8357D71FA4FF9BF7FB6D89767A"
+
+    '''
+    print("\n\n test other")
+    privatekey = "5EB4DF17021CC719B678D970C620690A11B29C8357D71FA4FF9BF7FB6D89767A"
+    account3 = GM_Account()
+    account3.from_key(privatekey)
+    print(account3.getdetail())
+
+
+def test_gmaccount_save_nopass():
+    print("\n\ntest account save to plain file ,from key: ", privatekey)
+    filename = "bin/accounts/gm_nopass.json"
+    print("filename: ", filename)
+    account2 = GM_Account()
+    account2.from_key(privatekey)
+    print("now account is ",account2.getdetail())
+    account2.save_to_file(filename)
+    account21 = GM_Account()
+    account21.create()
+    account21.load_from_file(filename)
+    print("load from plain file: ", account21.getdetail())
+
+
+#test_gmaccount_save_nopass()
+test_gmaccount_save_withpass()
+sys.exit(0)
+