Skip to content

Commit

Permalink
Merge pull request #128 from ethereum/dev
Browse files Browse the repository at this point in the history
dev -> master for Zinken
  • Loading branch information
CarlBeek authored Oct 1, 2020
2 parents 1681a93 + 4362769 commit 7f43610
Show file tree
Hide file tree
Showing 7 changed files with 57 additions and 10 deletions.
2 changes: 2 additions & 0 deletions eth2deposit/credentials.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
Keystore,
ScryptKeystore,
)
from eth2deposit.settings import DEPOSIT_CLI_VERSION
from eth2deposit.utils.constants import (
BLS_WITHDRAWAL_PREFIX,
ETH2GWEI,
Expand Down Expand Up @@ -90,6 +91,7 @@ def deposit_datum_dict(self) -> Dict[str, bytes]:
datum_dict.update({'deposit_message_root': self.deposit_message.hash_tree_root})
datum_dict.update({'deposit_data_root': signed_deposit_datum.hash_tree_root})
datum_dict.update({'fork_version': self.fork_version})
datum_dict.update({'deposit_cli_version': DEPOSIT_CLI_VERSION})
return datum_dict

def signing_keystore(self, password: str) -> Keystore:
Expand Down
10 changes: 9 additions & 1 deletion eth2deposit/settings.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,8 @@
from typing import Dict, NamedTuple
import pkg_resources


DEPOSIT_CLI_VERSION = pkg_resources.require("eth2deposit")[0].version


class BaseChainSetting(NamedTuple):
Expand All @@ -13,21 +17,25 @@ class BaseChainSetting(NamedTuple):
AltonaSetting = BaseChainSetting(GENESIS_FORK_VERSION=bytes.fromhex('00000121'))
# Eth2 "official" public testnet (spec v0.12.2)
MedallaSetting = BaseChainSetting(GENESIS_FORK_VERSION=bytes.fromhex('00000001'))
# Eth2 "dress rehearsal_" testnet (spec v0.12.3)
# Eth2 "dress rehearsal" testnet (spec v0.12.3)
SpadinaSetting = BaseChainSetting(GENESIS_FORK_VERSION=bytes.fromhex('00000002'))
# Eth2 "dress rehearsal" testnet (spec v0.12.3)
ZinkenSetting = BaseChainSetting(GENESIS_FORK_VERSION=bytes.fromhex('00000003'))


MAINNET = 'mainnet'
WITTI = 'witti'
ALTONA = 'altona'
MEDALLA = 'medalla'
SPADINA = 'spadina'
ZINKEN = 'zinken'
ALL_CHAINS: Dict[str, BaseChainSetting] = {
MAINNET: MainnetSetting,
WITTI: WittiSetting,
ALTONA: AltonaSetting,
MEDALLA: MedallaSetting,
SPADINA: SpadinaSetting,
ZINKEN: ZinkenSetting,
}


Expand Down
10 changes: 10 additions & 0 deletions eth2deposit/utils/crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ def SHA256(x: bytes) -> bytes:


def scrypt(*, password: str, salt: str, n: int, r: int, p: int, dklen: int) -> bytes:
if n * r * p < 2**20: # 128 MB memory usage
raise ValueError("The Scrypt parameters chosen are not secure.")
if n >= 2**(128 * r / 8):
raise ValueError("The given `n` should be less than `2**(128 * r / 8)`."
f"\tGot `n={n}`, r={r}, 2**(128 * r / 8)={2**(128 * r / 8)}")
Expand All @@ -29,6 +31,14 @@ def scrypt(*, password: str, salt: str, n: int, r: int, p: int, dklen: int) -> b
def PBKDF2(*, password: bytes, salt: bytes, dklen: int, c: int, prf: str) -> bytes:
if 'sha' not in prf:
raise ValueError(f"String 'sha' is not in `prf`({prf})")
if 'sha256' in prf and c < 2**18:
'''
Verify the number of rounds of SHA256-PBKDF2. SHA512 not checked as use in BIP39
does not require, and therefore doesn't use, safe parameters (c=2048).
Ref: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#from-mnemonic-to-seed
'''
raise ValueError("The PBKDF2 parameters chosen are not secure.")
_hash = _sha256 if 'sha256' in prf else _sha512
res = _PBKDF2(password=password, salt=salt, dkLen=dklen, count=c, hmac_hash_module=_hash) # type: ignore
return res if isinstance(res, bytes) else res[0] # PyCryptodome can return Tuple[bytes]
Expand Down
6 changes: 3 additions & 3 deletions requirements.txt
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
py-ecc==4.0.0 \
--hash=sha256:0712a1ebc2d45417088aa613f28518c1714c99d023998e50244c91e3acbb0d6c \
--hash=sha256:a637edcce7e31ddefae0a3c1018f16e25c9428fcd524b1ac5ceeb2adfc433276
py-ecc==5.0.0 \
--hash=sha256:67a6b944722408c75bb630617dfbd8062c45b72d154ed3a6891c833717c87638 \
--hash=sha256:9d3c7ba607ef36d7f8af9944d702799014b27fc77b385d14024f96f9f610ad0a
pycryptodome==3.9.8 \
--hash=sha256:02e51e1d5828d58f154896ddfd003e2e7584869c275e5acbe290443575370fba \
--hash=sha256:03d5cca8618620f45fd40f827423f82b86b3a202c8d44108601b0f5f56b04299 \
Expand Down
2 changes: 1 addition & 1 deletion setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

setup(
name="eth2deposit",
version='0.3.0',
version='0.4.0',
py_modules=["eth2deposit"],
packages=find_packages(exclude=('tests', 'docs')),
python_requires=">=3.7,<4",
Expand Down
2 changes: 0 additions & 2 deletions tests/test_key_handling/test_key_derivation/test_tree.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@
test_vectors = json.load(f)['kdf_tests']


@pytest.mark.skip(reason="py_ecc doesn't support BLS v4 yet")
@pytest.mark.parametrize(
'test',
test_vectors
Expand All @@ -27,7 +26,6 @@ def test_hkdf_mod_r(test) -> None:
assert bls.KeyGen(seed) == _HKDF_mod_r(IKM=seed)


@pytest.mark.skip(reason="py_ecc doesn't support BLS v4 yet")
@pytest.mark.parametrize(
'seed',
[b'\x00' * 32]
Expand Down
35 changes: 32 additions & 3 deletions tests/test_utils/test_crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,12 @@
@pytest.mark.parametrize(
'n, r, valid',
[
(int(2**(128 * 1 / 8)) // 2, 1, True),
(int(2**(128 * 1 / 8)), 1, False),
(int(2**(128 * 1 / 8)) * 2, 8, True),
(int(2**(128 * 1 / 8)) * 1, 8, False), # Unsafe Parameters
(int(2**(128 * 1 / 8)) * 1, 1, False), # Invalid n
]
)
def test_scrypt_invalid_n(n, r, valid):
def test_scrypt_invalid_params(n, r, valid):
if valid:
scrypt(
password="mypassword",
Expand Down Expand Up @@ -63,6 +64,34 @@ def test_PBKDF2_invalid_prf(prf, valid):
)


@pytest.mark.parametrize(
'count, prf, valid',
[
(2**18, "sha256", True),
(2**17, "sha256", False),
(2**11, "sha512", True),
]
)
def test_PBKDF2_invalid_count(count, prf, valid):
if valid:
PBKDF2(
password="mypassword",
salt="mysalt",
dklen=64,
c=count,
prf=prf
)
else:
with pytest.raises(ValueError):
PBKDF2(
password="mypassword",
salt="mysalt",
dklen=64,
c=2048,
prf=prf,
)


@pytest.mark.parametrize(
'key, iv, valid',
[
Expand Down

0 comments on commit 7f43610

Please sign in to comment.