More Crypto tiding

Convex-Dev · Aug 16, 2024 · c636af4 · c636af4
1 parent 9e6aace
commit c636af4
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 68 deletions.
diff --git a/convex-core/src/main/java/convex/core/crypto/AKeyPair.java b/convex-core/src/main/java/convex/core/crypto/AKeyPair.java
@@ -121,14 +121,14 @@ public static AKeyPair create(byte[] keyMaterial) {
 	}
 
 	/**
-	 * Create a key pair with the given seed. Public key is generated
+	 * Create a key pair with the given Ed25519 seed. Public key is generated
 	 * automatically from the private key
 	 *
-	 * @param seed 32 bytes of seed material
+	 * @param ed25519seed 32 bytes of seed material
 	 * @return A new key pair using the given seed
 	 */
-	public static AKeyPair create(Blob seed) {
-		return Providers.generate(seed);
+	public static AKeyPair create(Blob ed25519seed) {
+		return Providers.generate(ed25519seed);
 	}
 
 	/**

diff --git a/convex-core/src/main/java/convex/core/crypto/BIP39.java b/convex-core/src/main/java/convex/core/crypto/BIP39.java
@@ -244,7 +244,7 @@ public static AKeyPair seedToKeyPair(Blob seed) {
 	}
 
 	/**
-	 * Converts a BIP39 seed to an Ed25519 seed. This is defined as the SHA3-256 hash of the BIP39 seed
+	 * Converts a BIP39 seed to an Ed25519 seed. This is done by taking the first 32 bytes of the SLIP-10 master key
 	 * 
 	 * Note: longer term users may want hierarchical deterministic wallet generation
 	 * 
@@ -302,11 +302,12 @@ private static Blob getSeedInternal(char[] normalisedMnemonic, String passphrase
 			throw new Error("Security error getting BIP39 seed",e);
 		}
 	}
-
-	public static String createSecureMnemonic() {
-		return createSecureMnemonic(12);
-	}
 
+	/**
+	 * Creates a normalised BIP39 mnemonic with the specified number of words
+	 * @param numWords
+	 * @return
+	 */
 	public static String createSecureMnemonic(int numWords) {
 		return Utils.joinStrings(createWords(new SecureRandom(),numWords)," ");
 	}

diff --git a/convex-core/src/main/java/convex/core/crypto/PEMTools.java b/convex-core/src/main/java/convex/core/crypto/PEMTools.java
@@ -4,11 +4,7 @@
 import java.io.StringReader;
 import java.io.StringWriter;
 import java.security.GeneralSecurityException;
-import java.security.KeyFactory;
 import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.util.Base64;
 
 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
 import org.bouncycastle.openssl.PEMParser;
@@ -32,51 +28,6 @@ public class PEMTools {
 		Providers.init();
 	}
 
-	/**
-	 * Writes a key pair to a String
-	 * @param kp Key pair to write
-	 * @return PEM String representation of key pair
-	 */
-	public static String writePEM(AKeyPair kp) {
-
-		PrivateKey priv=kp.getPrivate();
-		// PublicKey pub=kp.getPublic();
-		PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(priv.getEncoded());
-
-		byte[] encoded=keySpec.getEncoded();
-		String base64=Base64.getEncoder().encodeToString(encoded);
-
-		StringBuilder sb=new StringBuilder();
-		sb.append("-----BEGIN PRIVATE KEY-----");
-		sb.append(System.lineSeparator());
-		sb.append(base64);
-		sb.append(System.lineSeparator());
-		sb.append("-----END PRIVATE KEY-----");
-		String pem=sb.toString();
-		return pem;
-	}
-
-	/**
-	 * Read a key pair from a PEM String
-	 * @param pem PEM String
-	 * @return Key pair instance
-	 * @throws GeneralSecurityException If a security error occurs
-	 */
-	public static AKeyPair readPEM(String pem) throws GeneralSecurityException {
-		String publicKeyPEM = pem.trim()
-			      .replace("-----BEGIN PRIVATE KEY-----", "")
-			      .replaceAll(System.lineSeparator(), "")
-			      .replace("-----END PRIVATE KEY-----", "");
-
-		byte[] bs = Base64.getDecoder().decode(publicKeyPEM);
-
-		KeyFactory keyFactory = KeyFactory.getInstance("Ed25519");
-		PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(bs);
-		PrivateKey priv=keyFactory.generatePrivate(keySpec);
-		PublicKey pub=keyFactory.generatePublic(keySpec);
-		return AKeyPair.create(pub, priv);
-	}
-
 	/**
 	 * Encrypt a private key into a PEM formated text
 	 *
@@ -145,12 +96,4 @@ public static AKeyPair decryptPrivateKeyFromPEM(String pemText, char[] password)
 		}
 	}
 
-	public static void main(String[] args) throws Exception {
-		AKeyPair kp=AKeyPair.createSeeded(1337);
-		String pem=writePEM(kp);
-		System.out.println(pem);
-
-		AKeyPair kp2=readPEM(pem);
-		System.out.println(kp2);
-	}
 }
diff --git a/convex-gui/src/main/java/convex/gui/keys/KeyGenPanel.java b/convex-gui/src/main/java/convex/gui/keys/KeyGenPanel.java
@@ -97,7 +97,7 @@ private void generateBIP39Seed() {
 			warn +="Not in standard word list: "+badWord+". ";
 		}
 		if (p.isBlank()) {
-			warn+="Passphrse is blank!";
+			warn+="Passphrase is blank!";
 		} else {
 			int entropy=Passwords.estimateEntropy(p);
 			if (entropy<10) {
@@ -111,7 +111,7 @@ private void generateBIP39Seed() {
 
 		if (warn.isBlank()) {
 			warningArea.setForeground(Color.GREEN);
-			warningArea.setText("Looks OK");
+			warningArea.setText("OK: Reasonable mnemonic and passphrase");
 		} else {
 			warningArea.setForeground(Color.ORANGE);
 			warningArea.setText("WARNING: "+warn);
@@ -288,6 +288,7 @@ public KeyGenPanel(PeerGUI manager) {
 			warningArea.setLineWrap(true);
 			warningArea.setWrapStyleWord(true);
 			warningArea.setEditable(false);
+			warningArea.setToolTipText("This is a quick heuristic check of mnemonic and passphrase.\nHeeding any warnings is advised, but you can ignore them if you know what you are doing (or don't care).");
 			formPanel.add(warningArea,TEXTAREA_CONSTRAINT);			
 	    }