crypter_8cpp_source.html

 // Copyright (c) 2009-2017 The Bitcoin Core developers
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.

 #include <wallet/crypter.h>

 #include <crypto/aes.h>
 #include <crypto/sha512.h>
 #include <script/script.h>
 #include <script/standard.h>
 #include <util.h>

 #include <string>
 #include <vector>

 int CCrypter::BytesToKeySHA512AES(const std::vector<unsigned char>& chSalt, const SecureString& strKeyData, int count, unsigned char *key,unsigned char *iv) const
 {
     // This mimics the behavior of openssl's EVP_BytesToKey with an aes256cbc
     // cipher and sha512 message digest. Because sha512's output size (64b) is
     // greater than the aes256 block size (16b) + aes256 key size (32b),
     // there's no need to process more than once (D_0).

     if(!count || !key || !iv)
         return 0;

     unsigned char buf[CSHA512::OUTPUT_SIZE];
     CSHA512 di;

     di.Write((const unsigned char*)strKeyData.c_str(), strKeyData.size());
     if(chSalt.size())
         di.Write(&chSalt[0], chSalt.size());
     di.Finalize(buf);

     for(int i = 0; i != count - 1; i++)
         di.Reset().Write(buf, sizeof(buf)).Finalize(buf);

     memcpy(key, buf, WALLET_CRYPTO_KEY_SIZE);
     memcpy(iv, buf + WALLET_CRYPTO_KEY_SIZE, WALLET_CRYPTO_IV_SIZE);
     memory_cleanse(buf, sizeof(buf));
     return WALLET_CRYPTO_KEY_SIZE;
 }

 bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod)
 {
     if (nRounds < 1 || chSalt.size() != WALLET_CRYPTO_SALT_SIZE)
         return false;

     int i = 0;
     if (nDerivationMethod == 0)
         i = BytesToKeySHA512AES(chSalt, strKeyData, nRounds, vchKey.data(), vchIV.data());

     if (i != (int)WALLET_CRYPTO_KEY_SIZE)
     {
         memory_cleanse(vchKey.data(), vchKey.size());
         memory_cleanse(vchIV.data(), vchIV.size());
         return false;
     }

     fKeySet = true;
     return true;
 }

 bool CCrypter::SetKey(const CKeyingMaterial& chNewKey, const std::vector<unsigned char>& chNewIV)
 {
     if (chNewKey.size() != WALLET_CRYPTO_KEY_SIZE || chNewIV.size() != WALLET_CRYPTO_IV_SIZE)
         return false;

     memcpy(vchKey.data(), chNewKey.data(), chNewKey.size());
     memcpy(vchIV.data(), chNewIV.data(), chNewIV.size());

     fKeySet = true;
     return true;
 }

 bool CCrypter::Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned char> &vchCiphertext) const
 {
     if (!fKeySet)
         return false;

     // max ciphertext len for a n bytes of plaintext is
     // n + AES_BLOCKSIZE bytes
     vchCiphertext.resize(vchPlaintext.size() + AES_BLOCKSIZE);

     AES256CBCEncrypt enc(vchKey.data(), vchIV.data(), true);
     size_t nLen = enc.Encrypt(&vchPlaintext[0], vchPlaintext.size(), &vchCiphertext[0]);
     if(nLen < vchPlaintext.size())
         return false;
     vchCiphertext.resize(nLen);

     return true;
 }

 bool CCrypter::Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext) const
 {
     if (!fKeySet)
         return false;

     // plaintext will always be equal to or lesser than length of ciphertext
     int nLen = vchCiphertext.size();

     vchPlaintext.resize(nLen);

     AES256CBCDecrypt dec(vchKey.data(), vchIV.data(), true);
     nLen = dec.Decrypt(&vchCiphertext[0], vchCiphertext.size(), &vchPlaintext[0]);
     if(nLen == 0)
         return false;
     vchPlaintext.resize(nLen);
     return true;
 }


 static bool EncryptSecret(const CKeyingMaterial& vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256& nIV, std::vector<unsigned char> &vchCiphertext)
 {
     CCrypter cKeyCrypter;
     std::vector<unsigned char> chIV(WALLET_CRYPTO_IV_SIZE);
     memcpy(&chIV[0], &nIV, WALLET_CRYPTO_IV_SIZE);
     if(!cKeyCrypter.SetKey(vMasterKey, chIV))
         return false;
     return cKeyCrypter.Encrypt(*((const CKeyingMaterial*)&vchPlaintext), vchCiphertext);
 }

 static bool DecryptSecret(const CKeyingMaterial& vMasterKey, const std::vector<unsigned char>& vchCiphertext, const uint256& nIV, CKeyingMaterial& vchPlaintext)
 {
     CCrypter cKeyCrypter;
     std::vector<unsigned char> chIV(WALLET_CRYPTO_IV_SIZE);
     memcpy(&chIV[0], &nIV, WALLET_CRYPTO_IV_SIZE);
     if(!cKeyCrypter.SetKey(vMasterKey, chIV))
         return false;
     return cKeyCrypter.Decrypt(vchCiphertext, *((CKeyingMaterial*)&vchPlaintext));
 }

 static bool DecryptKey(const CKeyingMaterial& vMasterKey, const std::vector<unsigned char>& vchCryptedSecret, const CPubKey& vchPubKey, CKey& key)
 {
     CKeyingMaterial vchSecret;
     if(!DecryptSecret(vMasterKey, vchCryptedSecret, vchPubKey.GetHash(), vchSecret))
         return false;

     if (vchSecret.size() != 32)
         return false;

     key.Set(vchSecret.begin(), vchSecret.end(), vchPubKey.IsCompressed());
     return key.VerifyPubKey(vchPubKey);
 }

 bool CCryptoKeyStore::SetCrypted()
 {
     LOCK(cs_KeyStore);
     if (fUseCrypto)
         return true;
     if (!mapKeys.empty())
         return false;
     fUseCrypto = true;
     return true;
 }

 bool CCryptoKeyStore::Lock()
 {
     if (!SetCrypted())
         return false;

     {
         LOCK(cs_KeyStore);
         vMasterKey.clear();
     }

     NotifyStatusChanged(this);
     return true;
 }

 bool CCryptoKeyStore::Unlock(const CKeyingMaterial& vMasterKeyIn)
 {
     {
         LOCK(cs_KeyStore);
         if (!SetCrypted())
             return false;

         bool keyPass = false;
         bool keyFail = false;
         CryptedKeyMap::const_iterator mi = mapCryptedKeys.begin();
         for (; mi != mapCryptedKeys.end(); ++mi)
         {
             const CPubKey &vchPubKey = (*mi).second.first;
             const std::vector<unsigned char> &vchCryptedSecret = (*mi).second.second;
             CKey key;
             if (!DecryptKey(vMasterKeyIn, vchCryptedSecret, vchPubKey, key))
             {
                 keyFail = true;
                 break;
             }
             keyPass = true;
             if (fDecryptionThoroughlyChecked)
                 break;
         }
         if (keyPass && keyFail)
         {
             LogPrintf("The wallet is probably corrupted: Some keys decrypt but not all.\n");
             assert(false);
         }
         if (keyFail || !keyPass)
             return false;
         vMasterKey = vMasterKeyIn;
         fDecryptionThoroughlyChecked = true;
     }
     NotifyStatusChanged(this);
     return true;
 }

 bool CCryptoKeyStore::AddKeyPubKey(const CKey& key, const CPubKey &pubkey)
 {
     {
         LOCK(cs_KeyStore);
         if (!IsCrypted())
             return CBasicKeyStore::AddKeyPubKey(key, pubkey);

         if (IsLocked())
             return false;

         std::vector<unsigned char> vchCryptedSecret;
         CKeyingMaterial vchSecret(key.begin(), key.end());
         if (!EncryptSecret(vMasterKey, vchSecret, pubkey.GetHash(), vchCryptedSecret))
             return false;

         if (!AddCryptedKey(pubkey, vchCryptedSecret))
             return false;
     }
     return true;
 }


 bool CCryptoKeyStore::AddCryptedKey(const CPubKey &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret)
 {
     {
         LOCK(cs_KeyStore);
         if (!SetCrypted())
             return false;

         mapCryptedKeys[vchPubKey.GetID()] = make_pair(vchPubKey, vchCryptedSecret);
     }
     return true;
 }

 bool CCryptoKeyStore::GetKey(const CKeyID &address, CKey& keyOut) const
 {
     {
         LOCK(cs_KeyStore);
         if (!IsCrypted())
             return CBasicKeyStore::GetKey(address, keyOut);

         CryptedKeyMap::const_iterator mi = mapCryptedKeys.find(address);
         if (mi != mapCryptedKeys.end())
         {
             const CPubKey &vchPubKey = (*mi).second.first;
             const std::vector<unsigned char> &vchCryptedSecret = (*mi).second.second;
             return DecryptKey(vMasterKey, vchCryptedSecret, vchPubKey, keyOut);
         }
     }
     return false;
 }

 bool CCryptoKeyStore::GetPubKey(const CKeyID &address, CPubKey& vchPubKeyOut) const
 {
     {
         LOCK(cs_KeyStore);
         if (!IsCrypted())
             return CBasicKeyStore::GetPubKey(address, vchPubKeyOut);

         CryptedKeyMap::const_iterator mi = mapCryptedKeys.find(address);
         if (mi != mapCryptedKeys.end())
         {
             vchPubKeyOut = (*mi).second.first;
             return true;
         }
         // Check for watch-only pubkeys
         return CBasicKeyStore::GetPubKey(address, vchPubKeyOut);
     }
 }

 bool CCryptoKeyStore::EncryptKeys(CKeyingMaterial& vMasterKeyIn)
 {
     {
         LOCK(cs_KeyStore);
         if (!mapCryptedKeys.empty() || IsCrypted())
             return false;

         fUseCrypto = true;
         for (KeyMap::value_type& mKey : mapKeys)
         {
             const CKey &key = mKey.second;
             CPubKey vchPubKey = key.GetPubKey();
             CKeyingMaterial vchSecret(key.begin(), key.end());
             std::vector<unsigned char> vchCryptedSecret;
             if (!EncryptSecret(vMasterKeyIn, vchSecret, vchPubKey.GetHash(), vchCryptedSecret))
                 return false;
             if (!AddCryptedKey(vchPubKey, vchCryptedSecret))
                 return false;
         }
         mapKeys.clear();
     }
     return true;
 }
CCrypter::SetKeyFromPassphrase
bool SetKeyFromPassphrase(const SecureString &strKeyData, const std::vector< unsigned char > &chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod)
Definition: crypter.cpp:43

CKey::begin
const unsigned char * begin() const
Definition: key.h:88

WALLET_CRYPTO_KEY_SIZE
const unsigned int WALLET_CRYPTO_KEY_SIZE
Definition: crypter.h:12

CKey::VerifyPubKey
bool VerifyPubKey(const CPubKey &vchPubKey) const
Verify thoroughly whether a private key and a public key match.
Definition: key.cpp:175

CCrypter::SetKey
bool SetKey(const CKeyingMaterial &chNewKey, const std::vector< unsigned char > &chNewIV)
Definition: crypter.cpp:63

CCrypter
Encryption/decryption context with key information.
Definition: crypter.h:74

CCryptoKeyStore::Lock
bool Lock()
Definition: crypter.cpp:156

AES256CBCEncrypt::Encrypt
int Encrypt(const unsigned char *data, int size, unsigned char *out) const
Definition: aes.cpp:159

CBasicKeyStore::GetPubKey
bool GetPubKey(const CKeyID &address, CPubKey &vchPubKeyOut) const override
Definition: keystore.cpp:16

CKey::end
const unsigned char * end() const
Definition: key.h:89

count
size_t count
Definition: ExecStats.cpp:37

CCryptoKeyStore::SetCrypted
bool SetCrypted()
Definition: crypter.cpp:145

SecureString
std::basic_string< char, std::char_traits< char >, secure_allocator< char > > SecureString
Definition: secure.h:56

CCrypter::Decrypt
bool Decrypt(const std::vector< unsigned char > &vchCiphertext, CKeyingMaterial &vchPlaintext) const
Definition: crypter.cpp:93

CKeyingMaterial
std::vector< unsigned char, secure_allocator< unsigned char > > CKeyingMaterial
Definition: keystore.h:110

CCryptoKeyStore::EncryptKeys
bool EncryptKeys(CKeyingMaterial &vMasterKeyIn)
will encrypt previously unencrypted keys
Definition: crypter.cpp:278

assert
assert(len-trim+(2 *lenIndices)<=WIDTH)

WALLET_CRYPTO_IV_SIZE
const unsigned int WALLET_CRYPTO_IV_SIZE
Definition: crypter.h:14

CCryptoKeyStore::AddCryptedKey
virtual bool AddCryptedKey(const CPubKey &vchPubKey, const std::vector< unsigned char > &vchCryptedSecret)
Definition: crypter.cpp:230

script.h

CCryptoKeyStore::GetPubKey
bool GetPubKey(const CKeyID &address, CPubKey &vchPubKeyOut) const override
Definition: crypter.cpp:260

CSHA512::Finalize
void Finalize(unsigned char hash[OUTPUT_SIZE])
Definition: sha512.cpp:185

CCryptoKeyStore::AddKeyPubKey
bool AddKeyPubKey(const CKey &key, const CPubKey &pubkey) override
Add a key to the store.
Definition: crypter.cpp:208

memory_cleanse
void memory_cleanse(void *ptr, size_t len)
Definition: cleanse.cpp:10

CSHA512::OUTPUT_SIZE
static const size_t OUTPUT_SIZE
Definition: sha512.h:20

LogPrintf
#define LogPrintf(...)
Definition: util.h:153

CCrypter::vchKey
std::vector< unsigned char, secure_allocator< unsigned char > > vchKey
Definition: crypter.h:78

CCrypter::vchIV
std::vector< unsigned char, secure_allocator< unsigned char > > vchIV
Definition: crypter.h:79

CKey::GetPubKey
CPubKey GetPubKey() const
Compute the public key from a private key.
Definition: key.cpp:147

LOCK
#define LOCK(cs)
Definition: sync.h:175

CCrypter::fKeySet
bool fKeySet
Definition: crypter.h:80

CSHA512::Reset
CSHA512 & Reset()
Definition: sha512.cpp:202

CPubKey
An encapsulated public key.
Definition: pubkey.h:39

CCryptoKeyStore::Unlock
bool Unlock(const CKeyingMaterial &vMasterKeyIn)
Definition: crypter.cpp:170

aes.h

AES256CBCDecrypt::Decrypt
int Decrypt(const unsigned char *data, int size, unsigned char *out) const
Definition: aes.cpp:176

CBasicKeyStore::AddKeyPubKey
bool AddKeyPubKey(const CKey &key, const CPubKey &pubkey) override
Add a key to the store.
Definition: keystore.cpp:32

CPubKey::GetHash
uint256 GetHash() const
Get the 256-bit hash of this public key.
Definition: pubkey.h:152

CCryptoKeyStore::GetKey
bool GetKey(const CKeyID &address, CKey &keyOut) const override
Definition: crypter.cpp:242

CBasicKeyStore::GetKey
bool GetKey(const CKeyID &address, CKey &keyOut) const override
Definition: keystore.h:87

CKey::Set
void Set(const T pbegin, const T pend, bool fCompressedIn)
Initialize using begin and end iterators to byte data.
Definition: key.h:73

CCrypter::BytesToKeySHA512AES
int BytesToKeySHA512AES(const std::vector< unsigned char > &chSalt, const SecureString &strKeyData, int count, unsigned char *key, unsigned char *iv) const
Definition: crypter.cpp:16

AES256CBCEncrypt
Definition: aes.h:66

CPubKey::IsCompressed
bool IsCompressed() const
Check whether this is a compressed public key.
Definition: pubkey.h:171

uint256
256-bit opaque blob.
Definition: uint256.h:132

WALLET_CRYPTO_SALT_SIZE
const unsigned int WALLET_CRYPTO_SALT_SIZE
Definition: crypter.h:13

crypter.h

CCrypter::Encrypt
bool Encrypt(const CKeyingMaterial &vchPlaintext, std::vector< unsigned char > &vchCiphertext) const
Definition: crypter.cpp:75

memcpy
void * memcpy(void *a, const void *b, size_t c)
Definition: glibc_compat.cpp:17

CSHA512::Write
CSHA512 & Write(const unsigned char *data, size_t len)
Definition: sha512.cpp:159

CKeyID
A reference to a CKey: the Hash160 of its serialized public key.
Definition: pubkey.h:29

AES256CBCDecrypt
Definition: aes.h:79

sha512.h

address
struct evm_uint160be address(struct evm_env *env)
Definition: capi.c:13

CKey
An encapsulated private key.
Definition: key.h:35

CSHA512
A hasher class for SHA-512.
Definition: sha512.h:12

CPubKey::GetID
CKeyID GetID() const
Get the KeyID of this public key (hash of its serialization)
Definition: pubkey.h:146

standard.h