PageRenderTime 40ms CodeModel.GetById 10ms RepoModel.GetById 1ms app.codeStats 0ms

/src/crypter.h

https://gitlab.com/ppanula/nevacoin
C Header | 210 lines | 143 code | 30 blank | 37 comment | 6 complexity | 6888e432cbeab9ea3f048091588e9fa3 MD5 | raw file
    

  1. // Copyright (c) 2009-2012 The Bitcoin Developers
    2. 

  2. // Distributed under the MIT/X11 software license, see the accompanying
    3. 

  3. // file COPYING or http://www.opensource.org/licenses/mit-license.php.
    4. 

  4. #ifndef __CRYPTER_H__
    5. 

  5. #define __CRYPTER_H__
    6. 

  6. 

  7. #include "allocators.h" /* for SecureString */
    8. 

  8. #include "key.h"
    9. 

  9. #include "serialize.h"
    10. 

  10. #include "keystore.h"
    11. 

  11. 

  12. const unsigned int WALLET_CRYPTO_KEY_SIZE = 32;
    13. 

  13. const unsigned int WALLET_CRYPTO_SALT_SIZE = 8;
    14. 

  14. 

  15. /*
    16. 

  16. Private key encryption is done based on a CMasterKey,
    17. 

  17. which holds a salt and random encryption key.
    18. 

    19. 

  19. CMasterKeys are encrypted using AES-256-CBC using a key
    20. 

  20. derived using derivation method nDerivationMethod
    21. 

  21. (0 == EVP_sha512()) and derivation iterations nDeriveIterations.
    22. 

  22. vchOtherDerivationParameters is provided for alternative algorithms
    23. 

  23. which may require more parameters (such as scrypt).
    24. 

    25. 

  25. Wallet Private Keys are then encrypted using AES-256-CBC
    26. 

  26. with the double-sha256 of the public key as the IV, and the
    27. 

  27. master key's key as the encryption key (see keystore.[ch]).
    28. 

  28. */
    29. 

  29. 

  30. /** Master key for wallet encryption */
    31. 

  31. class CMasterKey
    32. 

  32. {
    33. 

  33. public:
    34. 

  34.     std::vector<unsigned char> vchCryptedKey;
    35. 

  35.     std::vector<unsigned char> vchSalt;
    36. 

  36.     // 0 = EVP_sha512()
    37. 

  37.     // 1 = scrypt()
    38. 

  38.     unsigned int nDerivationMethod;
    39. 

  39.     unsigned int nDeriveIterations;
    40. 

  40.     // Use this for more parameters to key derivation,
    41. 

  41.     // such as the various parameters to scrypt
    42. 

  42.     std::vector<unsigned char> vchOtherDerivationParameters;
    43. 

  43. 

  44.     IMPLEMENT_SERIALIZE
    45. 

  45.     (
    46. 

  46.         READWRITE(vchCryptedKey);
    47. 

  47.         READWRITE(vchSalt);
    48. 

  48.         READWRITE(nDerivationMethod);
    49. 

  49.         READWRITE(nDeriveIterations);
    50. 

  50.         READWRITE(vchOtherDerivationParameters);
    51. 

  51.     )
    52. 

  52.     CMasterKey()
    53. 

  53.     {
    54. 

  54.         // 25000 rounds is just under 0.1 seconds on a 1.86 GHz Pentium M
    55. 

  55.         // ie slightly lower than the lowest hardware we need bother supporting
    56. 

  56.         nDeriveIterations = 25000;
    57. 

  57.         nDerivationMethod = 1;
    58. 

  58.         vchOtherDerivationParameters = std::vector<unsigned char>(0);
    59. 

  59.     }
    60. 

  60. 

  61.     CMasterKey(unsigned int nDerivationMethodIndex)
    62. 

  62.     {
    63. 

  63.         switch (nDerivationMethodIndex)
    64. 

  64.         {
    65. 

  65.             case 0: // sha512
    66. 

  66.             default:
    67. 

  67.                 nDeriveIterations = 25000;
    68. 

  68.                 nDerivationMethod = 0;
    69. 

  69.                 vchOtherDerivationParameters = std::vector<unsigned char>(0);
    70. 

  70.             break;
    71. 

  71. 

  72.             case 1: // scrypt+sha512
    73. 

  73.                 nDeriveIterations = 10000;
    74. 

  74.                 nDerivationMethod = 1;
    75. 

  75.                 vchOtherDerivationParameters = std::vector<unsigned char>(0);
    76. 

  76.             break;
    77. 

  77.         }
    78. 

  78.     }
    79. 

  79. 

  80. };
    81. 

  81. 

  82. typedef std::vector<unsigned char, secure_allocator<unsigned char> > CKeyingMaterial;
    83. 

  83. 

  84. /** Encryption/decryption context with key information */
    85. 

  85. class CCrypter
    86. 

  86. {
    87. 

  87. private:
    88. 

  88.     unsigned char chKey[WALLET_CRYPTO_KEY_SIZE];
    89. 

  89.     unsigned char chIV[WALLET_CRYPTO_KEY_SIZE];
    90. 

  90.     bool fKeySet;
    91. 

  91. 

  92. public:
    93. 

  93.     bool SetKeyFromPassphrase(const SecureString &strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod);
    94. 

  94.     bool Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned char> &vchCiphertext);
    95. 

  95.     bool Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext);
    96. 

  96.     bool SetKey(const CKeyingMaterial& chNewKey, const std::vector<unsigned char>& chNewIV);
    97. 

  97. 

  98.     void CleanKey()
    99. 

  99.     {
    100. 

  100.         OPENSSL_cleanse(chKey, sizeof(chKey));
    101. 

  101.         OPENSSL_cleanse(chIV, sizeof(chIV));
    102. 

  102.         fKeySet = false;
    103. 

  103.     }
    104. 

  104. 

  105.     CCrypter()
    106. 

  106.     {
    107. 

  107.         fKeySet = false;
    108. 

  108. 

  109.         // Try to keep the key data out of swap (and be a bit over-careful to keep the IV that we don't even use out of swap)
    110. 

  110.         // Note that this does nothing about suspend-to-disk (which will put all our key data on disk)
    111. 

  111.         // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process.
    112. 

  112.         LockedPageManager::instance.LockRange(&chKey[0], sizeof chKey);
    113. 

  113.         LockedPageManager::instance.LockRange(&chIV[0], sizeof chIV);
    114. 

  114.     }
    115. 

  115. 

  116.     ~CCrypter()
    117. 

  117.     {
    118. 

  118.         CleanKey();
    119. 

  119. 

  120.         LockedPageManager::instance.UnlockRange(&chKey[0], sizeof chKey);
    121. 

  121.         LockedPageManager::instance.UnlockRange(&chIV[0], sizeof chIV);
    122. 

  122.     }
    123. 

  123. };
    124. 

  124. 

  125. bool EncryptSecret(const CKeyingMaterial& vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256& nIV, std::vector<unsigned char> &vchCiphertext);
    126. 

  126. bool DecryptSecret(const CKeyingMaterial& vMasterKey, const std::vector<unsigned char>& vchCiphertext, const uint256& nIV, CKeyingMaterial& vchPlaintext);
    127. 

  127. 

  128. /** Keystore which keeps the private keys encrypted.
    129. 

  129.  * It derives from the basic key store, which is used if no encryption is active.
    130. 

  130.  */
    131. 

  131. class CCryptoKeyStore : public CBasicKeyStore
    132. 

  132. {
    133. 

  133. private:
    134. 

  134.     CryptedKeyMap mapCryptedKeys;
    135. 

  135. 

  136.     CKeyingMaterial vMasterKey;
    137. 

  137. 

  138.     // if fUseCrypto is true, mapKeys must be empty
    139. 

  139.     // if fUseCrypto is false, vMasterKey must be empty
    140. 

  140.     bool fUseCrypto;
    141. 

  141. 

  142. protected:
    143. 

  143.     bool SetCrypted();
    144. 

  144. 

  145.     // will encrypt previously unencrypted keys
    146. 

  146.     bool EncryptKeys(CKeyingMaterial& vMasterKeyIn);
    147. 

  147. 

  148.     bool Unlock(const CKeyingMaterial& vMasterKeyIn);
    149. 

  149. 

  150. public:
    151. 

  151.     CCryptoKeyStore() : fUseCrypto(false)
    152. 

  152.     {
    153. 

  153.     }
    154. 

  154. 

  155.     bool IsCrypted() const
    156. 

  156.     {
    157. 

  157.         return fUseCrypto;
    158. 

  158.     }
    159. 

  159. 

  160.     bool IsLocked() const
    161. 

  161.     {
    162. 

  162.         if (!IsCrypted())
    163. 

  163.             return false;
    164. 

  164.         bool result;
    165. 

  165.         {
    166. 

  166.             LOCK(cs_KeyStore);
    167. 

  167.             result = vMasterKey.empty();
    168. 

  168.         }
    169. 

  169.         return result;
    170. 

  170.     }
    171. 

  171. 

  172.     bool Lock();
    173. 

  173. 

  174.     virtual bool AddCryptedKey(const CPubKey &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret);
    175. 

  175.     bool AddKeyPubKey(const CKey& key, const CPubKey &pubkey);
    176. 

  176.     bool HaveKey(const CKeyID &address) const
    177. 

  177.     {
    178. 

  178.         {
    179. 

  179.             LOCK(cs_KeyStore);
    180. 

  180.             if (!IsCrypted())
    181. 

  181.                 return CBasicKeyStore::HaveKey(address);
    182. 

  182.             return mapCryptedKeys.count(address) > 0;
    183. 

  183.         }
    184. 

  184.         return false;
    185. 

  185.     }
    186. 

  186.     bool GetKey(const CKeyID &address, CKey& keyOut) const;
    187. 

  187.     bool GetPubKey(const CKeyID &address, CPubKey& vchPubKeyOut) const;
    188. 

  188.     void GetKeys(std::set<CKeyID> &setAddress) const
    189. 

  189.     {
    190. 

  190.         if (!IsCrypted())
    191. 

  191.         {
    192. 

  192.             CBasicKeyStore::GetKeys(setAddress);
    193. 

  193.             return;
    194. 

  194.         }
    195. 

  195.         setAddress.clear();
    196. 

  196.         CryptedKeyMap::const_iterator mi = mapCryptedKeys.begin();
    197. 

  197.         while (mi != mapCryptedKeys.end())
    198. 

  198.         {
    199. 

  199.             setAddress.insert((*mi).first);
    200. 

  200.             mi++;
    201. 

  201.         }
    202. 

  202.     }
    203. 

  203. 

  204.     /* Wallet status (encrypted, locked) changed.
    205. 

  205.      * Note: Called without locks held.
    206. 

  206.      */
    207. 

  207.     boost::signals2::signal<void (CCryptoKeyStore* wallet)> NotifyStatusChanged;
    208. 

  208. };
    209. 

  209. 

  210. #endif
    211. 

  211.