search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Dont run full check every time we decrypt wallet.
[bitcoinplatinum.git] / src / crypter.cpp
blob122e06d97ef7c786acd7901bbaf3f3f811c19c53
1 // Copyright (c) 2009-2013 The Bitcoin developers
2 // Distributed under the MIT/X11 software license, see the accompanying
3 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5 #include "crypter.h"
6
7 #include "script.h"
8
9 #include <string>
10 #include <vector>
11 #include <boost/foreach.hpp>
12 #include <openssl/aes.h>
13 #include <openssl/evp.h>
14
15 bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod)
16 {
17 if (nRounds < 1 || chSalt.size() != WALLET_CRYPTO_SALT_SIZE)
18 return false;
19
20 int i = 0;
21 if (nDerivationMethod == 0)
22 i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha512(), &chSalt[0],
23 (unsigned char *)&strKeyData[0], strKeyData.size(), nRounds, chKey, chIV);
24
25 if (i != (int)WALLET_CRYPTO_KEY_SIZE)
26 {
27 OPENSSL_cleanse(chKey, sizeof(chKey));
28 OPENSSL_cleanse(chIV, sizeof(chIV));
29 return false;
30 }
31
32 fKeySet = true;
33 return true;
34 }
35
36 bool CCrypter::SetKey(const CKeyingMaterial& chNewKey, const std::vector<unsigned char>& chNewIV)
37 {
38 if (chNewKey.size() != WALLET_CRYPTO_KEY_SIZE || chNewIV.size() != WALLET_CRYPTO_KEY_SIZE)
39 return false;
40
41 memcpy(&chKey[0], &chNewKey[0], sizeof chKey);
42 memcpy(&chIV[0], &chNewIV[0], sizeof chIV);
43
44 fKeySet = true;
45 return true;
46 }
47
48 bool CCrypter::Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned char> &vchCiphertext)
49 {
50 if (!fKeySet)
51 return false;
52
53 // max ciphertext len for a n bytes of plaintext is
54 // n + AES_BLOCK_SIZE - 1 bytes
55 int nLen = vchPlaintext.size();
56 int nCLen = nLen + AES_BLOCK_SIZE, nFLen = 0;
57 vchCiphertext = std::vector<unsigned char> (nCLen);
58
59 EVP_CIPHER_CTX ctx;
60
61 bool fOk = true;
62
63 EVP_CIPHER_CTX_init(&ctx);
64 if (fOk) fOk = EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV);
65 if (fOk) fOk = EVP_EncryptUpdate(&ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen);
66 if (fOk) fOk = EVP_EncryptFinal_ex(&ctx, (&vchCiphertext[0])+nCLen, &nFLen);
67 EVP_CIPHER_CTX_cleanup(&ctx);
68
69 if (!fOk) return false;
70
71 vchCiphertext.resize(nCLen + nFLen);
72 return true;
73 }
74
75 bool CCrypter::Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext)
76 {
77 if (!fKeySet)
78 return false;
79
80 // plaintext will always be equal to or lesser than length of ciphertext
81 int nLen = vchCiphertext.size();
82 int nPLen = nLen, nFLen = 0;
83
84 vchPlaintext = CKeyingMaterial(nPLen);
85
86 EVP_CIPHER_CTX ctx;
87
88 bool fOk = true;
89
90 EVP_CIPHER_CTX_init(&ctx);
91 if (fOk) fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV);
92 if (fOk) fOk = EVP_DecryptUpdate(&ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen);
93 if (fOk) fOk = EVP_DecryptFinal_ex(&ctx, (&vchPlaintext[0])+nPLen, &nFLen);
94 EVP_CIPHER_CTX_cleanup(&ctx);
95
96 if (!fOk) return false;
97
98 vchPlaintext.resize(nPLen + nFLen);
99 return true;
100 }
101
102
103 bool EncryptSecret(const CKeyingMaterial& vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256& nIV, std::vector<unsigned char> &vchCiphertext)
104 {
105 CCrypter cKeyCrypter;
106 std::vector<unsigned char> chIV(WALLET_CRYPTO_KEY_SIZE);
107 memcpy(&chIV[0], &nIV, WALLET_CRYPTO_KEY_SIZE);
108 if(!cKeyCrypter.SetKey(vMasterKey, chIV))
109 return false;
110 return cKeyCrypter.Encrypt(*((const CKeyingMaterial*)&vchPlaintext), vchCiphertext);
111 }
112
113 bool DecryptSecret(const CKeyingMaterial& vMasterKey, const std::vector<unsigned char>& vchCiphertext, const uint256& nIV, CKeyingMaterial& vchPlaintext)
114 {
115 CCrypter cKeyCrypter;
116 std::vector<unsigned char> chIV(WALLET_CRYPTO_KEY_SIZE);
117 memcpy(&chIV[0], &nIV, WALLET_CRYPTO_KEY_SIZE);
118 if(!cKeyCrypter.SetKey(vMasterKey, chIV))
119 return false;
120 return cKeyCrypter.Decrypt(vchCiphertext, *((CKeyingMaterial*)&vchPlaintext));
121 }
122
123 bool CCryptoKeyStore::SetCrypted()
124 {
125 LOCK(cs_KeyStore);
126 if (fUseCrypto)
127 return true;
128 if (!mapKeys.empty())
129 return false;
130 fUseCrypto = true;
131 return true;
132 }
133
134 bool CCryptoKeyStore::Lock()
135 {
136 if (!SetCrypted())
137 return false;
138
139 {
140 LOCK(cs_KeyStore);
141 vMasterKey.clear();
142 }
143
144 NotifyStatusChanged(this);
145 return true;
146 }
147
148 bool CCryptoKeyStore::Unlock(const CKeyingMaterial& vMasterKeyIn)
149 {
150 {
151 LOCK(cs_KeyStore);
152 if (!SetCrypted())
153 return false;
154
155 bool keyPass = false;
156 bool keyFail = false;
157 CryptedKeyMap::const_iterator mi = mapCryptedKeys.begin();
158 for (; mi != mapCryptedKeys.end(); ++mi)
159 {
160 const CPubKey &vchPubKey = (*mi).second.first;
161 const std::vector<unsigned char> &vchCryptedSecret = (*mi).second.second;
162 CKeyingMaterial vchSecret;
163 if(!DecryptSecret(vMasterKeyIn, vchCryptedSecret, vchPubKey.GetHash(), vchSecret))
164 {
165 keyFail = true;
166 break;
167 }
168 if (vchSecret.size() != 32)
169 {
170 keyFail = true;
171 break;
172 }
173 CKey key;
174 key.Set(vchSecret.begin(), vchSecret.end(), vchPubKey.IsCompressed());
175 if (key.GetPubKey() != vchPubKey)
176 {
177 keyFail = true;
178 break;
179 }
180 keyPass = true;
181 if (fDecryptionThoroughlyChecked)
182 break;
183 }
184 if (keyPass && keyFail)
185 {
186 LogPrintf("The wallet is probably corrupted: Some keys decrypt but not all.");
187 assert(false);
188 }
189 if (keyFail || !keyPass)
190 return false;
191 vMasterKey = vMasterKeyIn;
192 fDecryptionThoroughlyChecked = true;
193 }
194 NotifyStatusChanged(this);
195 return true;
196 }
197
198 bool CCryptoKeyStore::AddKeyPubKey(const CKey& key, const CPubKey &pubkey)
199 {
200 {
201 LOCK(cs_KeyStore);
202 if (!IsCrypted())
203 return CBasicKeyStore::AddKeyPubKey(key, pubkey);
204
205 if (IsLocked())
206 return false;
207
208 std::vector<unsigned char> vchCryptedSecret;
209 CKeyingMaterial vchSecret(key.begin(), key.end());
210 if (!EncryptSecret(vMasterKey, vchSecret, pubkey.GetHash(), vchCryptedSecret))
211 return false;
212
213 if (!AddCryptedKey(pubkey, vchCryptedSecret))
214 return false;
215 }
216 return true;
217 }
218
219
220 bool CCryptoKeyStore::AddCryptedKey(const CPubKey &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret)
221 {
222 {
223 LOCK(cs_KeyStore);
224 if (!SetCrypted())
225 return false;
226
227 mapCryptedKeys[vchPubKey.GetID()] = make_pair(vchPubKey, vchCryptedSecret);
228 }
229 return true;
230 }
231
232 bool CCryptoKeyStore::GetKey(const CKeyID &address, CKey& keyOut) const
233 {
234 {
235 LOCK(cs_KeyStore);
236 if (!IsCrypted())
237 return CBasicKeyStore::GetKey(address, keyOut);
238
239 CryptedKeyMap::const_iterator mi = mapCryptedKeys.find(address);
240 if (mi != mapCryptedKeys.end())
241 {
242 const CPubKey &vchPubKey = (*mi).second.first;
243 const std::vector<unsigned char> &vchCryptedSecret = (*mi).second.second;
244 CKeyingMaterial vchSecret;
245 if (!DecryptSecret(vMasterKey, vchCryptedSecret, vchPubKey.GetHash(), vchSecret))
246 return false;
247 if (vchSecret.size() != 32)
248 return false;
249 keyOut.Set(vchSecret.begin(), vchSecret.end(), vchPubKey.IsCompressed());
250 return true;
251 }
252 }
253 return false;
254 }
255
256 bool CCryptoKeyStore::GetPubKey(const CKeyID &address, CPubKey& vchPubKeyOut) const
257 {
258 {
259 LOCK(cs_KeyStore);
260 if (!IsCrypted())
261 return CKeyStore::GetPubKey(address, vchPubKeyOut);
262
263 CryptedKeyMap::const_iterator mi = mapCryptedKeys.find(address);
264 if (mi != mapCryptedKeys.end())
265 {
266 vchPubKeyOut = (*mi).second.first;
267 return true;
268 }
269 }
270 return false;
271 }
272
273 bool CCryptoKeyStore::EncryptKeys(CKeyingMaterial& vMasterKeyIn)
274 {
275 {
276 LOCK(cs_KeyStore);
277 if (!mapCryptedKeys.empty() || IsCrypted())
278 return false;
279
280 fUseCrypto = true;
281 BOOST_FOREACH(KeyMap::value_type& mKey, mapKeys)
282 {
283 const CKey &key = mKey.second;
284 CPubKey vchPubKey = key.GetPubKey();
285 CKeyingMaterial vchSecret(key.begin(), key.end());
286 std::vector<unsigned char> vchCryptedSecret;
287 if (!EncryptSecret(vMasterKeyIn, vchSecret, vchPubKey.GetHash(), vchCryptedSecret))
288 return false;
289 if (!AddCryptedKey(vchPubKey, vchCryptedSecret))
290 return false;
291 }
292 mapKeys.clear();
293 }
294 return true;
295 }