crypter_8h_source.html

// Copyright (c) 2009-2021 The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or http://www.opensource.org/licenses/mit-license.php.


#ifndef BITCOIN_WALLET_CRYPTER_H

#define BITCOIN_WALLET_CRYPTER_H


#include <serialize.h>

#include <support/allocators/secure.h>

#include <script/signingprovider.h>


namespace wallet {

const unsigned int WALLET_CRYPTO_KEY_SIZE = 32;

const unsigned int WALLET_CRYPTO_SALT_SIZE = 8;

const unsigned int WALLET_CRYPTO_IV_SIZE = 16;


class CMasterKey

{

public:

    std::vector<unsigned char> vchCryptedKey;

    std::vector<unsigned char> vchSalt;

    unsigned int nDerivationMethod;

    unsigned int nDeriveIterations;

    std::vector<unsigned char> vchOtherDerivationParameters;


    // 25000 rounds is just under 0.1 seconds on a 1.86 GHz Pentium M

    // ie slightly lower than the lowest hardware we need bother supporting

    static constexpr unsigned int DEFAULT_DERIVE_ITERATIONS = 25000;


    SERIALIZE_METHODS(CMasterKey, obj)

    {

        READWRITE(obj.vchCryptedKey, obj.vchSalt, obj.nDerivationMethod, obj.nDeriveIterations, obj.vchOtherDerivationParameters);

    }


    CMasterKey()

    {

        nDeriveIterations = DEFAULT_DERIVE_ITERATIONS;

        nDerivationMethod = 0;

        vchOtherDerivationParameters = std::vector<unsigned char>(0);

    }

};


typedef std::vector<unsigned char, secure_allocator<unsigned char> > CKeyingMaterial;


namespace wallet_crypto_tests

{

    class TestCrypter;

}


class CCrypter

{

friend class wallet_crypto_tests::TestCrypter; // for test access to chKey/chIV

private:

    std::vector<unsigned char, secure_allocator<unsigned char>> vchKey;

    std::vector<unsigned char, secure_allocator<unsigned char>> vchIV;

    bool fKeySet;


    int BytesToKeySHA512AES(std::span<const unsigned char> salt, const SecureString& key_data, int count, unsigned char* key, unsigned char* iv) const;


public:

    bool SetKeyFromPassphrase(const SecureString& key_data, std::span<const unsigned char> salt, const unsigned int rounds, const unsigned int derivation_method);

    bool Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned char> &vchCiphertext) const;

    bool Decrypt(std::span<const unsigned char> ciphertext, CKeyingMaterial& plaintext) const;

    bool SetKey(const CKeyingMaterial& new_key, std::span<const unsigned char> new_iv);


    void CleanKey()

    {

        memory_cleanse(vchKey.data(), vchKey.size());

        memory_cleanse(vchIV.data(), vchIV.size());

        fKeySet = false;

    }


    CCrypter()

    {

        fKeySet = false;

        vchKey.resize(WALLET_CRYPTO_KEY_SIZE);

        vchIV.resize(WALLET_CRYPTO_IV_SIZE);

    }


    ~CCrypter()

    {

        CleanKey();

    }

};


bool EncryptSecret(const CKeyingMaterial& vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256& nIV, std::vector<unsigned char> &vchCiphertext);

bool DecryptSecret(const CKeyingMaterial& master_key, std::span<const unsigned char> ciphertext, const uint256& iv, CKeyingMaterial& plaintext);

bool DecryptKey(const CKeyingMaterial& master_key, std::span<const unsigned char> crypted_secret, const CPubKey& pub_key, CKey& key);

} // namespace wallet


#endif // BITCOIN_WALLET_CRYPTER_H

CKey
An encapsulated private key.
Definition: key.h:35

CPubKey
An encapsulated public key.
Definition: pubkey.h:34

uint256
256-bit opaque blob.
Definition: uint256.h:196

wallet::CCrypter
Encryption/decryption context with key information.
Definition: crypter.h:72

wallet::CCrypter::CCrypter
CCrypter()
Definition: crypter.h:94

wallet::CCrypter::TestCrypter
friend class wallet_crypto_tests::TestCrypter
Definition: crypter.h:73

wallet::CCrypter::fKeySet
bool fKeySet
Definition: crypter.h:77

wallet::CCrypter::Decrypt
bool Decrypt(std::span< const unsigned char > ciphertext, CKeyingMaterial &plaintext) const
Definition: crypter.cpp:94

wallet::CCrypter::BytesToKeySHA512AES
int BytesToKeySHA512AES(std::span< const unsigned char > salt, const SecureString &key_data, int count, unsigned char *key, unsigned char *iv) const
Definition: crypter.cpp:15

wallet::CCrypter::vchKey
std::vector< unsigned char, secure_allocator< unsigned char > > vchKey
Definition: crypter.h:75

wallet::CCrypter::SetKeyFromPassphrase
bool SetKeyFromPassphrase(const SecureString &key_data, std::span< const unsigned char > salt, const unsigned int rounds, const unsigned int derivation_method)
Definition: crypter.cpp:41

wallet::CCrypter::SetKey
bool SetKey(const CKeyingMaterial &new_key, std::span< const unsigned char > new_iv)
Definition: crypter.cpp:63

wallet::CCrypter::Encrypt
bool Encrypt(const CKeyingMaterial &vchPlaintext, std::vector< unsigned char > &vchCiphertext) const
Definition: crypter.cpp:76

wallet::CCrypter::~CCrypter
~CCrypter()
Definition: crypter.h:101

wallet::CCrypter::vchIV
std::vector< unsigned char, secure_allocator< unsigned char > > vchIV
Definition: crypter.h:76

wallet::CCrypter::CleanKey
void CleanKey()
Definition: crypter.h:87

wallet::CMasterKey
Private key encryption is done based on a CMasterKey, which holds a salt and random encryption key.
Definition: crypter.h:35

wallet::CMasterKey::CMasterKey
CMasterKey()
Definition: crypter.h:55

wallet::CMasterKey::vchSalt
std::vector< unsigned char > vchSalt
Definition: crypter.h:38

wallet::CMasterKey::nDerivationMethod
unsigned int nDerivationMethod
0 = EVP_sha512()
Definition: crypter.h:40

wallet::CMasterKey::vchCryptedKey
std::vector< unsigned char > vchCryptedKey
Definition: crypter.h:37

wallet::CMasterKey::nDeriveIterations
unsigned int nDeriveIterations
Definition: crypter.h:41

wallet::CMasterKey::DEFAULT_DERIVE_ITERATIONS
static constexpr unsigned int DEFAULT_DERIVE_ITERATIONS
Default/minimum number of key derivation rounds.
Definition: crypter.h:48

wallet::CMasterKey::vchOtherDerivationParameters
std::vector< unsigned char > vchOtherDerivationParameters
Use this for more parameters to key derivation (currently unused)
Definition: crypter.h:43

wallet::CMasterKey::SERIALIZE_METHODS
SERIALIZE_METHODS(CMasterKey, obj)
Definition: crypter.h:50

wallet::TestCrypter
Definition: wallet_crypto_tests.cpp:20

memory_cleanse
void memory_cleanse(void *ptr, size_t len)
Secure overwrite a buffer (possibly containing secret data) with zero-bytes.
Definition: cleanse.cpp:14

wallet
Definition: wallet_balance.cpp:26

wallet::CKeyingMaterial
std::vector< unsigned char, secure_allocator< unsigned char > > CKeyingMaterial
Definition: crypter.h:63

wallet::WALLET_CRYPTO_KEY_SIZE
const unsigned int WALLET_CRYPTO_KEY_SIZE
Definition: crypter.h:14

wallet::DecryptSecret
bool DecryptSecret(const CKeyingMaterial &master_key, const std::span< const unsigned char > ciphertext, const uint256 &iv, CKeyingMaterial &plaintext)
Definition: crypter.cpp:121

wallet::WALLET_CRYPTO_IV_SIZE
const unsigned int WALLET_CRYPTO_IV_SIZE
Definition: crypter.h:16

wallet::DecryptKey
bool DecryptKey(const CKeyingMaterial &master_key, const std::span< const unsigned char > crypted_secret, const CPubKey &pub_key, CKey &key)
Definition: crypter.cpp:132

wallet::WALLET_CRYPTO_SALT_SIZE
const unsigned int WALLET_CRYPTO_SALT_SIZE
Definition: crypter.h:15

wallet::EncryptSecret
bool EncryptSecret(const CKeyingMaterial &vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256 &nIV, std::vector< unsigned char > &vchCiphertext)
Definition: crypter.cpp:111

secure.h

SecureString
std::basic_string< char, std::char_traits< char >, secure_allocator< char > > SecureString
Definition: secure.h:58

serialize.h

READWRITE
#define READWRITE(...)
Definition: serialize.h:156

signingprovider.h

count
static int count
Definition: tests_exhaustive.c:34