Bitcoin Core 29.99.0
P2P Digital Currency
crypter.h
Go to the documentation of this file.
1// Copyright (c) 2009-2021 The Bitcoin Core developers
2// Distributed under the MIT software license, see the accompanying
3// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5#ifndef BITCOIN_WALLET_CRYPTER_H
6#define BITCOIN_WALLET_CRYPTER_H
7
8#include <serialize.h>
11
12
13namespace wallet {
14const unsigned int WALLET_CRYPTO_KEY_SIZE = 32;
15const unsigned int WALLET_CRYPTO_SALT_SIZE = 8;
16const unsigned int WALLET_CRYPTO_IV_SIZE = 16;
17
35{
36public:
37 std::vector<unsigned char> vchCryptedKey;
38 std::vector<unsigned char> vchSalt;
40 unsigned int nDerivationMethod;
41 unsigned int nDeriveIterations;
43 std::vector<unsigned char> vchOtherDerivationParameters;
44
46 // 25000 rounds is just under 0.1 seconds on a 1.86 GHz Pentium M
47 // ie slightly lower than the lowest hardware we need bother supporting
48 static constexpr unsigned int DEFAULT_DERIVE_ITERATIONS = 25000;
49
51 {
52 READWRITE(obj.vchCryptedKey, obj.vchSalt, obj.nDerivationMethod, obj.nDeriveIterations, obj.vchOtherDerivationParameters);
53 }
54
56 {
59 vchOtherDerivationParameters = std::vector<unsigned char>(0);
60 }
61};
62
63typedef std::vector<unsigned char, secure_allocator<unsigned char> > CKeyingMaterial;
64
65namespace wallet_crypto_tests
66{
67 class TestCrypter;
68}
69
72{
73friend class wallet_crypto_tests::TestCrypter; // for test access to chKey/chIV
74private:
75 std::vector<unsigned char, secure_allocator<unsigned char>> vchKey;
76 std::vector<unsigned char, secure_allocator<unsigned char>> vchIV;
77 bool fKeySet;
78
79 int BytesToKeySHA512AES(std::span<const unsigned char> salt, const SecureString& key_data, int count, unsigned char* key, unsigned char* iv) const;
80
81public:
82 bool SetKeyFromPassphrase(const SecureString& key_data, std::span<const unsigned char> salt, const unsigned int rounds, const unsigned int derivation_method);
83 bool Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned char> &vchCiphertext) const;
84 bool Decrypt(std::span<const unsigned char> ciphertext, CKeyingMaterial& plaintext) const;
85 bool SetKey(const CKeyingMaterial& new_key, std::span<const unsigned char> new_iv);
86
87 void CleanKey()
88 {
89 memory_cleanse(vchKey.data(), vchKey.size());
90 memory_cleanse(vchIV.data(), vchIV.size());
91 fKeySet = false;
92 }
93
95 {
96 fKeySet = false;
99 }
100
102 {
103 CleanKey();
104 }
105};
106
107bool EncryptSecret(const CKeyingMaterial& vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256& nIV, std::vector<unsigned char> &vchCiphertext);
108bool DecryptSecret(const CKeyingMaterial& master_key, std::span<const unsigned char> ciphertext, const uint256& iv, CKeyingMaterial& plaintext);
109bool DecryptKey(const CKeyingMaterial& master_key, std::span<const unsigned char> crypted_secret, const CPubKey& pub_key, CKey& key);
110} // namespace wallet
111
112#endif // BITCOIN_WALLET_CRYPTER_H
An encapsulated private key.
Definition: key.h:35
An encapsulated public key.
Definition: pubkey.h:34
256-bit opaque blob.
Definition: uint256.h:196
Encryption/decryption context with key information.
Definition: crypter.h:72
friend class wallet_crypto_tests::TestCrypter
Definition: crypter.h:73
bool Decrypt(std::span< const unsigned char > ciphertext, CKeyingMaterial &plaintext) const
Definition: crypter.cpp:94
int BytesToKeySHA512AES(std::span< const unsigned char > salt, const SecureString &key_data, int count, unsigned char *key, unsigned char *iv) const
Definition: crypter.cpp:15
std::vector< unsigned char, secure_allocator< unsigned char > > vchKey
Definition: crypter.h:75
bool SetKeyFromPassphrase(const SecureString &key_data, std::span< const unsigned char > salt, const unsigned int rounds, const unsigned int derivation_method)
Definition: crypter.cpp:41
bool SetKey(const CKeyingMaterial &new_key, std::span< const unsigned char > new_iv)
Definition: crypter.cpp:63
bool Encrypt(const CKeyingMaterial &vchPlaintext, std::vector< unsigned char > &vchCiphertext) const
Definition: crypter.cpp:76
std::vector< unsigned char, secure_allocator< unsigned char > > vchIV
Definition: crypter.h:76
void CleanKey()
Definition: crypter.h:87
Private key encryption is done based on a CMasterKey, which holds a salt and random encryption key.
Definition: crypter.h:35
std::vector< unsigned char > vchSalt
Definition: crypter.h:38
unsigned int nDerivationMethod
0 = EVP_sha512()
Definition: crypter.h:40
std::vector< unsigned char > vchCryptedKey
Definition: crypter.h:37
unsigned int nDeriveIterations
Definition: crypter.h:41
static constexpr unsigned int DEFAULT_DERIVE_ITERATIONS
Default/minimum number of key derivation rounds.
Definition: crypter.h:48
std::vector< unsigned char > vchOtherDerivationParameters
Use this for more parameters to key derivation (currently unused)
Definition: crypter.h:43
SERIALIZE_METHODS(CMasterKey, obj)
Definition: crypter.h:50
void memory_cleanse(void *ptr, size_t len)
Secure overwrite a buffer (possibly containing secret data) with zero-bytes.
Definition: cleanse.cpp:14
std::vector< unsigned char, secure_allocator< unsigned char > > CKeyingMaterial
Definition: crypter.h:63
const unsigned int WALLET_CRYPTO_KEY_SIZE
Definition: crypter.h:14
bool DecryptSecret(const CKeyingMaterial &master_key, const std::span< const unsigned char > ciphertext, const uint256 &iv, CKeyingMaterial &plaintext)
Definition: crypter.cpp:121
const unsigned int WALLET_CRYPTO_IV_SIZE
Definition: crypter.h:16
bool DecryptKey(const CKeyingMaterial &master_key, const std::span< const unsigned char > crypted_secret, const CPubKey &pub_key, CKey &key)
Definition: crypter.cpp:132
const unsigned int WALLET_CRYPTO_SALT_SIZE
Definition: crypter.h:15
bool EncryptSecret(const CKeyingMaterial &vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256 &nIV, std::vector< unsigned char > &vchCiphertext)
Definition: crypter.cpp:111
std::basic_string< char, std::char_traits< char >, secure_allocator< char > > SecureString
Definition: secure.h:58
#define READWRITE(...)
Definition: serialize.h:156
static int count