projects / VerusCoin.git / blame
| Commit | Line | Data |
|---|---|---|
| 4e87d341 MC |
1 | // Copyright (c) 2011 The Bitcoin Developers |
| 2 | // Distributed under the MIT/X11 software license, see the accompanying | |
| 3 | // file COPYING or http://www.opensource.org/licenses/mit-license.php. | |
| 4 | ||
| 5 | #include <openssl/aes.h> | |
| 6 | #include <openssl/evp.h> | |
| 7 | #include <vector> | |
| 8 | #include <string> | |
| 9 | #include "headers.h" | |
| 10 | #ifdef __WXMSW__ | |
| 11 | #include <windows.h> | |
| 12 | #endif | |
| 13 | ||
| 14 | #include "crypter.h" | |
| 15 | #include "main.h" | |
| 16 | #include "util.h" | |
| 17 | ||
| 18 | bool CCrypter::SetKeyFromPassphrase(const std::string& strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod) | |
| 19 | { | |
| 20 | if (nRounds < 1 || chSalt.size() != WALLET_CRYPTO_SALT_SIZE) | |
| 21 | return false; | |
| 22 | ||
| 23 | // Try to keep the keydata out of swap (and be a bit over-careful to keep the IV that we don't even use out of swap) | |
| 24 | // Note that this does nothing about suspend-to-disk (which will put all our key data on disk) | |
| 25 | // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process. | |
| 26 | mlock(&chKey[0], sizeof chKey); | |
| 27 | mlock(&chIV[0], sizeof chIV); | |
| 28 | ||
| 29 | int i = 0; | |
| 30 | if (nDerivationMethod == 0) | |
| 31 | i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha512(), &chSalt[0], | |
| 32 | (unsigned char *)&strKeyData[0], strKeyData.size(), nRounds, chKey, chIV); | |
| 33 | ||
| 34 | if (i != WALLET_CRYPTO_KEY_SIZE) | |
| 35 | { | |
| 36 | memset(&chKey, 0, sizeof chKey); | |
| 37 | memset(&chIV, 0, sizeof chIV); | |
| 38 | return false; | |
| 39 | } | |
| 40 | ||
| 41 | fKeySet = true; | |
| 42 | return true; | |
| 43 | } | |
| 44 | ||
| 45 | bool CCrypter::SetKey(const CKeyingMaterial& chNewKey, const std::vector<unsigned char>& chNewIV) | |
| 46 | { | |
| 47 | if (chNewKey.size() != WALLET_CRYPTO_KEY_SIZE || chNewIV.size() != WALLET_CRYPTO_KEY_SIZE) | |
| 48 | return false; | |
| 49 | ||
| 50 | // Try to keep the keydata out of swap | |
| 51 | // Note that this does nothing about suspend-to-disk (which will put all our key data on disk) | |
| 52 | // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process. | |
| 53 | mlock(&chKey[0], sizeof chKey); | |
| 54 | mlock(&chIV[0], sizeof chIV); | |
| 55 | ||
| 56 | memcpy(&chKey[0], &chNewKey[0], sizeof chKey); | |
| 57 | memcpy(&chIV[0], &chNewIV[0], sizeof chIV); | |
| 58 | ||
| 59 | fKeySet = true; | |
| 60 | return true; | |
| 61 | } | |
| 62 | ||
| 63 | bool CCrypter::Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned char> &vchCiphertext) | |
| 64 | { | |
| 65 | if (!fKeySet) | |
| 66 | return false; | |
| 67 | ||
| 68 | // max ciphertext len for a n bytes of plaintext is | |
| 69 | // n + AES_BLOCK_SIZE - 1 bytes | |
| 70 | int nLen = vchPlaintext.size(); | |
| 71 | int nCLen = nLen + AES_BLOCK_SIZE, nFLen = 0; | |
| 72 | vchCiphertext = std::vector<unsigned char> (nCLen); | |
| 73 | ||
| 74 | EVP_CIPHER_CTX ctx; | |
| 75 | ||
| 76 | EVP_CIPHER_CTX_init(&ctx); | |
| 77 | EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV); | |
| 78 | ||
| 79 | EVP_EncryptUpdate(&ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen); | |
| 80 | EVP_EncryptFinal_ex(&ctx, (&vchCiphertext[0])+nCLen, &nFLen); | |
| 81 | ||
| 82 | EVP_CIPHER_CTX_cleanup(&ctx); | |
| 83 | ||
| 84 | vchCiphertext.resize(nCLen + nFLen); | |
| 85 | return true; | |
| 86 | } | |
| 87 | ||
| 88 | bool CCrypter::Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext) | |
| 89 | { | |
| 90 | if (!fKeySet) | |
| 91 | return false; | |
| 92 | ||
| 93 | // plaintext will always be equal to or lesser than length of ciphertext | |
| 94 | int nLen = vchCiphertext.size(); | |
| 95 | int nPLen = nLen, nFLen = 0; | |
| 96 | ||
| 97 | vchPlaintext = CKeyingMaterial(nPLen); | |
| 98 | ||
| 99 | EVP_CIPHER_CTX ctx; | |
| 100 | ||
| 101 | EVP_CIPHER_CTX_init(&ctx); | |
| 102 | EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV); | |
| 103 | ||
| 104 | EVP_DecryptUpdate(&ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen); | |
| 105 | EVP_DecryptFinal_ex(&ctx, (&vchPlaintext[0])+nPLen, &nFLen); | |
| 106 | ||
| 107 | EVP_CIPHER_CTX_cleanup(&ctx); | |
| 108 | ||
| 109 | vchPlaintext.resize(nPLen + nFLen); | |
| 110 | return true; | |
| 111 | } | |
| 112 | ||
| 113 | ||
| 114 | bool EncryptSecret(CKeyingMaterial& vMasterKey, const CSecret &vchPlaintext, const uint256& nIV, std::vector<unsigned char> &vchCiphertext) | |
| 115 | { | |
| 116 | CCrypter cKeyCrypter; | |
| 117 | std::vector<unsigned char> chIV(WALLET_CRYPTO_KEY_SIZE); | |
| 118 | memcpy(&chIV[0], &nIV, WALLET_CRYPTO_KEY_SIZE); | |
| 119 | if(!cKeyCrypter.SetKey(vMasterKey, chIV)) | |
| 120 | return false; | |
| 121 | return cKeyCrypter.Encrypt((CKeyingMaterial)vchPlaintext, vchCiphertext); | |
| 122 | } | |
| 123 | ||
| 124 | bool DecryptSecret(const CKeyingMaterial& vMasterKey, const std::vector<unsigned char>& vchCiphertext, const uint256& nIV, CSecret& vchPlaintext) | |
| 125 | { | |
| 126 | CCrypter cKeyCrypter; | |
| 127 | std::vector<unsigned char> chIV(WALLET_CRYPTO_KEY_SIZE); | |
| 128 | memcpy(&chIV[0], &nIV, WALLET_CRYPTO_KEY_SIZE); | |
| 129 | if(!cKeyCrypter.SetKey(vMasterKey, chIV)) | |
| 130 | return false; | |
| 131 | return cKeyCrypter.Decrypt(vchCiphertext, *((CKeyingMaterial*)&vchPlaintext)); | |
| 132 | } |