genesis

raw
genesis                 1 // Copyright (c) 2011 The Bitcoin Developers
genesis                 2 // Distributed under the MIT/X11 software license, see the accompanying
genesis                 3 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
genesis                 4 
genesis                 5 #include <openssl/aes.h>
genesis                 6 #include <openssl/evp.h>
genesis                 7 #include <vector>
genesis                 8 #include <string>
genesis                 9 #include "headers.h"
genesis                10 #ifdef WIN32
genesis                11 #include <windows.h>
genesis                12 #endif
genesis                13 
genesis                14 #include "crypter.h"
genesis                15 #include "main.h"
genesis                16 #include "util.h"
genesis                17 
genesis                18 bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod)
genesis                19 {
genesis                20     if (nRounds < 1 || chSalt.size() != WALLET_CRYPTO_SALT_SIZE)
genesis                21         return false;
genesis                22 
genesis                23     // Try to keep the keydata out of swap (and be a bit over-careful to keep the IV that we don't even use out of swap)
genesis                24     // Note that this does nothing about suspend-to-disk (which will put all our key data on disk)
genesis                25     // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process.  
genesis                26     mlock(&chKey[0], sizeof chKey);
genesis                27     mlock(&chIV[0], sizeof chIV);
genesis                28 
genesis                29     int i = 0;
genesis                30     if (nDerivationMethod == 0)
genesis                31         i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha512(), &chSalt[0],
genesis                32                           (unsigned char *)&strKeyData[0], strKeyData.size(), nRounds, chKey, chIV);
genesis                33 
genesis                34     if (i != WALLET_CRYPTO_KEY_SIZE)
genesis                35     {
genesis                36         memset(&chKey, 0, sizeof chKey);
genesis                37         memset(&chIV, 0, sizeof chIV);
genesis                38         return false;
genesis                39     }
genesis                40 
genesis                41     fKeySet = true;
genesis                42     return true;
genesis                43 }
genesis                44 
genesis                45 bool CCrypter::SetKey(const CKeyingMaterial& chNewKey, const std::vector<unsigned char>& chNewIV)
genesis                46 {
genesis                47     if (chNewKey.size() != WALLET_CRYPTO_KEY_SIZE || chNewIV.size() != WALLET_CRYPTO_KEY_SIZE)
genesis                48         return false;
genesis                49 
genesis                50     // Try to keep the keydata out of swap
genesis                51     // Note that this does nothing about suspend-to-disk (which will put all our key data on disk)
genesis                52     // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process.  
genesis                53     mlock(&chKey[0], sizeof chKey);
genesis                54     mlock(&chIV[0], sizeof chIV);
genesis                55 
genesis                56     memcpy(&chKey[0], &chNewKey[0], sizeof chKey);
genesis                57     memcpy(&chIV[0], &chNewIV[0], sizeof chIV);
genesis                58 
genesis                59     fKeySet = true;
genesis                60     return true;
genesis                61 }
genesis                62 
genesis                63 bool CCrypter::Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned char> &vchCiphertext)
genesis                64 {
genesis                65     if (!fKeySet)
genesis                66         return false;
genesis                67 
genesis                68     // max ciphertext len for a n bytes of plaintext is
genesis                69     // n + AES_BLOCK_SIZE - 1 bytes
genesis                70     int nLen = vchPlaintext.size();
genesis                71     int nCLen = nLen + AES_BLOCK_SIZE, nFLen = 0;
genesis                72     vchCiphertext = std::vector<unsigned char> (nCLen);
genesis                73 
genesis                74     EVP_CIPHER_CTX ctx;
genesis                75 
genesis                76     EVP_CIPHER_CTX_init(&ctx);
genesis                77     EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV);
genesis                78 
genesis                79     EVP_EncryptUpdate(&ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen);
genesis                80     EVP_EncryptFinal_ex(&ctx, (&vchCiphertext[0])+nCLen, &nFLen);
genesis                81 
genesis                82     EVP_CIPHER_CTX_cleanup(&ctx);
genesis                83 
genesis                84     vchCiphertext.resize(nCLen + nFLen);
genesis                85     return true;
genesis                86 }
genesis                87 
genesis                88 bool CCrypter::Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext)
genesis                89 {
genesis                90     if (!fKeySet)
genesis                91         return false;
genesis                92 
genesis                93     // plaintext will always be equal to or lesser than length of ciphertext
genesis                94     int nLen = vchCiphertext.size();
genesis                95     int nPLen = nLen, nFLen = 0;
genesis                96 
genesis                97     vchPlaintext = CKeyingMaterial(nPLen);
genesis                98 
genesis                99     EVP_CIPHER_CTX ctx;
genesis               100 
genesis               101     EVP_CIPHER_CTX_init(&ctx);
genesis               102     EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV);
genesis               103 
genesis               104     EVP_DecryptUpdate(&ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen);
genesis               105     EVP_DecryptFinal_ex(&ctx, (&vchPlaintext[0])+nPLen, &nFLen);
genesis               106 
genesis               107     EVP_CIPHER_CTX_cleanup(&ctx);
genesis               108 
genesis               109     vchPlaintext.resize(nPLen + nFLen);
genesis               110     return true;
genesis               111 }
genesis               112 
genesis               113 
genesis               114 bool EncryptSecret(CKeyingMaterial& vMasterKey, const CSecret &vchPlaintext, const uint256& nIV, std::vector<unsigned char> &vchCiphertext)
genesis               115 {
genesis               116     CCrypter cKeyCrypter;
genesis               117     std::vector<unsigned char> chIV(WALLET_CRYPTO_KEY_SIZE);
genesis               118     memcpy(&chIV[0], &nIV, WALLET_CRYPTO_KEY_SIZE);
genesis               119     if(!cKeyCrypter.SetKey(vMasterKey, chIV))
genesis               120         return false;
genesis               121     return cKeyCrypter.Encrypt((CKeyingMaterial)vchPlaintext, vchCiphertext);
genesis               122 }
genesis               123 
genesis               124 bool DecryptSecret(const CKeyingMaterial& vMasterKey, const std::vector<unsigned char>& vchCiphertext, const uint256& nIV, CSecret& vchPlaintext)
genesis               125 {
genesis               126     CCrypter cKeyCrypter;
genesis               127     std::vector<unsigned char> chIV(WALLET_CRYPTO_KEY_SIZE);
genesis               128     memcpy(&chIV[0], &nIV, WALLET_CRYPTO_KEY_SIZE);
genesis               129     if(!cKeyCrypter.SetKey(vMasterKey, chIV))
genesis               130         return false;
genesis               131     return cKeyCrypter.Decrypt(vchCiphertext, *((CKeyingMaterial*)&vchPlaintext));
genesis               132 }