diff options
author | Sarang Noether <32460187+SarangNoether@users.noreply.github.com> | 2020-08-09 19:11:54 -0400 |
---|---|---|
committer | Sarang Noether <32460187+SarangNoether@users.noreply.github.com> | 2020-08-09 19:11:54 -0400 |
commit | 921dd8dde5d381052d0aa2936304a3541a230c55 (patch) | |
tree | b6e5c12201cc934b17aa61f06861c2199ba99dc1 /src/wallet | |
parent | Merge pull request #6586 (diff) | |
download | monero-921dd8dde5d381052d0aa2936304a3541a230c55.tar.xz |
Use domain-separated ChaCha20 for in-memory key encryption
Diffstat (limited to 'src/wallet')
-rw-r--r-- | src/wallet/wallet2.cpp | 16 | ||||
-rw-r--r-- | src/wallet/wallet2.h | 11 |
2 files changed, 27 insertions, 0 deletions
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index d7ed3e999..f273eb368 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -4349,9 +4349,24 @@ bool wallet2::load_keys_buf(const std::string& keys_buf, const epee::wipeable_st if (r) { + // Decrypt keys, using one of two possible methods if (encrypted_secret_keys) { + // First try the updated method m_account.decrypt_keys(key); + load_info.is_legacy_key_encryption = false; + + // Test address construction to see if decryption succeeded + const cryptonote::account_keys &keys = m_account.get_keys(); + hw::device &hwdev = m_account.get_device(); + if (!hwdev.verify_keys(keys.m_view_secret_key, keys.m_account_address.m_view_public_key) || !hwdev.verify_keys(keys.m_spend_secret_key, keys.m_account_address.m_spend_public_key)) + { + // Updated method failed; try the legacy method + // Note that we must first encrypt the keys again with the same IV + m_account.encrypt_keys_same_iv(key); + m_account.decrypt_legacy(key); + load_info.is_legacy_key_encryption = true; + } } else { @@ -5555,6 +5570,7 @@ void wallet2::load(const std::string& wallet_, const epee::wipeable_string& pass { clear(); prepare_file_names(wallet_); + MINFO("Keys file: " << m_keys_file); // determine if loading from file system or string buffer bool use_fs = !wallet_.empty(); diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h index 712f91613..1d26c6a00 100644 --- a/src/wallet/wallet2.h +++ b/src/wallet/wallet2.h @@ -219,6 +219,15 @@ private: friend class wallet_keys_unlocker; friend class wallet_device_callback; public: + // Contains data on how keys were loaded, primarily for unit test purposes + struct load_info_t { + bool is_legacy_key_encryption; + }; + + const load_info_t &get_load_info() const { + return load_info; + } + static constexpr const std::chrono::seconds rpc_timeout = std::chrono::minutes(3) + std::chrono::seconds(30); enum RefreshType { @@ -1407,6 +1416,8 @@ private: static std::string get_default_daemon_address() { CRITICAL_REGION_LOCAL(default_daemon_address_lock); return default_daemon_address; } private: + load_info_t load_info; + /*! * \brief Stores wallet information to wallet file. * \param keys_file_name Name of wallet file |