aboutsummaryrefslogtreecommitdiff
path: root/tests/unit_tests
diff options
context:
space:
mode:
authorSarang Noether <32460187+SarangNoether@users.noreply.github.com>2020-08-09 19:11:54 -0400
committerSarang Noether <32460187+SarangNoether@users.noreply.github.com>2020-08-09 19:11:54 -0400
commit921dd8dde5d381052d0aa2936304a3541a230c55 (patch)
treeb6e5c12201cc934b17aa61f06861c2199ba99dc1 /tests/unit_tests
parentMerge pull request #6586 (diff)
downloadmonero-921dd8dde5d381052d0aa2936304a3541a230c55.tar.xz
Use domain-separated ChaCha20 for in-memory key encryption
Diffstat (limited to 'tests/unit_tests')
-rw-r--r--tests/unit_tests/account.cpp34
-rw-r--r--tests/unit_tests/serialization.cpp40
2 files changed, 74 insertions, 0 deletions
diff --git a/tests/unit_tests/account.cpp b/tests/unit_tests/account.cpp
index 2ab2f893a..68bf4dce7 100644
--- a/tests/unit_tests/account.cpp
+++ b/tests/unit_tests/account.cpp
@@ -29,14 +29,30 @@
#include "gtest/gtest.h"
#include "cryptonote_basic/account.h"
+#include "ringct/rctOps.h"
+// Tests in-memory encryption of account secret keys
TEST(account, encrypt_keys)
{
+ // Generate account keys and random multisig keys
cryptonote::keypair recovery_key = cryptonote::keypair::generate(hw::get_device("default"));
cryptonote::account_base account;
crypto::secret_key key = account.generate(recovery_key.sec);
+
+ const size_t n_multisig = 4;
+ std::vector<crypto::secret_key> multisig_keys;
+ multisig_keys.reserve(n_multisig);
+ multisig_keys.resize(0);
+ for (size_t i = 0; i < n_multisig; ++i)
+ {
+ multisig_keys.push_back(rct::rct2sk(rct::skGen()));
+ }
+ ASSERT_TRUE(account.make_multisig(account.get_keys().m_view_secret_key, account.get_keys().m_spend_secret_key, account.get_keys().m_account_address.m_spend_public_key, multisig_keys));
+
const cryptonote::account_keys keys = account.get_keys();
+ ASSERT_EQ(keys.m_multisig_keys.size(),n_multisig);
+ // Encrypt and decrypt keys
ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
ASSERT_EQ(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
ASSERT_EQ(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
@@ -50,22 +66,40 @@ TEST(account, encrypt_keys)
ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
ASSERT_NE(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
ASSERT_NE(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+ ASSERT_NE(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
account.decrypt_viewkey(chacha_key);
ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
ASSERT_NE(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
ASSERT_EQ(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+ ASSERT_NE(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
account.encrypt_viewkey(chacha_key);
ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
ASSERT_NE(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
ASSERT_NE(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+ ASSERT_NE(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
+
+ account.decrypt_viewkey(chacha_key);
+
+ ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
+ ASSERT_NE(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
+ ASSERT_EQ(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+ ASSERT_NE(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
+
+ account.encrypt_viewkey(chacha_key);
+
+ ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
+ ASSERT_NE(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
+ ASSERT_NE(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+ ASSERT_NE(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
account.decrypt_keys(chacha_key);
ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
ASSERT_EQ(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
ASSERT_EQ(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+ ASSERT_EQ(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
}
diff --git a/tests/unit_tests/serialization.cpp b/tests/unit_tests/serialization.cpp
index ee205e666..b460559ff 100644
--- a/tests/unit_tests/serialization.cpp
+++ b/tests/unit_tests/serialization.cpp
@@ -616,6 +616,46 @@ TEST(Serialization, serializes_ringct_types)
ASSERT_EQ(bp0, bp1);
}
+TEST(Serialization, key_encryption_transition)
+{
+ const cryptonote::network_type nettype = cryptonote::TESTNET;
+ tools::wallet2 w(nettype);
+ const boost::filesystem::path wallet_file = unit_test::data_dir / "wallet_9svHk1";
+ const boost::filesystem::path key_file = unit_test::data_dir / "wallet_9svHk1.keys";
+ const boost::filesystem::path temp_wallet_file = unit_test::data_dir / "wallet_9svHk1_temp";
+ const boost::filesystem::path temp_key_file = unit_test::data_dir / "wallet_9svHk1_temp.keys";
+ string password = "test";
+ bool r = false;
+
+ // Copy the original files for this test
+ boost::filesystem::copy(wallet_file,temp_wallet_file);
+ boost::filesystem::copy(key_file,temp_key_file);
+
+ try
+ {
+ // Key transition
+ w.load(temp_wallet_file.string(), password); // legacy decryption method
+ ASSERT_TRUE(w.get_load_info().is_legacy_key_encryption);
+ const crypto::secret_key view_secret_key = w.get_account().get_keys().m_view_secret_key;
+
+ w.rewrite(temp_wallet_file.string(), password); // transition to new key format
+
+ w.load(temp_wallet_file.string(), password); // new decryption method
+ ASSERT_FALSE(w.get_load_info().is_legacy_key_encryption);
+ ASSERT_EQ(w.get_account().get_keys().m_view_secret_key,view_secret_key);
+
+ r = true;
+ }
+ catch (const exception& e)
+ {}
+
+ // Remove the temporary files
+ boost::filesystem::remove(temp_wallet_file);
+ boost::filesystem::remove(temp_key_file);
+
+ ASSERT_TRUE(r);
+}
+
TEST(Serialization, portability_wallet)
{
const cryptonote::network_type nettype = cryptonote::TESTNET;