Use domain-separated ChaCha20 for in-memory key encryption

2 files changed, 74 insertions, 0 deletions

diff --git a/tests/unit_tests/account.cpp b/tests/unit_tests/account.cpp
index 2ab2f893a..68bf4dce7 100644
--- a/tests/unit_tests/account.cpp
+++ b/tests/unit_tests/account.cpp
@@ -29,14 +29,30 @@
 #include "gtest/gtest.h"
 
 #include "cryptonote_basic/account.h"
+#include "ringct/rctOps.h"
 
+// Tests in-memory encryption of account secret keys
 TEST(account, encrypt_keys)
 {
+  // Generate account keys and random multisig keys
   cryptonote::keypair recovery_key = cryptonote::keypair::generate(hw::get_device("default"));
   cryptonote::account_base account;
   crypto::secret_key key = account.generate(recovery_key.sec);
+
+  const size_t n_multisig = 4;
+  std::vector<crypto::secret_key> multisig_keys;
+  multisig_keys.reserve(n_multisig);
+  multisig_keys.resize(0);
+  for (size_t i = 0; i < n_multisig; ++i)
+  {
+    multisig_keys.push_back(rct::rct2sk(rct::skGen()));
+  }
+  ASSERT_TRUE(account.make_multisig(account.get_keys().m_view_secret_key, account.get_keys().m_spend_secret_key, account.get_keys().m_account_address.m_spend_public_key, multisig_keys));
+
   const cryptonote::account_keys keys = account.get_keys();
+  ASSERT_EQ(keys.m_multisig_keys.size(),n_multisig);
 
+  // Encrypt and decrypt keys
   ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
   ASSERT_EQ(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
   ASSERT_EQ(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
@@ -50,22 +66,40 @@ TEST(account, encrypt_keys)
   ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
   ASSERT_NE(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
   ASSERT_NE(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+  ASSERT_NE(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
 
   account.decrypt_viewkey(chacha_key);
 
   ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
   ASSERT_NE(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
   ASSERT_EQ(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+  ASSERT_NE(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
 
   account.encrypt_viewkey(chacha_key);
 
   ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
   ASSERT_NE(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
   ASSERT_NE(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+  ASSERT_NE(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
+
+  account.decrypt_viewkey(chacha_key);
+
+  ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
+  ASSERT_NE(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
+  ASSERT_EQ(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+  ASSERT_NE(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
+
+  account.encrypt_viewkey(chacha_key);
+
+  ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
+  ASSERT_NE(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
+  ASSERT_NE(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+  ASSERT_NE(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
 
   account.decrypt_keys(chacha_key);
 
   ASSERT_EQ(account.get_keys().m_account_address, keys.m_account_address);
   ASSERT_EQ(account.get_keys().m_spend_secret_key, keys.m_spend_secret_key);
   ASSERT_EQ(account.get_keys().m_view_secret_key, keys.m_view_secret_key);
+  ASSERT_EQ(account.get_keys().m_multisig_keys, keys.m_multisig_keys);
 }
diff --git a/tests/unit_tests/serialization.cpp b/tests/unit_tests/serialization.cpp
index ee205e666..b460559ff 100644
--- a/tests/unit_tests/serialization.cpp
+++ b/tests/unit_tests/serialization.cpp
@@ -616,6 +616,46 @@ TEST(Serialization, serializes_ringct_types)
   ASSERT_EQ(bp0, bp1);
 }
 
+TEST(Serialization, key_encryption_transition)
+{
+  const cryptonote::network_type nettype = cryptonote::TESTNET;
+  tools::wallet2 w(nettype);
+  const boost::filesystem::path wallet_file = unit_test::data_dir / "wallet_9svHk1";
+  const boost::filesystem::path key_file = unit_test::data_dir / "wallet_9svHk1.keys";
+  const boost::filesystem::path temp_wallet_file = unit_test::data_dir / "wallet_9svHk1_temp";
+  const boost::filesystem::path temp_key_file = unit_test::data_dir / "wallet_9svHk1_temp.keys";
+  string password = "test";
+  bool r = false;
+
+  // Copy the original files for this test
+  boost::filesystem::copy(wallet_file,temp_wallet_file);
+  boost::filesystem::copy(key_file,temp_key_file);
+
+  try
+  {
+    // Key transition
+    w.load(temp_wallet_file.string(), password); // legacy decryption method
+    ASSERT_TRUE(w.get_load_info().is_legacy_key_encryption);
+    const crypto::secret_key view_secret_key = w.get_account().get_keys().m_view_secret_key;
+
+    w.rewrite(temp_wallet_file.string(), password); // transition to new key format
+
+    w.load(temp_wallet_file.string(), password); // new decryption method
+    ASSERT_FALSE(w.get_load_info().is_legacy_key_encryption);
+    ASSERT_EQ(w.get_account().get_keys().m_view_secret_key,view_secret_key);
+
+    r = true;
+  }
+  catch (const exception& e)
+  {}
+
+  // Remove the temporary files
+  boost::filesystem::remove(temp_wallet_file);
+  boost::filesystem::remove(temp_key_file);
+
+  ASSERT_TRUE(r);
+}
+
 TEST(Serialization, portability_wallet)
 {
   const cryptonote::network_type nettype = cryptonote::TESTNET;