diff options
Diffstat (limited to 'src/cryptonote_basic')
-rw-r--r-- | src/cryptonote_basic/account.cpp | 102 | ||||
-rw-r--r-- | src/cryptonote_basic/account.h | 19 | ||||
-rw-r--r-- | src/cryptonote_basic/events.h | 46 | ||||
-rw-r--r-- | src/cryptonote_basic/fwd.h | 36 |
4 files changed, 153 insertions, 50 deletions
diff --git a/src/cryptonote_basic/account.cpp b/src/cryptonote_basic/account.cpp index 36ff41684..b366985ab 100644 --- a/src/cryptonote_basic/account.cpp +++ b/src/cryptonote_basic/account.cpp @@ -61,7 +61,8 @@ DISABLE_VS_WARNINGS(4244 4345) m_device = &hwdev; MCDEBUG("device", "account_keys::set_device device type: "<<typeid(hwdev).name()); } - //----------------------------------------------------------------- + + // Generate a derived chacha key static void derive_key(const crypto::chacha_key &base_key, crypto::chacha_key &key) { static_assert(sizeof(base_key) == sizeof(crypto::hash), "chacha key and hash should be the same size"); @@ -70,25 +71,38 @@ DISABLE_VS_WARNINGS(4244 4345) data[sizeof(base_key)] = config::HASH_KEY_MEMORY; crypto::generate_chacha_key(data.data(), sizeof(data), key, 1); } - //----------------------------------------------------------------- - static epee::wipeable_string get_key_stream(const crypto::chacha_key &base_key, const crypto::chacha_iv &iv, size_t bytes) + + // Prepare IVs and start chacha for encryption + void account_keys::encrypt_wrapper(const crypto::chacha_key &key, const bool all_keys) { - // derive a new key - crypto::chacha_key key; - derive_key(base_key, key); + // Set a fresh IV only for all-key encryption + if (all_keys) + m_encryption_iv = crypto::rand<crypto::chacha_iv>(); - // chacha - epee::wipeable_string buffer0(std::string(bytes, '\0')); - epee::wipeable_string buffer1 = buffer0; - crypto::chacha20(buffer0.data(), buffer0.size(), key, iv, buffer1.data()); - return buffer1; + // Now do the chacha + chacha_wrapper(key, all_keys); } - //----------------------------------------------------------------- - void account_keys::xor_with_key_stream(const crypto::chacha_key &key) + + // Start chacha for decryption + void account_keys::decrypt_wrapper(const crypto::chacha_key &key, const bool all_keys) + { + chacha_wrapper(key, all_keys); + } + + // Decrypt keys using the legacy method + void account_keys::decrypt_legacy(const crypto::chacha_key &key) { - // encrypt a large enough byte stream with chacha20 - epee::wipeable_string key_stream = get_key_stream(key, m_encryption_iv, sizeof(crypto::secret_key) * (2 + m_multisig_keys.size())); - const char *ptr = key_stream.data(); + // Derive domain-separated chacha key + crypto::chacha_key derived_key; + derive_key(key, derived_key); + + // Build key stream + epee::wipeable_string temp(std::string(sizeof(crypto::secret_key)*(2 + m_multisig_keys.size()), '\0')); + epee::wipeable_string stream = temp; + crypto::chacha20(temp.data(), temp.size(), derived_key, m_encryption_iv, stream.data()); + + // Decrypt all keys + const char *ptr = stream.data(); for (size_t i = 0; i < sizeof(crypto::secret_key); ++i) m_spend_secret_key.data[i] ^= *ptr++; for (size_t i = 0; i < sizeof(crypto::secret_key); ++i) @@ -99,33 +113,39 @@ DISABLE_VS_WARNINGS(4244 4345) k.data[i] ^= *ptr++; } } - //----------------------------------------------------------------- - void account_keys::encrypt(const crypto::chacha_key &key) + + // Perform chacha on either the view key or all keys + void account_keys::chacha_wrapper(const crypto::chacha_key &key, const bool all_keys) { - m_encryption_iv = crypto::rand<crypto::chacha_iv>(); - xor_with_key_stream(key); - } - //----------------------------------------------------------------- - void account_keys::decrypt(const crypto::chacha_key &key) - { - xor_with_key_stream(key); - } - //----------------------------------------------------------------- - void account_keys::encrypt_viewkey(const crypto::chacha_key &key) - { - // encrypt a large enough byte stream with chacha20 - epee::wipeable_string key_stream = get_key_stream(key, m_encryption_iv, sizeof(crypto::secret_key) * 2); - const char *ptr = key_stream.data(); - ptr += sizeof(crypto::secret_key); - for (size_t i = 0; i < sizeof(crypto::secret_key); ++i) - m_view_secret_key.data[i] ^= *ptr++; - } - //----------------------------------------------------------------- - void account_keys::decrypt_viewkey(const crypto::chacha_key &key) - { - encrypt_viewkey(key); + // Derive domain-seprated chacha key + crypto::chacha_key derived_key; + derive_key(key, derived_key); + + // Chacha the specified keys using the appropriate IVs + if (all_keys) + { + // Spend key + crypto::secret_key temp_key; + chacha20((char *) &m_spend_secret_key, sizeof(crypto::secret_key), derived_key, m_encryption_iv, (char *) &temp_key); + memcpy(&m_spend_secret_key, &temp_key, sizeof(crypto::secret_key)); + memwipe(&temp_key, sizeof(crypto::secret_key)); + + // Multisig keys + std::vector<crypto::secret_key> temp_keys; + temp_keys.reserve(m_multisig_keys.size()); + temp_keys.resize(m_multisig_keys.size()); + chacha20((char *) &m_multisig_keys[0], sizeof(crypto::secret_key)*m_multisig_keys.size(), derived_key, m_encryption_iv, (char *) &temp_keys[0]); + memcpy(&m_multisig_keys[0], &temp_keys[0], sizeof(crypto::secret_key)*temp_keys.size()); + memwipe(&temp_keys[0], sizeof(crypto::secret_key)*temp_keys.size()); + } + + // View key + crypto::secret_key temp_key; + chacha20((char *) &m_view_secret_key, sizeof(crypto::secret_key), derived_key, m_encryption_iv, (char *) &temp_key); + memcpy(&m_view_secret_key, &temp_key, sizeof(crypto::secret_key)); + memwipe(&temp_key, sizeof(crypto::secret_key)); } - //----------------------------------------------------------------- + account_base::account_base() { set_null(); diff --git a/src/cryptonote_basic/account.h b/src/cryptonote_basic/account.h index 5288b9b04..c71c06edd 100644 --- a/src/cryptonote_basic/account.h +++ b/src/cryptonote_basic/account.h @@ -57,16 +57,15 @@ namespace cryptonote account_keys& operator=(account_keys const&) = default; - void encrypt(const crypto::chacha_key &key); - void decrypt(const crypto::chacha_key &key); - void encrypt_viewkey(const crypto::chacha_key &key); - void decrypt_viewkey(const crypto::chacha_key &key); + void encrypt_wrapper(const crypto::chacha_key &key, const bool all_keys); + void decrypt_wrapper(const crypto::chacha_key &key, const bool all_keys); + void decrypt_legacy(const crypto::chacha_key &key); hw::device& get_device() const ; void set_device( hw::device &hwdev) ; private: - void xor_with_key_stream(const crypto::chacha_key &key); + void chacha_wrapper(const crypto::chacha_key &key, const bool all_keys); }; /************************************************************************/ @@ -100,10 +99,12 @@ namespace cryptonote void forget_spend_key(); const std::vector<crypto::secret_key> &get_multisig_keys() const { return m_keys.m_multisig_keys; } - void encrypt_keys(const crypto::chacha_key &key) { m_keys.encrypt(key); } - void decrypt_keys(const crypto::chacha_key &key) { m_keys.decrypt(key); } - void encrypt_viewkey(const crypto::chacha_key &key) { m_keys.encrypt_viewkey(key); } - void decrypt_viewkey(const crypto::chacha_key &key) { m_keys.decrypt_viewkey(key); } + void encrypt_keys(const crypto::chacha_key &key) { m_keys.encrypt_wrapper(key, true); } + void encrypt_keys_same_iv(const crypto::chacha_key &key) { m_keys.decrypt_wrapper(key, true); } // encryption with the same IV is the same as decryption due to symmetry + void decrypt_keys(const crypto::chacha_key &key) { m_keys.decrypt_wrapper(key, true); } + void encrypt_viewkey(const crypto::chacha_key &key) { m_keys.encrypt_wrapper(key, false); } + void decrypt_viewkey(const crypto::chacha_key &key) { m_keys.decrypt_wrapper(key, false); } + void decrypt_legacy(const crypto::chacha_key &key) { m_keys.decrypt_legacy(key); } template <class t_archive> inline void serialize(t_archive &a, const unsigned int /*ver*/) diff --git a/src/cryptonote_basic/events.h b/src/cryptonote_basic/events.h new file mode 100644 index 000000000..6c6742215 --- /dev/null +++ b/src/cryptonote_basic/events.h @@ -0,0 +1,46 @@ +// Copyright (c) 2020, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#pragma once + +#include "crypto/hash.h" +#include "cryptonote_basic/cryptonote_basic.h" + +namespace cryptonote +{ + /*! Transactions are expensive to move or copy (lots of 32-byte internal + buffers). This allows `cryptonote::core` to do a single notification for + a vector of transactions, without having to move/copy duplicate or invalid + transactions. */ + struct txpool_event + { + cryptonote::transaction tx; + crypto::hash hash; + bool res; //!< Listeners must ignore `tx` when this is false. + }; +} diff --git a/src/cryptonote_basic/fwd.h b/src/cryptonote_basic/fwd.h new file mode 100644 index 000000000..d54223461 --- /dev/null +++ b/src/cryptonote_basic/fwd.h @@ -0,0 +1,36 @@ +// Copyright (c) 2020, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#pragma once + +namespace cryptonote +{ + struct block; + class transaction; + struct txpool_event; +} |