aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/crypto.h (unfollow)
AgeCommit message (Collapse)AuthorFilesLines
2023-01-16Copyright: Update to 2023mj-xmr1-1/+1
Co-authored-by: plowsof <plowsof@protonmail.com> extra files
2023-01-03miscellaneous crypto updateskoe1-0/+8
2022-04-18Add view tags to outputs to reduce wallet scanning timej-berman1-1/+19
Implements view tags as proposed by @UkoeHB in MRL issue https://github.com/monero-project/research-lab/issues/73 At tx construction, the sender adds a 1-byte view tag to each output. The view tag is derived from the sender-receiver shared secret. When scanning for outputs, the receiver can check the view tag for a match, in order to reduce scanning time. When the view tag does not match, the wallet avoids the more expensive EC operations when deriving the output public key using the shared secret.
2022-03-04Copyright: Update to 2022mj-xmr1-1/+1
2022-02-22multisig key exchange update and refactorkoe1-1/+10
2020-08-09Updates InProofV1, OutProofV1, and ReserveProofV1 to new V2 variants that ↵Sarang Noether1-4/+9
include all public proof parameters in Schnorr challenges, along with hash function domain separators. Includes new randomized unit tests.
2020-05-06Update copyright year to 2020SomaticFanatic1-1/+1
Update copyright year to 2020
2019-08-22wallet: add --extra-entropy command line flagmoneromooo-monero1-0/+1
It lets the user add custom entropy to the PRNG. It does this by hashing the new data and xoring the resulting hash with the PRNG state.
2019-04-04crypto: replace rand<T>()%N idiom with unbiased rand_idx(N)stoffu1-0/+27
2019-03-05Update 2019 copyrightbinaryFate1-1/+1
2018-11-15Removed a lot of unnecessary includesMartijn Otto1-3/+0
2018-08-23add and use constant time 32 byte equality functionmoneromooo-monero1-1/+1
2018-08-16crypto: make secret_key automatically mlockmoneromooo-monero1-1/+2
2018-07-20crypto: do not use boost::value_initialized to init null skey/pkeymoneromooo-monero1-1/+0
2018-07-15crypto: move null_pkey/null_skey to the cpp filemoneromooo-monero1-2/+2
2018-07-05crypto: remove slight bias in key generation due to modulomoneromooo-monero1-0/+1
2018-04-10crypto: fix initialization order issue with random mutexmoneromooo-monero1-6/+4
2018-03-14crypto: revert odd namespace changes made in #3303stoffu1-9/+0
2018-03-14device: untangle cyclic depenencystoffu1-12/+0
When #3303 was merged, a cyclic dependency chain was generated: libdevice <- libcncrypto <- libringct <- libdevice This was because libdevice needs access to a set of basic crypto operations implemented in libringct such as scalarmultBase(), while libringct also needs access to abstracted crypto operations implemented in libdevice such as ecdhEncode(). To untangle this cyclic dependency chain, this patch splits libringct into libringct_basic and libringct, where the basic crypto ops previously in libringct are moved into libringct_basic. The cyclic dependency is now resolved thanks to this separation: libcncrypto <- libringct_basic <- libdevice <- libcryptonote_basic <- libringct This eliminates the need for crypto_device.cpp and rctOps_device.cpp. Also, many abstracted interfaces of hw::device such as encrypt_payment_id() and get_subaddress_secret_key() were previously implemented in libcryptonote_basic (cryptonote_format_utils.cpp) and were then called from hw::core::device_default, which is odd because libdevice is supposed to be independent of libcryptonote_basic. Therefore, those functions were moved to device_default.cpp.
2018-03-04Code modifications to integrate Ledger HW device into monero-wallet-cli.cslashm1-0/+21
The basic approach it to delegate all sensitive data (master key, secret ephemeral key, key derivation, ....) and related operations to the device. As device has low memory, it does not keep itself the values (except for view/spend keys) but once computed there are encrypted (with AES are equivalent) and return back to monero-wallet-cli. When they need to be manipulated by the device, they are decrypted on receive. Moreover, using the client for storing the value in encrypted form limits the modification in the client code. Those values are transfered from one C-structure to another one as previously. The code modification has been done with the wishes to be open to any other hardware wallet. To achieve that a C++ class hw::Device has been introduced. Two initial implementations are provided: the "default", which remaps all calls to initial Monero code, and the "Ledger", which delegates all calls to Ledger device.
2018-01-26Update 2018 copyrightxmr-eric1-1/+1
2018-01-10move memwipe to epee to avoid common<->crypto circular dependenciesmoneromooo-monero1-1/+1
2017-12-16Scrub keys from memory just before scope end.moneromooo-monero1-3/+4
Partially implements #74. Securely erases keys from memory after they are no longer needed. Might have a performance impact, which I haven't measured (perf measurements aren't generally reliable on laptops). Thanks to @stoffu for the suggestion to specialize the pod_to_hex/hex_to_pod functions. Using overloads + SFINAE instead generalizes it so other types can be marked as scrubbed without adding more boilerplate.
2017-10-07Subaddresseskenshi841-8/+19
2017-09-25move checkpoints in a separate librarymoneromooo-monero1-0/+22
2017-06-22Signature proving payment to destination by only revealing key derivation, ↵stoffu1-0/+14
not the actual tx secret key
2017-02-21update copyright year, fix occasional lack of newline at line endRiccardo Spagni1-1/+1
2016-11-07wallet: fix output collision detection for view walletsmoneromooo-monero1-1/+1
View wallets do not have the spend secret key, and are thus unable to derive key images for incoming outputs. Moreover, a previous patch set key images to zero as a means to mark an output as having an unknown key image, so they could be filled in when importing key images at a later time. That later patch caused spurious collisions. We now use public keys to detect duplicate outputs. Public keys obtained from the blockchain are checked to be identical to the ones derived locally, so can't be spoofed.
2016-08-28rct amount key modified as per luigi1111's recommendationsmoneromooo-monero1-0/+5
This allows the key to be not the same for two outputs sent to the same address (eg, if you pay yourself, and also get change back). Also remove the key amounts lists and return parameters since we don't actually generate random ones, so we don't need to save them as we can recalculate them when needed if we have the correct keys.
2016-08-28ringct: import of Shen Noether's ring confidential transactionsmoneromooo-monero1-0/+16
2016-05-15crypto: make clear generate_random_bytes is not thread safemoneromooo-monero1-1/+8
And add a thread safe version to encourage proper use
2016-03-11Use boost::thread instead of std::threadHoward Chu1-3/+4
and all other associated IPC
2015-12-31updated copyright yearRiccardo Spagni1-1/+1
2015-01-02year updated in licenseRiccardo Spagni1-1/+1
2014-07-23License updated to BSD 3-clausefluffypony1-3/+29
2014-06-12builds, but doesn't link. other than that, electrum-style recovery ↵Thomas Winget1-4/+4
implemented (but not tested\!)
2014-06-12revert 'dirty hack' change to crypto.h. need a better way for sure.Thomas Winget1-4/+1
2014-06-12compile issues, resolve later. commiting because switching machinestom1-1/+4
2014-03-03moved all stuff to githubAntonio Juarez1-80/+100
2013-11-15crypto libamjuarez1-0/+166