wallet: encrypt outputs and key images files with the view key
This key is available to both cold and hot wallet. Authenticated encryption will guard against interception and/or modification of the file.
This commit is contained in:
parent
1372f255af
commit
8aba0d4b4c
|
@ -77,8 +77,8 @@ typedef cryptonote::simple_wallet sw;
|
|||
|
||||
#define DEFAULT_MIX 4
|
||||
|
||||
#define KEY_IMAGE_EXPORT_FILE_MAGIC "Monero key image export\001"
|
||||
#define OUTPUT_EXPORT_FILE_MAGIC "Monero output export\001"
|
||||
#define KEY_IMAGE_EXPORT_FILE_MAGIC "Monero key image export\002"
|
||||
#define OUTPUT_EXPORT_FILE_MAGIC "Monero output export\002"
|
||||
|
||||
// workaround for a suspected bug in pthread/kernel on MacOS X
|
||||
#ifdef __APPLE__
|
||||
|
@ -4018,8 +4018,10 @@ bool simple_wallet::export_key_images(const std::vector<std::string> &args)
|
|||
try
|
||||
{
|
||||
std::vector<std::pair<crypto::key_image, crypto::signature>> ski = m_wallet->export_key_images();
|
||||
std::string data(KEY_IMAGE_EXPORT_FILE_MAGIC, strlen(KEY_IMAGE_EXPORT_FILE_MAGIC));
|
||||
std::string magic(KEY_IMAGE_EXPORT_FILE_MAGIC, strlen(KEY_IMAGE_EXPORT_FILE_MAGIC));
|
||||
const cryptonote::account_public_address &keys = m_wallet->get_account().get_keys().m_account_address;
|
||||
|
||||
std::string data;
|
||||
data += std::string((const char *)&keys.m_spend_public_key, sizeof(crypto::public_key));
|
||||
data += std::string((const char *)&keys.m_view_public_key, sizeof(crypto::public_key));
|
||||
for (const auto &i: ski)
|
||||
|
@ -4027,7 +4029,10 @@ bool simple_wallet::export_key_images(const std::vector<std::string> &args)
|
|||
data += std::string((const char *)&i.first, sizeof(crypto::key_image));
|
||||
data += std::string((const char *)&i.second, sizeof(crypto::signature));
|
||||
}
|
||||
bool r = epee::file_io_utils::save_string_to_file(filename, data);
|
||||
|
||||
// encrypt data, keep magic plaintext
|
||||
std::string ciphertext = m_wallet->encrypt_with_view_secret_key(data);
|
||||
bool r = epee::file_io_utils::save_string_to_file(filename, magic + ciphertext);
|
||||
if (!r)
|
||||
{
|
||||
fail_msg_writer() << tr("failed to save file ") << filename;
|
||||
|
@ -4067,14 +4072,25 @@ bool simple_wallet::import_key_images(const std::vector<std::string> &args)
|
|||
fail_msg_writer() << "Bad key image export file magic in " << filename;
|
||||
return true;
|
||||
}
|
||||
const size_t headerlen = magiclen + 2 * sizeof(crypto::public_key);
|
||||
|
||||
try
|
||||
{
|
||||
data = m_wallet->decrypt_with_view_secret_key(std::string(data, magiclen));
|
||||
}
|
||||
catch (const std::exception &e)
|
||||
{
|
||||
fail_msg_writer() << "Failed to decrypt " << filename << ": " << e.what();
|
||||
return true;
|
||||
}
|
||||
|
||||
const size_t headerlen = 2 * sizeof(crypto::public_key);
|
||||
if (data.size() < headerlen)
|
||||
{
|
||||
fail_msg_writer() << "Bad data size from file " << filename;
|
||||
return true;
|
||||
}
|
||||
const crypto::public_key &public_spend_key = *(const crypto::public_key*)&data[magiclen];
|
||||
const crypto::public_key &public_view_key = *(const crypto::public_key*)&data[magiclen + sizeof(crypto::public_key)];
|
||||
const crypto::public_key &public_spend_key = *(const crypto::public_key*)&data[0];
|
||||
const crypto::public_key &public_view_key = *(const crypto::public_key*)&data[sizeof(crypto::public_key)];
|
||||
const cryptonote::account_public_address &keys = m_wallet->get_account().get_keys().m_account_address;
|
||||
if (public_spend_key != keys.m_spend_public_key || public_view_key != keys.m_view_public_key)
|
||||
{
|
||||
|
@ -4133,11 +4149,13 @@ bool simple_wallet::export_outputs(const std::vector<std::string> &args)
|
|||
boost::archive::binary_oarchive ar(oss);
|
||||
ar << outs;
|
||||
|
||||
std::string data(OUTPUT_EXPORT_FILE_MAGIC, strlen(OUTPUT_EXPORT_FILE_MAGIC));
|
||||
std::string magic(OUTPUT_EXPORT_FILE_MAGIC, strlen(OUTPUT_EXPORT_FILE_MAGIC));
|
||||
const cryptonote::account_public_address &keys = m_wallet->get_account().get_keys().m_account_address;
|
||||
data += std::string((const char *)&keys.m_spend_public_key, sizeof(crypto::public_key));
|
||||
data += std::string((const char *)&keys.m_view_public_key, sizeof(crypto::public_key));
|
||||
bool r = epee::file_io_utils::save_string_to_file(filename, data + oss.str());
|
||||
std::string header;
|
||||
header += std::string((const char *)&keys.m_spend_public_key, sizeof(crypto::public_key));
|
||||
header += std::string((const char *)&keys.m_view_public_key, sizeof(crypto::public_key));
|
||||
std::string ciphertext = m_wallet->encrypt_with_view_secret_key(header + oss.str());
|
||||
bool r = epee::file_io_utils::save_string_to_file(filename, magic + ciphertext);
|
||||
if (!r)
|
||||
{
|
||||
fail_msg_writer() << tr("failed to save file ") << filename;
|
||||
|
@ -4177,14 +4195,25 @@ bool simple_wallet::import_outputs(const std::vector<std::string> &args)
|
|||
fail_msg_writer() << "Bad output export file magic in " << filename;
|
||||
return true;
|
||||
}
|
||||
const size_t headerlen = magiclen + 2 * sizeof(crypto::public_key);
|
||||
|
||||
try
|
||||
{
|
||||
data = m_wallet->decrypt_with_view_secret_key(std::string(data, magiclen));
|
||||
}
|
||||
catch (const std::exception &e)
|
||||
{
|
||||
fail_msg_writer() << "Failed to decrypt " << filename << ": " << e.what();
|
||||
return true;
|
||||
}
|
||||
|
||||
const size_t headerlen = 2 * sizeof(crypto::public_key);
|
||||
if (data.size() < headerlen)
|
||||
{
|
||||
fail_msg_writer() << "Bad data size from file " << filename;
|
||||
return true;
|
||||
}
|
||||
const crypto::public_key &public_spend_key = *(const crypto::public_key*)&data[magiclen];
|
||||
const crypto::public_key &public_view_key = *(const crypto::public_key*)&data[magiclen + sizeof(crypto::public_key)];
|
||||
const crypto::public_key &public_spend_key = *(const crypto::public_key*)&data[0];
|
||||
const crypto::public_key &public_view_key = *(const crypto::public_key*)&data[sizeof(crypto::public_key)];
|
||||
const cryptonote::account_public_address &keys = m_wallet->get_account().get_keys().m_account_address;
|
||||
if (public_spend_key != keys.m_spend_public_key || public_view_key != keys.m_view_public_key)
|
||||
{
|
||||
|
|
|
@ -4410,6 +4410,61 @@ size_t wallet2::import_outputs(const std::vector<tools::wallet2::transfer_detail
|
|||
return m_transfers.size();
|
||||
}
|
||||
//----------------------------------------------------------------------------------------------------
|
||||
std::string wallet2::encrypt(const std::string &plaintext, const crypto::secret_key &skey, bool authenticated) const
|
||||
{
|
||||
crypto::chacha8_key key;
|
||||
crypto::generate_chacha8_key(&skey, sizeof(skey), key);
|
||||
std::string ciphertext;
|
||||
crypto::chacha8_iv iv = crypto::rand<crypto::chacha8_iv>();
|
||||
ciphertext.resize(plaintext.size() + sizeof(iv) + (authenticated ? sizeof(crypto::signature) : 0));
|
||||
crypto::chacha8(plaintext.data(), plaintext.size(), key, iv, &ciphertext[sizeof(iv)]);
|
||||
memcpy(&ciphertext[0], &iv, sizeof(iv));
|
||||
if (authenticated)
|
||||
{
|
||||
crypto::hash hash;
|
||||
crypto::cn_fast_hash(ciphertext.data(), ciphertext.size() - sizeof(signature), hash);
|
||||
crypto::public_key pkey;
|
||||
crypto::secret_key_to_public_key(skey, pkey);
|
||||
crypto::signature &signature = *(crypto::signature*)&ciphertext[ciphertext.size() - sizeof(crypto::signature)];
|
||||
crypto::generate_signature(hash, pkey, skey, signature);
|
||||
}
|
||||
return std::move(ciphertext);
|
||||
}
|
||||
//----------------------------------------------------------------------------------------------------
|
||||
std::string wallet2::encrypt_with_view_secret_key(const std::string &plaintext, bool authenticated) const
|
||||
{
|
||||
return encrypt(plaintext, get_account().get_keys().m_view_secret_key, authenticated);
|
||||
}
|
||||
//----------------------------------------------------------------------------------------------------
|
||||
std::string wallet2::decrypt(const std::string &ciphertext, const crypto::secret_key &skey, bool authenticated) const
|
||||
{
|
||||
THROW_WALLET_EXCEPTION_IF(ciphertext.size() < sizeof(chacha8_iv),
|
||||
error::wallet_internal_error, "key_image generated ephemeral public key not matched with output_key");
|
||||
|
||||
crypto::chacha8_key key;
|
||||
crypto::generate_chacha8_key(&skey, sizeof(skey), key);
|
||||
const crypto::chacha8_iv &iv = *(const crypto::chacha8_iv*)&ciphertext[0];
|
||||
std::string plaintext;
|
||||
plaintext.resize(ciphertext.size() - sizeof(iv) - (authenticated ? sizeof(crypto::signature) : 0));
|
||||
if (authenticated)
|
||||
{
|
||||
crypto::hash hash;
|
||||
crypto::cn_fast_hash(ciphertext.data(), ciphertext.size() - sizeof(signature), hash);
|
||||
crypto::public_key pkey;
|
||||
crypto::secret_key_to_public_key(skey, pkey);
|
||||
const crypto::signature &signature = *(const crypto::signature*)&ciphertext[ciphertext.size() - sizeof(crypto::signature)];
|
||||
THROW_WALLET_EXCEPTION_IF(!crypto::check_signature(hash, pkey, signature),
|
||||
error::wallet_internal_error, "Failed to authenticate criphertext");
|
||||
}
|
||||
crypto::chacha8(ciphertext.data() + sizeof(iv), ciphertext.size() - sizeof(iv), key, iv, &plaintext[0]);
|
||||
return std::move(plaintext);
|
||||
}
|
||||
//----------------------------------------------------------------------------------------------------
|
||||
std::string wallet2::decrypt_with_view_secret_key(const std::string &ciphertext, bool authenticated) const
|
||||
{
|
||||
return decrypt(ciphertext, get_account().get_keys().m_view_secret_key, authenticated);
|
||||
}
|
||||
//----------------------------------------------------------------------------------------------------
|
||||
void wallet2::generate_genesis(cryptonote::block& b) {
|
||||
if (m_testnet)
|
||||
{
|
||||
|
|
|
@ -480,6 +480,12 @@ namespace tools
|
|||
uint64_t import_key_images(const std::vector<std::pair<crypto::key_image, crypto::signature>> &signed_key_images, uint64_t &spent, uint64_t &unspent);
|
||||
|
||||
void update_pool_state();
|
||||
|
||||
std::string encrypt(const std::string &plaintext, const crypto::secret_key &skey, bool authenticated = true) const;
|
||||
std::string encrypt_with_view_secret_key(const std::string &plaintext, bool authenticated = true) const;
|
||||
std::string decrypt(const std::string &ciphertext, const crypto::secret_key &skey, bool authenticated = true) const;
|
||||
std::string decrypt_with_view_secret_key(const std::string &ciphertext, bool authenticated = true) const;
|
||||
|
||||
private:
|
||||
/*!
|
||||
* \brief Stores wallet information to wallet file.
|
||||
|
|
Loading…
Reference in New Issue