doc/html/crypter_8h_source.html

 // Copyright (c) 2009-present The Bitcoin Core developers
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.

 #ifndef BITCOIN_WALLET_CRYPTER_H
 #define BITCOIN_WALLET_CRYPTER_H

 #include <serialize.h>
 #include <support/allocators/secure.h>
 #include <script/signingprovider.h>


 namespace wallet {
 const unsigned int WALLET_CRYPTO_KEY_SIZE = 32;
 const unsigned int WALLET_CRYPTO_SALT_SIZE = 8;
 const unsigned int WALLET_CRYPTO_IV_SIZE = 16;

 class CMasterKey
 {
 public:
     std::vector<unsigned char> vchCryptedKey;
     std::vector<unsigned char> vchSalt;
     unsigned int nDerivationMethod;
     unsigned int nDeriveIterations;
     std::vector<unsigned char> vchOtherDerivationParameters;

     // 25000 rounds is just under 0.1 seconds on a 1.86 GHz Pentium M
     // ie slightly lower than the lowest hardware we need bother supporting
     static constexpr unsigned int DEFAULT_DERIVE_ITERATIONS = 25000;

     SERIALIZE_METHODS(CMasterKey, obj)
     {
         READWRITE(obj.vchCryptedKey, obj.vchSalt, obj.nDerivationMethod, obj.nDeriveIterations, obj.vchOtherDerivationParameters);
     }

     CMasterKey()
     {
         nDeriveIterations = DEFAULT_DERIVE_ITERATIONS;
         nDerivationMethod = 0;
         vchOtherDerivationParameters = std::vector<unsigned char>(0);
     }
 };

 typedef std::vector<unsigned char, secure_allocator<unsigned char> > CKeyingMaterial;

 namespace wallet_crypto_tests
 {
     class TestCrypter;
 }

 class CCrypter
 {
 friend class wallet_crypto_tests::TestCrypter; // for test access to chKey/chIV
 private:
     std::vector<unsigned char, secure_allocator<unsigned char>> vchKey;
     std::vector<unsigned char, secure_allocator<unsigned char>> vchIV;
     bool fKeySet;

     int BytesToKeySHA512AES(std::span<const unsigned char> salt, const SecureString& key_data, int count, unsigned char* key, unsigned char* iv) const;

 public:
     bool SetKeyFromPassphrase(const SecureString& key_data, std::span<const unsigned char> salt, unsigned int rounds, unsigned int derivation_method);
     bool Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned char> &vchCiphertext) const;
     bool Decrypt(std::span<const unsigned char> ciphertext, CKeyingMaterial& plaintext) const;
     bool SetKey(const CKeyingMaterial& new_key, std::span<const unsigned char> new_iv);

     void CleanKey()
     {
         memory_cleanse(vchKey.data(), vchKey.size());
         memory_cleanse(vchIV.data(), vchIV.size());
         fKeySet = false;
     }

     CCrypter()
     {
         fKeySet = false;
         vchKey.resize(WALLET_CRYPTO_KEY_SIZE);
         vchIV.resize(WALLET_CRYPTO_IV_SIZE);
     }

     ~CCrypter()
     {
         CleanKey();
     }
 };

 bool EncryptSecret(const CKeyingMaterial& vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256& nIV, std::vector<unsigned char> &vchCiphertext);
 bool DecryptSecret(const CKeyingMaterial& master_key, std::span<const unsigned char> ciphertext, const uint256& iv, CKeyingMaterial& plaintext);
 bool DecryptKey(const CKeyingMaterial& master_key, std::span<const unsigned char> crypted_secret, const CPubKey& pub_key, CKey& key);
 } // namespace wallet

 #endif // BITCOIN_WALLET_CRYPTER_H
wallet::CMasterKey
Private key encryption is done based on a CMasterKey, which holds a salt and random encryption key...
Definition: crypter.h:34

wallet::CCrypter::BytesToKeySHA512AES
int BytesToKeySHA512AES(std::span< const unsigned char > salt, const SecureString &key_data, int count, unsigned char *key, unsigned char *iv) const
Definition: crypter.cpp:15

wallet::DecryptSecret
bool DecryptSecret(const CKeyingMaterial &master_key, const std::span< const unsigned char > ciphertext, const uint256 &iv, CKeyingMaterial &plaintext)
Definition: crypter.cpp:121

wallet::CMasterKey::vchOtherDerivationParameters
std::vector< unsigned char > vchOtherDerivationParameters
Use this for more parameters to key derivation (currently unused)
Definition: crypter.h:43

wallet::CMasterKey::SERIALIZE_METHODS
SERIALIZE_METHODS(CMasterKey, obj)
Definition: crypter.h:50

wallet::CCrypter::vchKey
std::vector< unsigned char, secure_allocator< unsigned char > > vchKey
Definition: crypter.h:75

wallet::CCrypter::~CCrypter
~CCrypter()
Definition: crypter.h:101

wallet::CCrypter::Encrypt
bool Encrypt(const CKeyingMaterial &vchPlaintext, std::vector< unsigned char > &vchCiphertext) const
Definition: crypter.cpp:76

SecureString
std::basic_string< char, std::char_traits< char >, secure_allocator< char > > SecureString
Definition: secure.h:53

wallet::CCrypter::SetKeyFromPassphrase
bool SetKeyFromPassphrase(const SecureString &key_data, std::span< const unsigned char > salt, unsigned int rounds, unsigned int derivation_method)
Definition: crypter.cpp:41

memory_cleanse
void memory_cleanse(void *ptr, size_t len)
Secure overwrite a buffer (possibly containing secret data) with zero-bytes.
Definition: cleanse.cpp:14

serialize.h

wallet::DecryptKey
bool DecryptKey(const CKeyingMaterial &master_key, const std::span< const unsigned char > crypted_secret, const CPubKey &pub_key, CKey &key)
Definition: crypter.cpp:132

wallet::CCrypter::SetKey
bool SetKey(const CKeyingMaterial &new_key, std::span< const unsigned char > new_iv)
Definition: crypter.cpp:63

CPubKey
An encapsulated public key.
Definition: pubkey.h:33

wallet::CMasterKey::CMasterKey
CMasterKey()
Definition: crypter.h:55

wallet::WALLET_CRYPTO_IV_SIZE
const unsigned int WALLET_CRYPTO_IV_SIZE
Definition: crypter.h:16

wallet::CMasterKey::nDeriveIterations
unsigned int nDeriveIterations
Definition: crypter.h:41

wallet
Definition: wallet_balance.cpp:26

wallet::CCrypter::Decrypt
bool Decrypt(std::span< const unsigned char > ciphertext, CKeyingMaterial &plaintext) const
Definition: crypter.cpp:94

wallet::CMasterKey::nDerivationMethod
unsigned int nDerivationMethod
0 = EVP_sha512()
Definition: crypter.h:40

wallet::CCrypter::vchIV
std::vector< unsigned char, secure_allocator< unsigned char > > vchIV
Definition: crypter.h:76

uint256
256-bit opaque blob.
Definition: uint256.h:195

wallet::EncryptSecret
bool EncryptSecret(const CKeyingMaterial &vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256 &nIV, std::vector< unsigned char > &vchCiphertext)
Definition: crypter.cpp:111

wallet::CMasterKey::DEFAULT_DERIVE_ITERATIONS
static constexpr unsigned int DEFAULT_DERIVE_ITERATIONS
Default/minimum number of key derivation rounds.
Definition: crypter.h:48

wallet::TestCrypter
Definition: wallet_crypto_tests.cpp:19

wallet::CMasterKey::vchSalt
std::vector< unsigned char > vchSalt
Definition: crypter.h:38

wallet::WALLET_CRYPTO_KEY_SIZE
const unsigned int WALLET_CRYPTO_KEY_SIZE
Definition: crypter.h:14

count
static int count
Definition: tests_exhaustive.c:34

wallet::CCrypter
Encryption/decryption context with key information.
Definition: crypter.h:71

wallet::CCrypter::TestCrypter
friend class wallet_crypto_tests::TestCrypter
Definition: crypter.h:73

wallet::CCrypter::CCrypter
CCrypter()
Definition: crypter.h:94

wallet::CCrypter::CleanKey
void CleanKey()
Definition: crypter.h:87

wallet::CMasterKey::vchCryptedKey
std::vector< unsigned char > vchCryptedKey
Definition: crypter.h:37

CKey
An encapsulated private key.
Definition: key.h:35

signingprovider.h

READWRITE
#define READWRITE(...)
Definition: serialize.h:145

wallet::WALLET_CRYPTO_SALT_SIZE
const unsigned int WALLET_CRYPTO_SALT_SIZE
Definition: crypter.h:15

wallet::CCrypter::fKeySet
bool fKeySet
Definition: crypter.h:77

secure.h

wallet::CKeyingMaterial
std::vector< unsigned char, secure_allocator< unsigned char > > CKeyingMaterial
Definition: crypter.h:63