// Copyright (c) 2014-2020, The Monero Project // // All rights reserved. // // Redistribution and use in source and binary forms, with or without modification, are // permitted provided that the following conditions are met: // // 1. Redistributions of source code must retain the above copyright notice, this list of // conditions and the following disclaimer. // // 2. Redistributions in binary form must reproduce the above copyright notice, this list // of conditions and the following disclaimer in the documentation and/or other // materials provided with the distribution. // // 3. Neither the name of the copyright holder nor the names of its contributors may be // used to endorse or promote products derived from this software without specific // prior written permission. // // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, // PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. // // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers #include #include "include_base_utils.h" #include "account.h" #include "warnings.h" #include "crypto/crypto.h" extern "C" { #include "crypto/keccak.h" } #include "cryptonote_basic_impl.h" #include "cryptonote_format_utils.h" #include "cryptonote_config.h" #undef MONERO_DEFAULT_LOG_CATEGORY #define MONERO_DEFAULT_LOG_CATEGORY "account" using namespace std; DISABLE_VS_WARNINGS(4244 4345) namespace cryptonote { //----------------------------------------------------------------- hw::device& account_keys::get_device() const { return *m_device; } //----------------------------------------------------------------- void account_keys::set_device( hw::device &hwdev) { m_device = &hwdev; MCDEBUG("device", "account_keys::set_device device type: "<> data; memcpy(data.data(), &base_key, sizeof(base_key)); data[sizeof(base_key)] = config::HASH_KEY_MEMORY; crypto::generate_chacha_key(data.data(), sizeof(data), key, 1); } // Prepare IVs and start chacha for encryption void account_keys::encrypt_wrapper(const crypto::chacha_key &key, const bool all_keys) { // Set a fresh IV only for all-key encryption if (all_keys) m_encryption_iv = crypto::rand(); // Now do the chacha chacha_wrapper(key, all_keys); } // Start chacha for decryption void account_keys::decrypt_wrapper(const crypto::chacha_key &key, const bool all_keys) { chacha_wrapper(key, all_keys); } // Decrypt keys using the legacy method void account_keys::decrypt_legacy(const crypto::chacha_key &key) { // Derive domain-separated chacha key crypto::chacha_key derived_key; derive_key(key, derived_key); // Build key stream epee::wipeable_string temp(std::string(sizeof(crypto::secret_key)*(2 + m_multisig_keys.size()), '\0')); epee::wipeable_string stream = temp; crypto::chacha20(temp.data(), temp.size(), derived_key, m_encryption_iv, stream.data()); // Decrypt all keys const char *ptr = stream.data(); for (size_t i = 0; i < sizeof(crypto::secret_key); ++i) m_spend_secret_key.data[i] ^= *ptr++; for (size_t i = 0; i < sizeof(crypto::secret_key); ++i) m_view_secret_key.data[i] ^= *ptr++; for (crypto::secret_key &k: m_multisig_keys) { for (size_t i = 0; i < sizeof(crypto::secret_key); ++i) k.data[i] ^= *ptr++; } } // Perform chacha on either the view key or all keys void account_keys::chacha_wrapper(const crypto::chacha_key &key, const bool all_keys) { // Derive domain-seprated chacha key crypto::chacha_key derived_key; derive_key(key, derived_key); // Chacha the specified keys using the appropriate IVs if (all_keys) { // Spend key crypto::secret_key temp_key; chacha20((char *) &m_spend_secret_key, sizeof(crypto::secret_key), derived_key, m_encryption_iv, (char *) &temp_key); memcpy(&m_spend_secret_key, &temp_key, sizeof(crypto::secret_key)); memwipe(&temp_key, sizeof(crypto::secret_key)); // Multisig keys std::vector temp_keys; temp_keys.reserve(m_multisig_keys.size()); temp_keys.resize(m_multisig_keys.size()); chacha20((char *) &m_multisig_keys[0], sizeof(crypto::secret_key)*m_multisig_keys.size(), derived_key, m_encryption_iv, (char *) &temp_keys[0]); memcpy(&m_multisig_keys[0], &temp_keys[0], sizeof(crypto::secret_key)*temp_keys.size()); memwipe(&temp_keys[0], sizeof(crypto::secret_key)*temp_keys.size()); } // View key crypto::secret_key temp_key; chacha20((char *) &m_view_secret_key, sizeof(crypto::secret_key), derived_key, m_encryption_iv, (char *) &temp_key); memcpy(&m_view_secret_key, &temp_key, sizeof(crypto::secret_key)); memwipe(&temp_key, sizeof(crypto::secret_key)); } account_base::account_base() { set_null(); } //----------------------------------------------------------------- void account_base::set_null() { m_keys = account_keys(); m_creation_timestamp = 0; } //----------------------------------------------------------------- void account_base::deinit() { try{ m_keys.get_device().disconnect(); } catch (const std::exception &e){ MERROR("Device disconnect exception: " << e.what()); } } //----------------------------------------------------------------- void account_base::forget_spend_key() { m_keys.m_spend_secret_key = crypto::secret_key(); m_keys.m_multisig_keys.clear(); } //----------------------------------------------------------------- crypto::secret_key account_base::generate(const crypto::secret_key& recovery_key, bool recover, bool two_random) { crypto::secret_key first = generate_keys(m_keys.m_account_address.m_spend_public_key, m_keys.m_spend_secret_key, recovery_key, recover); // rng for generating second set of keys is hash of first rng. means only one set of electrum-style words needed for recovery crypto::secret_key second; keccak((uint8_t *)&m_keys.m_spend_secret_key, sizeof(crypto::secret_key), (uint8_t *)&second, sizeof(crypto::secret_key)); generate_keys(m_keys.m_account_address.m_view_public_key, m_keys.m_view_secret_key, second, two_random ? false : true); struct tm timestamp = {0}; timestamp.tm_year = 2014 - 1900; // year 2014 timestamp.tm_mon = 6 - 1; // month june timestamp.tm_mday = 8; // 8th of june timestamp.tm_hour = 0; timestamp.tm_min = 0; timestamp.tm_sec = 0; if (recover) { m_creation_timestamp = mktime(×tamp); if (m_creation_timestamp == (uint64_t)-1) // failure m_creation_timestamp = 0; // lowest value } else { m_creation_timestamp = time(NULL); } return first; } //----------------------------------------------------------------- void account_base::create_from_keys(const cryptonote::account_public_address& address, const crypto::secret_key& spendkey, const crypto::secret_key& viewkey) { m_keys.m_account_address = address; m_keys.m_spend_secret_key = spendkey; m_keys.m_view_secret_key = viewkey; struct tm timestamp = {0}; timestamp.tm_year = 2014 - 1900; // year 2014 timestamp.tm_mon = 4 - 1; // month april timestamp.tm_mday = 15; // 15th of april timestamp.tm_hour = 0; timestamp.tm_min = 0; timestamp.tm_sec = 0; m_creation_timestamp = mktime(×tamp); if (m_creation_timestamp == (uint64_t)-1) // failure m_creation_timestamp = 0; // lowest value } //----------------------------------------------------------------- void account_base::create_from_device(const std::string &device_name) { hw::device &hwdev = hw::get_device(device_name); hwdev.set_name(device_name); create_from_device(hwdev); } void account_base::create_from_device(hw::device &hwdev) { m_keys.set_device(hwdev); MCDEBUG("device", "device type: "< &multisig_keys) { m_keys.m_account_address.m_spend_public_key = spend_public_key; m_keys.m_view_secret_key = view_secret_key; m_keys.m_spend_secret_key = spend_secret_key; m_keys.m_multisig_keys = multisig_keys; return crypto::secret_key_to_public_key(view_secret_key, m_keys.m_account_address.m_view_public_key); } //----------------------------------------------------------------- void account_base::finalize_multisig(const crypto::public_key &spend_public_key) { m_keys.m_account_address.m_spend_public_key = spend_public_key; } //----------------------------------------------------------------- const account_keys& account_base::get_keys() const { return m_keys; } //----------------------------------------------------------------- std::string account_base::get_public_address_str(network_type nettype) const { //TODO: change this code into base 58 return get_account_address_as_str(nettype, false, m_keys.m_account_address); } //----------------------------------------------------------------- std::string account_base::get_public_integrated_address_str(const crypto::hash8 &payment_id, network_type nettype) const { //TODO: change this code into base 58 return get_account_integrated_address_as_str(nettype, m_keys.m_account_address, payment_id); } //----------------------------------------------------------------- }