void RandAddSeed() { // Seed with CPU performance counter int64_t nCounter = GetPerformanceCounter(); RAND_add(&nCounter, sizeof(nCounter), 1.5); memory_cleanse((void*)&nCounter, sizeof(nCounter)); }
int CCrypter::BytesToKeySHA512AES(const std::vector<unsigned char>& chSalt, const SecureString& strKeyData, int count, unsigned char *key,unsigned char *iv) const { // This mimics the behavior of openssl's EVP_BytesToKey with an aes256cbc // cipher and sha512 message digest. Because sha512's output size (64b) is // greater than the aes256 block size (16b) + aes256 key size (32b), // there's no need to process more than once (D_0). if(!count || !key || !iv) return 0; unsigned char buf[CSHA512::OUTPUT_SIZE]; CSHA512 di; di.Write((const unsigned char*)strKeyData.c_str(), strKeyData.size()); di.Write(chSalt.data(), chSalt.size()); di.Finalize(buf); for(int i = 0; i != count - 1; i++) di.Reset().Write(buf, sizeof(buf)).Finalize(buf); memcpy(key, buf, WALLET_CRYPTO_KEY_SIZE); memcpy(iv, buf + WALLET_CRYPTO_KEY_SIZE, WALLET_CRYPTO_IV_SIZE); memory_cleanse(buf, sizeof(buf)); return WALLET_CRYPTO_KEY_SIZE; }
void PosixLockedPageAllocator::FreeLocked(void* addr, size_t len) { len = align_up(len, page_size); memory_cleanse(addr, len); munlock(addr, len); munmap(addr, len); }
bool OldSetKeyFromPassphrase(const SecureString& strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod, unsigned char* chKey, unsigned char* chIV) { if (nRounds < 1 || chSalt.size() != WALLET_CRYPTO_SALT_SIZE) return false; int i = 0; if (nDerivationMethod == 0) i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha512(), &chSalt[0], (unsigned char *)&strKeyData[0], strKeyData.size(), nRounds, chKey, chIV); if (i != (int)WALLET_CRYPTO_KEY_SIZE) { memory_cleanse(chKey, WALLET_CRYPTO_KEY_SIZE); memory_cleanse(chIV, WALLET_CRYPTO_IV_SIZE); return false; } return true; }
bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod) { if (nRounds < 1 || chSalt.size() != WALLET_CRYPTO_SALT_SIZE) return false; int i = 0; if (nDerivationMethod == 0) i = BytesToKeySHA512AES(chSalt, strKeyData, nRounds, vchKey.data(), vchIV.data()); if (i != (int)WALLET_CRYPTO_KEY_SIZE) { memory_cleanse(vchKey.data(), vchKey.size()); memory_cleanse(vchIV.data(), vchIV.size()); return false; } fKeySet = true; return true; }
std::string EncodeExtKey(const CExtKey& key) { std::vector<unsigned char> data = Params().Base58Prefix(CChainParams::EXT_SECRET_KEY); size_t size = data.size(); data.resize(size + BIP32_EXTKEY_SIZE); key.Encode(data.data() + size); std::string ret = EncodeBase58Check(data); memory_cleanse(data.data(), data.size()); return ret; }
std::string EncodeSecret(const CKey& key) { assert(key.IsValid()); std::vector<unsigned char> data = Params().Base58Prefix(CChainParams::SECRET_KEY); data.insert(data.end(), key.begin(), key.end()); if (key.IsCompressed()) { data.push_back(1); } std::string ret = EncodeBase58Check(data); memory_cleanse(data.data(), data.size()); return ret; }
CKey DecodeSecret(const std::string& str) { CKey key; std::vector<unsigned char> data; if (DecodeBase58Check(str, data)) { const std::vector<unsigned char>& privkey_prefix = Params().Base58Prefix(CChainParams::SECRET_KEY); if ((data.size() == 32 + privkey_prefix.size() || (data.size() == 33 + privkey_prefix.size() && data.back() == 1)) && std::equal(privkey_prefix.begin(), privkey_prefix.end(), data.begin())) { bool compressed = data.size() == 33 + privkey_prefix.size(); key.Set(data.begin() + privkey_prefix.size(), data.begin() + privkey_prefix.size() + 32, compressed); } } memory_cleanse(data.data(), data.size()); return key; }
bool CBase58Data::SetString(const char* psz, unsigned int nVersionBytes) { std::vector<unsigned char> vchTemp; bool rc58 = DecodeBase58Check(psz, vchTemp); if ((!rc58) || (vchTemp.size() < nVersionBytes)) { vchData.clear(); vchVersion.clear(); return false; } vchVersion.assign(vchTemp.begin(), vchTemp.begin() + nVersionBytes); vchData.resize(vchTemp.size() - nVersionBytes); if (!vchData.empty()) memcpy(&vchData[0], &vchTemp[nVersionBytes], vchData.size()); memory_cleanse(&vchTemp[0], vchData.size()); return true; }
bool cbase58data::setstring(const char* psz, unsigned int nversionbytes) { std::vector<unsigned char> vchtemp; bool rc58 = decodebase58check(psz, vchtemp); if ((!rc58) || (vchtemp.size() < nversionbytes)) { vchdata.clear(); vchversion.clear(); return false; } vchversion.assign(vchtemp.begin(), vchtemp.begin() + nversionbytes); vchdata.resize(vchtemp.size() - nversionbytes); if (!vchdata.empty()) memcpy(&vchdata[0], &vchtemp[nversionbytes], vchdata.size()); memory_cleanse(&vchtemp[0], vchdata.size()); return true; }
void GetStrongRandBytes(unsigned char* out, int num) { assert(num <= 32); CSHA512 hasher; unsigned char buf[64]; // First source: OpenSSL's RNG RandAddSeedPerfmon(); GetRandBytes(buf, 32); hasher.Write(buf, 32); // Second source: OS RNG GetOSRand(buf); hasher.Write(buf, 32); // Produce output hasher.Finalize(buf); memcpy(out, buf, num); memory_cleanse(buf, 64); }
void RandAddSeedPerfmon() { RandAddSeed(); #ifdef WIN32 // Don't need this on Linux, OpenSSL automatically uses /dev/urandom // Seed with the entire set of perfmon data // This can take up to 2 seconds, so only do it every 10 minutes static int64_t nLastPerfmon; if (GetTime() < nLastPerfmon + 10 * 60) return; nLastPerfmon = GetTime(); std::vector<unsigned char> vData(250000, 0); long ret = 0; unsigned long nSize = 0; const size_t nMaxSize = 10000000; // Bail out at more than 10MB of performance data while (true) { nSize = vData.size(); ret = RegQueryValueExA(HKEY_PERFORMANCE_DATA, "Global", NULL, NULL, begin_ptr(vData), &nSize); if (ret != ERROR_MORE_DATA || vData.size() >= nMaxSize) break; vData.resize(std::max((vData.size() * 3) / 2, nMaxSize)); // Grow size of buffer exponentially } RegCloseKey(HKEY_PERFORMANCE_DATA); if (ret == ERROR_SUCCESS) { RAND_add(begin_ptr(vData), nSize, nSize / 100.0); memory_cleanse(begin_ptr(vData), nSize); LogPrint("rand", "%s: %lu bytes\n", __func__, nSize); } else { static bool warned = false; // Warn only once if (!warned) { LogPrint("INFO", "%s: Warning: RegQueryValueExA(HKEY_PERFORMANCE_DATA) failed with code %i\n", __func__, ret); warned = true; } } #endif }
void Win32LockedPageAllocator::FreeLocked(void* addr, size_t len) { len = align_up(len, page_size); memory_cleanse(addr, len); VirtualUnlock(const_cast<void*>(addr), len); }