serializedAsymmetricKey TrezorCrypto::SeedToPrivateKey(const OTPassword& seed)
const
{
serializedAsymmetricKey derivedKey;
HDNode node;
int result = ::hdnode_from_seed(
static_cast<const uint8_t*>(seed.getMemory()),
seed.getMemorySize(),
&node);
OT_ASSERT_MSG((1 == result), "Derivation of root node failed.");
if (1 == result) {
derivedKey = HDNodeToSerialized(node, TrezorCrypto::DERIVE_PRIVATE);
}
OTPassword root;
App::Me().Crypto().Hash().Digest(
CryptoHash::HASH160,
seed,
root);
derivedKey->mutable_path()->set_root(
root.getMemory(),
root.getMemorySize());
return derivedKey;
}
// static
bool OTKeyring::Mac_StoreSecret(const OTString& strUser,
const OTPassword& thePassword,
const std::string& str_display)
{
OT_ASSERT(strUser.Exists());
OT_ASSERT(thePassword.getMemorySize() > 0);
const std::string service_name = "opentxs";
const std::string account_name = strUser.Get();
OTMacKeychain theKeychain;
void* vData =
const_cast<void*>(static_cast<const void*>(thePassword.getMemory()));
OSStatus theError = theKeychain.AddSecret(
nullptr, service_name.size(), service_name.data(), account_name.size(),
account_name.data(), thePassword.getMemorySize(),
vData, // thePassword.getMemory()
nullptr);
if (theError != noErr) {
otErr
<< "OTKeyring::Mac_StoreSecret: Error in theKeychain.AddSecret.\n";
return false;
}
return true;
}
String CryptoUtil::Base58CheckEncode(const OTPassword& input)
{
const uint8_t* inputStart = static_cast<const uint8_t*>(input.getMemory());
const uint8_t* inputEnd = inputStart + input.getMemorySize();
String encodedInput = ::EncodeBase58Check(inputStart, inputEnd);
return encodedInput;
}
std::string TrezorCrypto::toWords(const OTPassword& seed) const
{
std::string wordlist(
::mnemonic_from_data(
static_cast<const uint8_t*>(seed.getMemory()),
seed.getMemorySize()));
return wordlist;
}
bool Server::SetPrivateKey(const OTPassword& key) const
{
if (CURVE_KEY_BYTES != key.getMemorySize()) {
otErr << OT_METHOD << __FUNCTION__ << ": Invalid private key."
<< std::endl;
return false;
}
return set_private_key(key.getMemory(), key.getMemorySize());
}
String CryptoUtil::Nonce(const uint32_t size, OTData& rawOutput) const
{
rawOutput.zeroMemory();
rawOutput.SetSize(size);
OTPassword source;
source.randomizeMemory(size);
String nonce(Base58CheckEncode(source));
rawOutput.Assign(source.getMemory(), source.getMemorySize());
return nonce;
}
// static
bool OTKeyring::Gnome_StoreSecret(const OTString& strUser,
const OTPassword& thePassword,
const std::string& str_display)
{
OT_ASSERT(strUser.Exists());
OT_ASSERT(thePassword.getMemorySize() > 0);
OTData theData(thePassword.getMemory(), thePassword.getMemorySize());
OTASCIIArmor ascData(theData);
theData.zeroMemory(); // security reasons.
OTString strOutput;
const bool bSuccess =
ascData.Exists() &&
ascData.WriteArmoredString(strOutput, "DERIVED KEY"); // There's no
// default, to
// force you to
// enter the right
// string.
ascData.zeroMemory();
GnomeKeyringResult theResult = GNOME_KEYRING_RESULT_IO_ERROR;
if (bSuccess && strOutput.Exists()) {
theResult = gnome_keyring_store_password_sync(
GNOME_KEYRING_NETWORK_PASSWORD,
GNOME_KEYRING_DEFAULT, // GNOME_KEYRING_SESSION,
str_display.c_str(), strOutput.Get(), "user", strUser.Get(),
"protocol", "opentxs", // todo: hardcoding.
nullptr);
strOutput.zeroMemory();
bool bResult = false;
if (theResult == GNOME_KEYRING_RESULT_OK)
bResult = true;
else
otErr << "OTKeyring::Gnome_StoreSecret: "
<< "Failure in gnome_keyring_store_password_sync: "
<< gnome_keyring_result_to_message(theResult) << '\n';
return bResult;
}
otOut << "OTKeyring::Gnome_StoreSecret: No secret to store.\n";
return false;
}
OTPassword::OTPassword(const OTPassword & rhs)
: m_nPasswordSize(0),
m_bIsText(rhs.isPassword()),
m_bIsBinary(rhs.isMemory()),
m_bIsPageLocked(false),
m_theBlockSize(rhs.m_theBlockSize) // The buffer has this size+1 as its static size.
{
if (m_bIsText)
{
m_szPassword[0] = '\0';
setPassword(rhs.getPassword(), rhs.getPasswordSize());
}
else if (m_bIsBinary)
{
setMemory(rhs.getMemory(), rhs.getMemorySize());
}
}
// static
bool OTKeyring::KWallet_StoreSecret(const OTString& strUser,
const OTPassword& thePassword,
const std::string& str_display)
{
OT_ASSERT(strUser.Exists());
OT_ASSERT(thePassword.getMemorySize() > 0);
KWallet::Wallet* pWallet = OTKeyring::OpenKWallet();
if (nullptr != pWallet) {
const QString qstrKey(strUser.Get());
OTData theData(thePassword.getMemory(), thePassword.getMemorySize());
OTASCIIArmor ascData(theData);
theData.zeroMemory(); // security reasons.
OTString strOutput;
const bool bSuccess =
ascData.Exists() &&
ascData.WriteArmoredString(
strOutput, "DERIVED KEY"); // There's no default, to force you
// to enter the right string.
ascData.zeroMemory();
// Set the password
//
bool bReturnVal = false;
if (bSuccess && strOutput.Exists() &&
pWallet->writePassword(qstrKey,
QString::fromUtf8(strOutput.Get())) == 0)
bReturnVal = true;
else
otErr << "OTKeyring::KWallet_StoreSecret: Failed trying to store "
"secret into KWallet.\n";
strOutput.zeroMemory();
return bReturnVal;
}
otErr << "OTKeyring::KWallet_StoreSecret: Unable to open kwallet.\n";
return false;
}
bool OTPassword::Compare(OTPassword & rhs) const
{
OT_ASSERT(this->isPassword() || this->isMemory());
OT_ASSERT(rhs.isPassword() || rhs.isMemory());
if (this->isPassword() && !rhs.isPassword())
return false;
if (this->isMemory() && !rhs.isMemory())
return false;
const int nThisSize = this->isPassword() ? this->getPasswordSize() : this->getMemorySize();
const int nRhsSize = rhs.isPassword() ? rhs.getPasswordSize() : rhs.getMemorySize();
if (nThisSize != nRhsSize)
return false;
if (0 == memcmp(this->isPassword() ? this->getPassword() : this->getMemory(),
rhs.isPassword() ? rhs.getPassword() : rhs.getMemory(),
rhs.isPassword() ? rhs.getPasswordSize() : rhs.getMemorySize()) )
return true;
return false;
}
// static
bool OTKeyring::FlatFile_StoreSecret(const String& strUser,
const OTPassword& thePassword,
const std::string& str_display)
{
OT_ASSERT(strUser.Exists());
OT_ASSERT(thePassword.getMemorySize() > 0);
const std::string str_pw_folder(OTKeyring::FlatFile_GetPasswordFolder());
if (!str_pw_folder.empty()) {
String strExactPath;
strExactPath.Format("%s%s%s", str_pw_folder.c_str(),
Log::PathSeparator(), strUser.Get());
const std::string str_ExactPath(strExactPath.Get());
OTData theData(thePassword.getMemory(), thePassword.getMemorySize());
OTASCIIArmor ascData(theData);
theData.zeroMemory(); // security reasons.
// Save the password
//
const bool bSaved =
ascData.Exists() && ascData.SaveToExactPath(str_ExactPath);
ascData.zeroMemory();
if (!bSaved)
otErr << "OTKeyring::FlatFile_StoreSecret: Failed trying to store "
"secret.\n";
return bSaved;
}
otErr << "OTKeyring::FlatFile_StoreSecret: Unable to cache derived key, "
"since password_folder not provided in config file.\n";
return false;
}
// static
bool OTKeyring::Windows_StoreSecret(const OTString& strUser,
const OTPassword& thePassword,
const std::string& str_display)
{
OT_ASSERT(strUser.Exists());
OT_ASSERT(thePassword.getMemorySize() > 0);
DATA_BLOB input;
input.pbData = const_cast<BYTE*>(
reinterpret_cast<const BYTE*>(thePassword.getMemory()));
input.cbData = static_cast<DWORD>(thePassword.getMemorySize());
// CRYPTPROTECT_PROMPTSTRUCT PromptStruct;
// ZeroMemory(&PromptStruct, sizeof(PromptStruct));
// PromptStruct.cbSize = sizeof(PromptStruct);
// PromptStruct.dwPromptFlags = CRYPTPROTECT_PROMPT_ON_PROTECT;
// PromptStruct.szPrompt = L"This is a user prompt.";
DATA_BLOB output;
BOOL result = CryptProtectData(&input, L"", // description string
nullptr, // optional entropy
nullptr, // reserved
nullptr, //&PromptStruct
0, &output);
if (!result) {
otErr << __FUNCTION__ << ": Failed calling Win32: CryptProtectData \n";
return false;
}
//
// this does a copy
//
// std::string ciphertext;
// ciphertext.assign(reinterpret_cast<std::string::value_type*>(output.pbData),
// output.cbData);
OTData theOutput;
theOutput.Assign(static_cast<void*>(output.pbData),
static_cast<uint32_t>(output.cbData));
LocalFree(output.pbData); // Note: should have a check for nullptr here... ?
// And above...
// Success encrypting to ciphertext (std::string or OTData)
//
// Write it to local storage.
//
if (theOutput.IsEmpty()) {
otErr << __FUNCTION__
<< ": Error: Output of Win32 CryptProtectData was empty.\n";
}
else {
OTASCIIArmor ascData(theOutput);
const OTString strFoldername("win32_data"); // todo hardcoding.
if (ascData.Exists())
return ascData.WriteArmoredFile(strFoldername,
strUser, // this is filename
"WINDOWS KEYRING MASTERKEY");
}
return false;
}
