@Override public boolean checkAESKey(KeyParameter aesKey) { checkNotNull(aesKey, "Cannot check null KeyParameter"); checkNotNull(getKeyCrypter(), "Key not encrypted"); try { return Arrays.equals(publicKey, Crypto.getPublicKey(entropy.decrypt(aesKey).getPrivKeyBytes())); } catch (KeyCrypterException e) { return false; } }
@Override public boolean checkAESKey(KeyParameter aesKey) { checkNotNull(aesKey, "Cannot check null KeyParameter"); checkNotNull(getKeyCrypter(), "Key not encrypted"); try { return Arrays.equals(publicKey, Crypto.getPublicKey(entropy.decrypt(aesKey).getPrivKeyBytes())); } catch (KeyCrypterException e) { return false; } }
@Override public boolean checkAESKey(KeyParameter aesKey) { checkState(rootKey != null, "Can't check password for a watching chain"); checkNotNull(aesKey); checkState(getKeyCrypter() != null, "Key chain not encrypted"); try { return rootKey.decrypt(aesKey).getPubKeyPoint().equals(rootKey.getPubKeyPoint()); } catch (KeyCrypterException e) { return false; } }
@Override public boolean checkAESKey(KeyParameter aesKey) { checkState(rootKey != null, "Can't check password for a watching chain"); checkNotNull(aesKey); checkState(getKeyCrypter() != null, "Key chain not encrypted"); try { return rootKey.decrypt(aesKey).getPubKeyPoint().equals(rootKey.getPubKeyPoint()); } catch (KeyCrypterException e) { return false; } }
@Override public boolean checkAESKey(KeyParameter aesKey) { checkState(rootKey != null, "Can't check password for a watching chain"); checkNotNull(aesKey); checkState(getKeyCrypter() != null, "Key chain not encrypted"); try { return rootKey.decrypt(aesKey).getPubKeyPoint().equals(rootKey.getPubKeyPoint()); } catch (KeyCrypterException e) { return false; } }
@Override public boolean checkAESKey(KeyParameter aesKey) { checkState(rootKey != null, "Can't check password for a watching chain"); checkNotNull(aesKey); checkState(getKeyCrypter() != null, "Key chain not encrypted"); try { return rootKey.decrypt(aesKey).getPubKeyPoint().equals(rootKey.getPubKeyPoint()); } catch (KeyCrypterException e) { return false; } }
@Override public NxtFamilyKey toDecrypted(KeyParameter aesKey) { checkState(isEncrypted(), "Key is not encrypted"); checkNotNull(getKeyCrypter(), "Key chain not encrypted"); DeterministicKey entropyDecrypted = entropy.decrypt(getKeyCrypter(), aesKey); return new NxtFamilyKey(entropyDecrypted, publicKey); }
@Override public boolean checkAESKey(KeyParameter aesKey) { checkNotNull(aesKey, "Cannot check null KeyParameter"); checkState(getKeyCrypter() != null, "Key chain not encrypted"); try { return rootKey.decrypt(aesKey).getPubKeyPoint().equals(rootKey.getPubKeyPoint()); } catch (KeyCrypterException e) { return false; } }
@Override public NxtFamilyKey toDecrypted(KeyParameter aesKey) { checkState(isEncrypted(), "Key is not encrypted"); checkNotNull(getKeyCrypter(), "Key chain not encrypted"); DeterministicKey entropyDecrypted = entropy.decrypt(getKeyCrypter(), aesKey); return new NxtFamilyKey(entropyDecrypted, publicKey); }
@Override public boolean checkAESKey(KeyParameter aesKey) { checkNotNull(aesKey, "Cannot check null KeyParameter"); checkState(getKeyCrypter() != null, "Key chain not encrypted"); try { return rootKey.decrypt(aesKey).getPubKeyPoint().equals(rootKey.getPubKeyPoint()); } catch (KeyCrypterException e) { return false; } }
/* package */ void decrypt(KeyParameter aesKey) { checkNotNull(aesKey, "Attemting to decrypt with a null KeyParameter"); lock.lock(); try { checkState(isEncrypted(), "Wallet is already decrypted"); if (seed != null) { checkState(seed.isEncrypted(), "Seed is already decrypted"); List<String> mnemonic = null; try { mnemonic = decodeMnemonicCode(getKeyCrypter().decrypt(seed.getEncryptedData(), aesKey)); } catch (UnreadableWalletException e) { throw new RuntimeException(e); } seed = new DeterministicSeed(new byte[16], mnemonic, 0); } masterKey = masterKey.decrypt(getKeyCrypter(), aesKey); for (WalletAccount account : accounts.values()) { if (account.isEncryptable()) { account.decrypt(aesKey); } } } finally { lock.unlock(); } }
private void tryDecrypt(DeterministicKey masterKey, CharSequence password, UnlockResult result) { KeyCrypter crypter = checkNotNull(masterKey.getKeyCrypter()); KeyParameter k = crypter.deriveKey(password); try { result.inputFingerprint = getFingerprint(password.toString().getBytes("UTF-8")); } catch (UnsupportedEncodingException e) { /* Should not happen */ } result.keyFingerprint = getFingerprint(k.getKey()); if (crypter instanceof KeyCrypterScrypt) { result.scryptParams = ((KeyCrypterScrypt) crypter).getScryptParameters(); } try { masterKey.decrypt(crypter, k); result.isUnlockSuccess = true; } catch (KeyCrypterException e) { result.isUnlockSuccess = false; result.error = e.getMessage(); } }
/* package */ void decrypt(KeyParameter aesKey) { checkNotNull(aesKey, "Attemting to decrypt with a null KeyParameter"); lock.lock(); try { checkState(isEncrypted(), "Wallet is already decrypted"); if (seed != null) { checkState(seed.isEncrypted(), "Seed is already decrypted"); List<String> mnemonic = null; try { mnemonic = decodeMnemonicCode(getKeyCrypter().decrypt(seed.getEncryptedData(), aesKey)); } catch (UnreadableWalletException e) { throw new RuntimeException(e); } seed = new DeterministicSeed(new byte[16], mnemonic, 0); } masterKey = masterKey.decrypt(getKeyCrypter(), aesKey); for (WalletAccount account : accounts.values()) { if (account.isEncryptable()) { account.decrypt(aesKey); } } } finally { lock.unlock(); } }
private void tryDecrypt(DeterministicKey masterKey, CharSequence password, UnlockResult result) { KeyCrypter crypter = checkNotNull(masterKey.getKeyCrypter()); KeyParameter k = crypter.deriveKey(password); try { result.inputFingerprint = getFingerprint(password.toString().getBytes("UTF-8")); } catch (UnsupportedEncodingException e) { /* Should not happen */ } result.keyFingerprint = getFingerprint(k.getKey()); if (crypter instanceof KeyCrypterScrypt) { result.scryptParams = ((KeyCrypterScrypt) crypter).getScryptParameters(); } try { masterKey.decrypt(crypter, k); result.isUnlockSuccess = true; } catch (KeyCrypterException e) { result.isUnlockSuccess = false; result.error = e.getMessage(); } }
hierarchy = new DeterministicHierarchy(masterKey.decrypt(getKeyCrypter(), key)); } else { hierarchy= new DeterministicHierarchy(masterKey);
@Override public SimpleHDKeyChain toDecrypted(KeyParameter aesKey) { checkState(getKeyCrypter() != null, "Key chain not encrypted"); checkState(rootKey.isEncrypted(), "Root key not encrypted"); DeterministicKey decKey = rootKey.decrypt(getKeyCrypter(), aesKey); SimpleHDKeyChain chain = new SimpleHDKeyChain(decKey); // Now double check that the keys match to catch the case where the key is wrong but padding didn't catch it. if (!chain.getWatchingKey().getPubKeyPoint().equals(getWatchingKey().getPubKeyPoint())) throw new KeyCrypterException("Provided AES key is wrong"); chain.lookaheadSize = lookaheadSize; // Now copy the (pubkey only) leaf keys across to avoid rederiving them. The private key bytes are missing // anyway so there's nothing to decrypt. for (ECKey eckey : simpleKeyChain.getKeys()) { DeterministicKey key = (DeterministicKey) eckey; if (!isLeaf(key)) continue; // Not a leaf key. checkState(key.isEncrypted(), "Key is not encrypted"); DeterministicKey parent = chain.hierarchy.get(checkNotNull(key.getParent(), "Key has null parent").getPath(), false, false); // Clone the key to the new decrypted hierarchy. key = new DeterministicKey(key.getPubOnly(), parent); chain.hierarchy.putKey(key); chain.simpleKeyChain.importKeys(key); } chain.issuedExternalKeys = issuedExternalKeys; chain.issuedInternalKeys = issuedInternalKeys; return chain; }
@Override public SimpleHDKeyChain toDecrypted(KeyParameter aesKey) { checkState(getKeyCrypter() != null, "Key chain not encrypted"); checkState(rootKey.isEncrypted(), "Root key not encrypted"); DeterministicKey decKey = rootKey.decrypt(getKeyCrypter(), aesKey); SimpleHDKeyChain chain = new SimpleHDKeyChain(decKey); // Now double check that the keys match to catch the case where the key is wrong but padding didn't catch it. if (!chain.getWatchingKey().getPubKeyPoint().equals(getWatchingKey().getPubKeyPoint())) throw new KeyCrypterException("Provided AES key is wrong"); chain.lookaheadSize = lookaheadSize; // Now copy the (pubkey only) leaf keys across to avoid rederiving them. The private key bytes are missing // anyway so there's nothing to decrypt. for (ECKey eckey : simpleKeyChain.getKeys()) { DeterministicKey key = (DeterministicKey) eckey; if (!isLeaf(key)) continue; // Not a leaf key. checkState(key.isEncrypted(), "Key is not encrypted"); DeterministicKey parent = chain.hierarchy.get(checkNotNull(key.getParent(), "Key has null parent").getPath(), false, false); // Clone the key to the new decrypted hierarchy. key = new DeterministicKey(key.getPubOnly(), parent); chain.hierarchy.putKey(key); chain.simpleKeyChain.importKeys(key); } chain.issuedExternalKeys = issuedExternalKeys; chain.issuedInternalKeys = issuedInternalKeys; return chain; }
aesKey = crypter.deriveKey(password); seed = wallet.getSeed().decrypt(crypter, password.toString(), aesKey); masterKey = wallet.getMasterKey().decrypt(crypter, aesKey); } else { masterKey = wallet.getMasterKey();
aesKey = crypter.deriveKey(password); seed = wallet.getSeed().decrypt(crypter, password.toString(), aesKey); masterKey = wallet.getMasterKey().decrypt(crypter, aesKey); } else { masterKey = wallet.getMasterKey();
@Test public void encryptedDerivation() throws Exception { // Check that encrypting a parent key in the heirarchy and then deriving from it yields a DeterministicKey // with no private key component, and that the private key bytes are derived on demand. KeyCrypter scrypter = new KeyCrypterScrypt(); KeyParameter aesKey = scrypter.deriveKey("we never went to the moon"); DeterministicKey key1 = HDKeyDerivation.createMasterPrivateKey("it was all a hoax".getBytes()); DeterministicKey encryptedKey1 = key1.encrypt(scrypter, aesKey, null); DeterministicKey decryptedKey1 = encryptedKey1.decrypt(aesKey); assertEquals(key1, decryptedKey1); DeterministicKey key2 = HDKeyDerivation.deriveChildKey(key1, ChildNumber.ZERO); DeterministicKey derivedKey2 = HDKeyDerivation.deriveChildKey(encryptedKey1, ChildNumber.ZERO); assertTrue(derivedKey2.isEncrypted()); // parent is encrypted. DeterministicKey decryptedKey2 = derivedKey2.decrypt(aesKey); assertFalse(decryptedKey2.isEncrypted()); assertEquals(key2, decryptedKey2); Sha256Hash hash = Sha256Hash.of("the mainstream media won't cover it. why is that?".getBytes()); try { derivedKey2.sign(hash); fail(); } catch (ECKey.KeyIsEncryptedException e) { // Ignored. } ECKey.ECDSASignature signature = derivedKey2.sign(hash, aesKey); assertTrue(derivedKey2.verify(hash, signature)); }