@Override public NxtFamilyKey toEncrypted(KeyCrypter keyCrypter, KeyParameter aesKey) { checkState(!entropy.isEncrypted(), "Attempt to encrypt a key that is already encrypted."); return new NxtFamilyKey(entropy.encrypt(keyCrypter, aesKey, null), publicKey); }
@Override public NxtFamilyKey toEncrypted(KeyCrypter keyCrypter, KeyParameter aesKey) { checkState(!entropy.isEncrypted(), "Attempt to encrypt a key that is already encrypted."); return new NxtFamilyKey(entropy.encrypt(keyCrypter, aesKey, null), publicKey); }
SimpleHDKeyChain(DeterministicKey rootkey, @Nullable KeyCrypter crypter, @Nullable KeyParameter key) { simpleKeyChain = new SimpleKeyChain(crypter); if (crypter != null && !rootkey.isEncrypted()) { this.rootKey = rootkey.encrypt(crypter, key, null); } else { this.rootKey = rootkey; } initializeHierarchyUnencrypted(rootKey); }
SimpleHDKeyChain(DeterministicKey rootkey, @Nullable KeyCrypter crypter, @Nullable KeyParameter key) { simpleKeyChain = new SimpleKeyChain(crypter); if (crypter != null && !rootkey.isEncrypted()) { this.rootKey = rootkey.encrypt(crypter, key, null); } else { this.rootKey = rootkey; } initializeHierarchyUnencrypted(rootKey); }
public NxtFamilyKey(DeterministicKey entropy, @Nullable KeyCrypter keyCrypter, @Nullable KeyParameter key) { checkArgument(!entropy.isEncrypted(), "Entropy must not be encrypted"); this.publicKey = Crypto.getPublicKey(entropy.getPrivKeyBytes()); // Encrypt entropy if needed if (keyCrypter != null && key != null) { this.entropy = entropy.encrypt(keyCrypter, key, entropy.getParent()); } else { this.entropy = entropy; } }
public NxtFamilyKey(DeterministicKey entropy, @Nullable KeyCrypter keyCrypter, @Nullable KeyParameter key) { checkArgument(!entropy.isEncrypted(), "Entropy must not be encrypted"); this.publicKey = Crypto.getPublicKey(entropy.getPrivKeyBytes()); // Encrypt entropy if needed if (keyCrypter != null && key != null) { this.entropy = entropy.encrypt(keyCrypter, key, entropy.getParent()); } else { this.entropy = entropy; } }
/** * Encrypt the keys in the group using the KeyCrypter and the AES key. A good default KeyCrypter to use is * {@link org.bitcoinj.crypto.KeyCrypterScrypt}. * * @throws org.bitcoinj.crypto.KeyCrypterException Thrown if the wallet encryption fails for some reason, * leaving the group unchanged. */ public void encrypt(KeyCrypter keyCrypter, KeyParameter aesKey) { checkNotNull(keyCrypter, "Attempting to encrypt with a null KeyCrypter"); checkNotNull(aesKey, "Attempting to encrypt with a null KeyParameter"); lock.lock(); try { if (seed != null) seed = seed.encrypt(keyCrypter, aesKey); masterKey = masterKey.encrypt(keyCrypter, aesKey, null); for (WalletAccount account : accounts.values()) { if (account.isEncryptable()) { account.encrypt(keyCrypter, aesKey); } } } finally { lock.unlock(); } }
/** * Encrypt the keys in the group using the KeyCrypter and the AES key. A good default KeyCrypter to use is * {@link org.bitcoinj.crypto.KeyCrypterScrypt}. * * @throws org.bitcoinj.crypto.KeyCrypterException Thrown if the wallet encryption fails for some reason, * leaving the group unchanged. */ public void encrypt(KeyCrypter keyCrypter, KeyParameter aesKey) { checkNotNull(keyCrypter, "Attempting to encrypt with a null KeyCrypter"); checkNotNull(aesKey, "Attempting to encrypt with a null KeyParameter"); lock.lock(); try { if (seed != null) seed = seed.encrypt(keyCrypter, aesKey); masterKey = masterKey.encrypt(keyCrypter, aesKey, null); for (WalletAccount account : accounts.values()) { if (account.isEncryptable()) { account.encrypt(keyCrypter, aesKey); } } } finally { lock.unlock(); } }
private DeterministicKey encryptNonLeaf(KeyParameter aesKey, DeterministicKeyChain chain, DeterministicKey parent, ImmutableList<ChildNumber> path) { DeterministicKey key = chain.hierarchy.get(path, false, false); key = key.encrypt(checkNotNull(basicKeyChain.getKeyCrypter()), aesKey, parent); hierarchy.putKey(key); basicKeyChain.importKey(key); return key; }
private DeterministicKey encryptNonLeaf(KeyParameter aesKey, DeterministicKeyChain chain, DeterministicKey parent, ImmutableList<ChildNumber> path) { DeterministicKey key = chain.hierarchy.get(path, false, false); key = key.encrypt(checkNotNull(basicKeyChain.getKeyCrypter()), aesKey, parent); hierarchy.putKey(key); basicKeyChain.importKey(key); return key; }
private DeterministicKey encryptNonLeaf(KeyParameter aesKey, DeterministicKeyChain chain, DeterministicKey parent, ImmutableList<ChildNumber> path) { DeterministicKey key = chain.hierarchy.get(path, false, false); key = key.encrypt(checkNotNull(basicKeyChain.getKeyCrypter()), aesKey, parent); hierarchy.putKey(key); basicKeyChain.importKey(key); return key; }
private DeterministicKey encryptNonLeaf(KeyParameter aesKey, SimpleHDKeyChain chain, DeterministicKey parent, ImmutableList<ChildNumber> path) { DeterministicKey key = chain.hierarchy.get(path, true, false); key = key.encrypt(checkNotNull(simpleKeyChain.getKeyCrypter(), "Chain has null KeyCrypter"), aesKey, parent); hierarchy.putKey(key); simpleKeyChain.importKey(key); return key; }
private DeterministicKey encryptNonLeaf(KeyParameter aesKey, DeterministicKeyChain chain, DeterministicKey parent, ImmutableList<ChildNumber> path) { DeterministicKey key = chain.hierarchy.get(path, false, false); key = key.encrypt(checkNotNull(basicKeyChain.getKeyCrypter()), aesKey, parent); hierarchy.putKey(key); basicKeyChain.importKey(key); return key; }
private DeterministicKey encryptNonLeaf(KeyParameter aesKey, SimpleHDKeyChain chain, DeterministicKey parent, ImmutableList<ChildNumber> path) { DeterministicKey key = chain.hierarchy.get(path, true, false); key = key.encrypt(checkNotNull(simpleKeyChain.getKeyCrypter(), "Chain has null KeyCrypter"), aesKey, parent); hierarchy.putKey(key); simpleKeyChain.importKey(key); return key; }
basicKeyChain = new BasicKeyChain(crypter); rootKey = chain.rootKey.encrypt(crypter, aesKey, null); hierarchy = new DeterministicHierarchy(rootKey); basicKeyChain.importKey(rootKey);
private SimpleHDKeyChain(KeyCrypter crypter, KeyParameter aesKey, SimpleHDKeyChain chain) { checkArgument(!chain.rootKey.isEncrypted(), "Chain already encrypted"); this.issuedExternalKeys = chain.issuedExternalKeys; this.issuedInternalKeys = chain.issuedInternalKeys; this.lookaheadSize = chain.lookaheadSize; this.lookaheadThreshold = chain.lookaheadThreshold; simpleKeyChain = new SimpleKeyChain(crypter); // The first number is the "account number" but we don't use that feature. rootKey = chain.rootKey.encrypt(crypter, aesKey, null); hierarchy = new DeterministicHierarchy(rootKey); simpleKeyChain.importKey(rootKey); externalKey = encryptNonLeaf(aesKey, chain, rootKey, EXTERNAL_PATH); internalKey = encryptNonLeaf(aesKey, chain, rootKey, INTERNAL_PATH); // Now copy the (pubkey only) leaf keys across to avoid rederiving them. The private key bytes are missing // anyway so there's nothing to encrypt. for (ECKey eckey : chain.simpleKeyChain.getKeys()) { DeterministicKey key = (DeterministicKey) eckey; if (!isLeaf(key)) continue; // Not a leaf key. DeterministicKey parent = hierarchy.get(checkNotNull(key.getParent(), "Key has no parent").getPath(), false, false); // Clone the key to the new encrypted hierarchy. key = new DeterministicKey(key.getPubOnly(), parent); hierarchy.putKey(key); simpleKeyChain.importKey(key); } }
private SimpleHDKeyChain(KeyCrypter crypter, KeyParameter aesKey, SimpleHDKeyChain chain) { checkArgument(!chain.rootKey.isEncrypted(), "Chain already encrypted"); this.issuedExternalKeys = chain.issuedExternalKeys; this.issuedInternalKeys = chain.issuedInternalKeys; this.lookaheadSize = chain.lookaheadSize; this.lookaheadThreshold = chain.lookaheadThreshold; simpleKeyChain = new SimpleKeyChain(crypter); // The first number is the "account number" but we don't use that feature. rootKey = chain.rootKey.encrypt(crypter, aesKey, null); hierarchy = new DeterministicHierarchy(rootKey); simpleKeyChain.importKey(rootKey); externalKey = encryptNonLeaf(aesKey, chain, rootKey, EXTERNAL_PATH); internalKey = encryptNonLeaf(aesKey, chain, rootKey, INTERNAL_PATH); // Now copy the (pubkey only) leaf keys across to avoid rederiving them. The private key bytes are missing // anyway so there's nothing to encrypt. for (ECKey eckey : chain.simpleKeyChain.getKeys()) { DeterministicKey key = (DeterministicKey) eckey; if (!isLeaf(key)) continue; // Not a leaf key. DeterministicKey parent = hierarchy.get(checkNotNull(key.getParent(), "Key has no parent").getPath(), false, false); // Clone the key to the new encrypted hierarchy. key = new DeterministicKey(key.getPubOnly(), parent); hierarchy.putKey(key); simpleKeyChain.importKey(key); } }
rootKey = chain.rootKey.encrypt(crypter, aesKey, null); hierarchy = new DeterministicHierarchy(rootKey); basicKeyChain.importKey(rootKey);
basicKeyChain = new BasicKeyChain(crypter); rootKey = chain.rootKey.encrypt(crypter, aesKey, null); hierarchy = new DeterministicHierarchy(rootKey); basicKeyChain.importKey(rootKey);
@Test public void encryptedDerivation() throws Exception { // Check that encrypting a parent key in the heirarchy and then deriving from it yields a DeterministicKey // with no private key component, and that the private key bytes are derived on demand. KeyCrypter scrypter = new KeyCrypterScrypt(); KeyParameter aesKey = scrypter.deriveKey("we never went to the moon"); DeterministicKey key1 = HDKeyDerivation.createMasterPrivateKey("it was all a hoax".getBytes()); DeterministicKey encryptedKey1 = key1.encrypt(scrypter, aesKey, null); DeterministicKey decryptedKey1 = encryptedKey1.decrypt(aesKey); assertEquals(key1, decryptedKey1); DeterministicKey key2 = HDKeyDerivation.deriveChildKey(key1, ChildNumber.ZERO); DeterministicKey derivedKey2 = HDKeyDerivation.deriveChildKey(encryptedKey1, ChildNumber.ZERO); assertTrue(derivedKey2.isEncrypted()); // parent is encrypted. DeterministicKey decryptedKey2 = derivedKey2.decrypt(aesKey); assertFalse(decryptedKey2.isEncrypted()); assertEquals(key2, decryptedKey2); Sha256Hash hash = Sha256Hash.of("the mainstream media won't cover it. why is that?".getBytes()); try { derivedKey2.sign(hash); fail(); } catch (ECKey.KeyIsEncryptedException e) { // Ignored. } ECKey.ECDSASignature signature = derivedKey2.sign(hash, aesKey); assertTrue(derivedKey2.verify(hash, signature)); }