public void encryption(SimpleHDKeyChain unencChain) throws UnreadableWalletException {
    DeterministicKey key1 = unencChain.getKey(KeyChain.KeyPurpose.RECEIVE_FUNDS);
    SimpleHDKeyChain encChain = unencChain.toEncrypted("open secret");
    DeterministicKey encKey1 = encChain.findKeyFromPubKey(key1.getPubKey());
    checkEncryptedKeyChain(encChain, key1);

    // Round-trip to ensure de/serialization works and that we can store two chains and they both
    // deserialize.
    List<Protos.Key> serialized = encChain.toProtobuf();
    System.out.println(protoToString(serialized));
    encChain = SimpleHDKeyChain.fromProtobuf(serialized, encChain.getKeyCrypter());
    checkEncryptedKeyChain(encChain, unencChain.findKeyFromPubKey(key1.getPubKey()));

    DeterministicKey encKey2 = encChain.getKey(KeyChain.KeyPurpose.RECEIVE_FUNDS);
    // Decrypt and check the keys match.
    SimpleHDKeyChain decChain = encChain.toDecrypted("open secret");
    DeterministicKey decKey1 = decChain.findKeyFromPubHash(encKey1.getPubKeyHash());
    DeterministicKey decKey2 = decChain.findKeyFromPubHash(encKey2.getPubKeyHash());
    assertEquals(decKey1.getPubKeyPoint(), encKey1.getPubKeyPoint());
    assertEquals(decKey2.getPubKeyPoint(), encKey2.getPubKeyPoint());
    assertFalse(decKey1.isEncrypted());
    assertFalse(decKey2.isEncrypted());
    assertNotEquals(encKey1.getParent(), decKey1.getParent()); // parts of a different hierarchy
    // Check we can once again derive keys from the decrypted chain.
    decChain.getKey(KeyChain.KeyPurpose.RECEIVE_FUNDS).sign(Sha256Hash.ZERO_HASH);
    decChain.getKey(KeyChain.KeyPurpose.CHANGE).sign(Sha256Hash.ZERO_HASH);
  }
 private void checkEncryptedKeyChain(SimpleHDKeyChain encChain, DeterministicKey key1) {
   // Check we can look keys up and extend the chain without the AES key being provided.
   DeterministicKey encKey1 = encChain.findKeyFromPubKey(key1.getPubKey());
   DeterministicKey encKey2 = encChain.getKey(KeyChain.KeyPurpose.RECEIVE_FUNDS);
   assertFalse(key1.isEncrypted());
   assertTrue(encKey1.isEncrypted());
   assertEquals(encKey1.getPubKeyPoint(), key1.getPubKeyPoint());
   final KeyParameter aesKey = checkNotNull(encChain.getKeyCrypter()).deriveKey("open secret");
   encKey1.sign(Sha256Hash.ZERO_HASH, aesKey);
   encKey2.sign(Sha256Hash.ZERO_HASH, aesKey);
   assertTrue(encChain.checkAESKey(aesKey));
   assertFalse(encChain.checkPassword("access denied"));
   assertTrue(encChain.checkPassword("open secret"));
 }
예제 #3
0
 public DeterministicKey encrypt(
     KeyCrypter keyCrypter, KeyParameter aesKey, @Nullable DeterministicKey newParent)
     throws KeyCrypterException {
   // Same as the parent code, except we construct a DeterministicKey instead of an ECKey.
   checkNotNull(keyCrypter);
   if (newParent != null) checkArgument(newParent.isEncrypted());
   final byte[] privKeyBytes = getPrivKeyBytes();
   checkState(privKeyBytes != null, "Private key is not available");
   EncryptedData encryptedPrivateKey = keyCrypter.encrypt(privKeyBytes, aesKey);
   DeterministicKey key =
       new DeterministicKey(
           childNumberPath, chainCode, keyCrypter, pub, encryptedPrivateKey, newParent);
   if (newParent == null) key.setCreationTimeSeconds(getCreationTimeSeconds());
   return key;
 }
예제 #4
0
 /**
  * A deterministic key is considered to be encrypted if it has access to encrypted private key
  * bytes, OR if its parent does. The reason is because the parent would be encrypted under the
  * same key and this key knows how to rederive its own private key bytes from the parent, if
  * needed.
  */
 @Override
 public boolean isEncrypted() {
   return priv == null && (super.isEncrypted() || (parent != null && parent.isEncrypted()));
 }