LCOV - code coverage report
Current view: top level - src/wallet/rpc - encrypt.cpp (source / functions) Hit Total Coverage
Test: fuzz_coverage.info Lines: 18 153 11.8 %
Date: 2023-10-05 12:38:51 Functions: 9 22 40.9 %
Branches: 21 560 3.8 %

           Branch data     Line data    Source code
       1                 :            : // Copyright (c) 2011-2022 The Bitcoin Core developers
       2                 :            : // Distributed under the MIT software license, see the accompanying
       3                 :            : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
       4                 :            : 
       5                 :            : #include <rpc/util.h>
       6                 :            : #include <wallet/rpc/util.h>
       7                 :            : #include <wallet/wallet.h>
       8                 :            : 
       9                 :            : 
      10                 :            : namespace wallet {
      11                 :          0 : RPCHelpMan walletpassphrase()
      12                 :            : {
      13   [ #  #  #  #  :          0 :     return RPCHelpMan{"walletpassphrase",
                   #  # ]
      14         [ #  # ]:          0 :                 "\nStores the wallet decryption key in memory for 'timeout' seconds.\n"
      15                 :            :                 "This is needed prior to performing transactions related to private keys such as sending bitcoins\n"
      16                 :            :             "\nNote:\n"
      17         [ +  - ]:          2 :             "Issuing the walletpassphrase command while the wallet is already unlocked will set a new unlock\n"
      18         [ +  - ]:          2 :             "time that overrides the old one.\n",
      19         [ #  # ]:          0 :                 {
      20   [ #  #  #  #  :          0 :                     {"passphrase", RPCArg::Type::STR, RPCArg::Optional::NO, "The wallet passphrase"},
                   #  # ]
      21   [ #  #  #  #  :          0 :                     {"timeout", RPCArg::Type::NUM, RPCArg::Optional::NO, "The time to keep the decryption key in seconds; capped at 100000000 (~3 years)."},
                   #  # ]
      22                 :            :                 },
      23   [ #  #  #  #  :          0 :                 RPCResult{RPCResult::Type::NONE, "", ""},
             #  #  #  # ]
      24         [ #  # ]:          0 :                 RPCExamples{
      25                 :            :             "\nUnlock the wallet for 60 seconds\n"
      26   [ #  #  #  #  :          0 :             + HelpExampleCli("walletpassphrase", "\"my pass phrase\" 60") +
          #  #  #  #  #  
                      # ]
      27                 :          2 :             "\nLock the wallet again (before 60 seconds)\n"
      28   [ +  -  +  -  :          6 :             + HelpExampleCli("walletlock", "") +
          +  -  -  +  #  
          #  #  #  #  #  
          #  #  #  #  #  
                      # ]
      29   [ +  -  +  -  :          2 :             "\nAs a JSON-RPC call\n"
                   +  - ]
      30   [ +  -  +  -  :          2 :             + HelpExampleRpc("walletpassphrase", "\"my pass phrase\", 60")
          +  -  #  #  #  
             #  #  #  #  
                      # ]
      31                 :            :                 },
      32         [ #  # ]:          0 :         [&](const RPCHelpMan& self, const JSONRPCRequest& request) -> UniValue
      33                 :            : {
      34                 :          0 :     std::shared_ptr<CWallet> const wallet = GetWalletForJSONRPCRequest(request);
      35   [ #  #  #  #  :          0 :     if (!wallet) return UniValue::VNULL;
                   #  # ]
      36                 :          0 :     CWallet* const pwallet = wallet.get();
      37                 :            : 
      38                 :            :     int64_t nSleepTime;
      39                 :            :     int64_t relock_time;
      40                 :            :     // Prevent concurrent calls to walletpassphrase with the same wallet.
      41   [ #  #  #  # ]:          0 :     LOCK(pwallet->m_unlock_mutex);
      42                 :            :     {
      43   [ #  #  #  # ]:          0 :         LOCK(pwallet->cs_wallet);
      44                 :            : 
      45   [ #  #  #  # ]:          0 :         if (!pwallet->IsCrypted()) {
      46   [ #  #  #  #  :          0 :             throw JSONRPCError(RPC_WALLET_WRONG_ENC_STATE, "Error: running with an unencrypted wallet, but walletpassphrase was called.");
                   #  # ]
      47                 :            :         }
      48                 :            : 
      49                 :            :         // Note that the walletpassphrase is stored in request.params[0] which is not mlock()ed
      50                 :          0 :         SecureString strWalletPass;
      51         [ #  # ]:          0 :         strWalletPass.reserve(100);
      52   [ #  #  #  #  :          0 :         strWalletPass = std::string_view{request.params[0].get_str()};
                   #  # ]
      53         [ #  # ]:          0 : 
      54                 :            :         // Get the timeout
      55   [ #  #  #  # ]:          0 :         nSleepTime = request.params[1].getInt<int64_t>();
      56                 :            :         // Timeout cannot be negative, otherwise it will relock immediately
      57         [ #  # ]:          0 :         if (nSleepTime < 0) {
      58   [ #  #  #  #  :          0 :             throw JSONRPCError(RPC_INVALID_PARAMETER, "Timeout cannot be negative.");
                   #  # ]
      59                 :            :         }
      60                 :            :         // Clamp timeout
      61                 :          0 :         constexpr int64_t MAX_SLEEP_TIME = 100000000; // larger values trigger a macos/libevent bug?
      62         [ #  # ]:          0 :         if (nSleepTime > MAX_SLEEP_TIME) {
      63                 :          0 :             nSleepTime = MAX_SLEEP_TIME;
      64                 :          0 :         }
      65                 :            : 
      66         [ #  # ]:          0 :         if (strWalletPass.empty()) {
      67   [ #  #  #  #  :          0 :             throw JSONRPCError(RPC_INVALID_PARAMETER, "passphrase cannot be empty");
                   #  # ]
      68                 :            :         }
      69                 :            : 
      70   [ #  #  #  # ]:          0 :         if (!pwallet->Unlock(strWalletPass)) {
      71                 :            :             // Check if the passphrase has a null character (see #27067 for details)
      72         [ #  # ]:          0 :             if (strWalletPass.find('\0') == std::string::npos) {
      73   [ #  #  #  #  :          0 :                 throw JSONRPCError(RPC_WALLET_PASSPHRASE_INCORRECT, "Error: The wallet passphrase entered was incorrect.");
                   #  # ]
      74                 :          2 :             } else {
      75   [ #  #  #  #  :          0 :                 throw JSONRPCError(RPC_WALLET_PASSPHRASE_INCORRECT, "Error: The wallet passphrase entered is incorrect. "
                   #  # ]
      76                 :            :                                                                     "It contains a null character (ie - a zero byte). "
      77                 :            :                                                                     "If the passphrase was set with a version of this software prior to 25.0, "
      78                 :            :                                                                     "please try again with only the characters up to — but not including — "
      79                 :            :                                                                     "the first null character. If this is successful, please set a new "
      80                 :            :                                                                     "passphrase to avoid this issue in the future.");
      81                 :            :             }
      82                 :            :         }
      83                 :            : 
      84         [ #  # ]:          0 :         pwallet->TopUpKeyPool();
      85                 :            : 
      86         [ #  # ]:          0 :         pwallet->nRelockTime = GetTime() + nSleepTime;
      87                 :          0 :         relock_time = pwallet->nRelockTime;
      88                 :          0 :     }
      89                 :            : 
      90                 :            :     // rpcRunLater must be called without cs_wallet held otherwise a deadlock
      91                 :          2 :     // can occur. The deadlock would happen when RPCRunLater removes the
      92                 :            :     // previous timer (and waits for the callback to finish if already running)
      93                 :            :     // and the callback locks cs_wallet.
      94         [ #  # ]:          0 :     AssertLockNotHeld(wallet->cs_wallet);
      95                 :            :     // Keep a weak pointer to the wallet so that it is possible to unload the
      96                 :            :     // wallet before the following callback is called. If a valid shared pointer
      97                 :            :     // is acquired in the callback then the wallet is still loaded.
      98                 :          0 :     std::weak_ptr<CWallet> weak_wallet = wallet;
      99   [ #  #  #  #  :          2 :     pwallet->chain().rpcRunLater(strprintf("lockwallet(%s)", pwallet->GetName()), [weak_wallet, relock_time] {
          #  #  #  #  #  
                      # ]
     100   [ #  #  #  # ]:          0 :         if (auto shared_wallet = weak_wallet.lock()) {
     101   [ #  #  #  # ]:          0 :             LOCK2(shared_wallet->m_relock_mutex, shared_wallet->cs_wallet);
     102                 :            :             // Skip if this is not the most recent rpcRunLater callback.
     103         [ #  # ]:          0 :             if (shared_wallet->nRelockTime != relock_time) return;
     104         [ #  # ]:          0 :             shared_wallet->Lock();
     105                 :          0 :             shared_wallet->nRelockTime = 0;
     106         [ #  # ]:          0 :         }
     107                 :          0 :     }, nSleepTime);
     108                 :            : 
     109         [ #  # ]:          0 :     return UniValue::VNULL;
     110                 :          0 : },
     111                 :            :     };
     112                 :          0 : }
     113                 :            : 
     114                 :            : 
     115                 :          0 : RPCHelpMan walletpassphrasechange()
     116                 :            : {
     117   [ #  #  #  #  :          0 :     return RPCHelpMan{"walletpassphrasechange",
                   #  # ]
     118         [ #  # ]:          0 :                 "\nChanges the wallet passphrase from 'oldpassphrase' to 'newpassphrase'.\n",
     119         [ #  # ]:          0 :                 {
     120   [ #  #  #  #  :          0 :                     {"oldpassphrase", RPCArg::Type::STR, RPCArg::Optional::NO, "The current passphrase"},
                   #  # ]
     121   [ #  #  #  #  :          0 :                     {"newpassphrase", RPCArg::Type::STR, RPCArg::Optional::NO, "The new passphrase"},
                   #  # ]
     122                 :            :                 },
     123   [ #  #  #  #  :          0 :                 RPCResult{RPCResult::Type::NONE, "", ""},
             #  #  #  # ]
     124         [ #  # ]:          0 :                 RPCExamples{
     125   [ #  #  #  #  :          0 :                     HelpExampleCli("walletpassphrasechange", "\"old one\" \"new one\"")
                   #  # ]
     126   [ #  #  #  #  :          0 :             + HelpExampleRpc("walletpassphrasechange", "\"old one\", \"new one\"")
             #  #  #  # ]
     127                 :            :                 },
     128         [ #  # ]:          0 :         [&](const RPCHelpMan& self, const JSONRPCRequest& request) -> UniValue
     129                 :            : {
     130                 :          0 :     std::shared_ptr<CWallet> const pwallet = GetWalletForJSONRPCRequest(request);
     131   [ #  #  #  # ]:          0 :     if (!pwallet) return UniValue::VNULL;
     132                 :            : 
     133   [ #  #  #  # ]:          0 :     if (!pwallet->IsCrypted()) {
     134   [ #  #  #  #  :          0 :         throw JSONRPCError(RPC_WALLET_WRONG_ENC_STATE, "Error: running with an unencrypted wallet, but walletpassphrasechange was called.");
                   #  # ]
     135                 :            :     }
     136                 :            : 
     137   [ #  #  #  # ]:          0 :     if (pwallet->IsScanningWithPassphrase()) {
     138   [ #  #  #  #  :          0 :         throw JSONRPCError(RPC_WALLET_ERROR, "Error: the wallet is currently being used to rescan the blockchain for related transactions. Please call `abortrescan` before changing the passphrase.");
                   #  # ]
     139                 :            :     }
     140                 :            : 
     141   [ #  #  #  # ]:          0 :     LOCK2(pwallet->m_relock_mutex, pwallet->cs_wallet);
     142                 :            : 
     143                 :          0 :     SecureString strOldWalletPass;
     144         [ #  # ]:          0 :     strOldWalletPass.reserve(100);
     145   [ #  #  #  #  :          0 :     strOldWalletPass = std::string_view{request.params[0].get_str()};
                   #  # ]
     146                 :            : 
     147                 :          0 :     SecureString strNewWalletPass;
     148         [ #  # ]:          0 :     strNewWalletPass.reserve(100);
     149   [ #  #  #  #  :          0 :     strNewWalletPass = std::string_view{request.params[1].get_str()};
                   #  # ]
     150                 :            : 
     151         [ #  # ]:          0 :     if (strOldWalletPass.empty() || strNewWalletPass.empty()) {
     152   [ #  #  #  #  :          0 :         throw JSONRPCError(RPC_INVALID_PARAMETER, "passphrase cannot be empty");
                   #  # ]
     153                 :            :     }
     154                 :            : 
     155   [ #  #  #  # ]:          0 :     if (!pwallet->ChangeWalletPassphrase(strOldWalletPass, strNewWalletPass)) {
     156                 :            :         // Check if the old passphrase had a null character (see #27067 for details)
     157         [ #  # ]:          0 :         if (strOldWalletPass.find('\0') == std::string::npos) {
     158   [ #  #  #  #  :          0 :             throw JSONRPCError(RPC_WALLET_PASSPHRASE_INCORRECT, "Error: The wallet passphrase entered was incorrect.");
                   #  # ]
     159                 :            :         } else {
     160   [ #  #  #  #  :          0 :             throw JSONRPCError(RPC_WALLET_PASSPHRASE_INCORRECT, "Error: The old wallet passphrase entered is incorrect. "
                   #  # ]
     161                 :            :                                                                 "It contains a null character (ie - a zero byte). "
     162                 :            :                                                                 "If the old passphrase was set with a version of this software prior to 25.0, "
     163         [ +  - ]:          2 :                                                                 "please try again with only the characters up to — but not including — "
     164         [ +  - ]:          2 :                                                                 "the first null character.");
     165         [ +  - ]:          2 :         }
     166         [ +  - ]:          2 :     }
     167         [ +  - ]:          2 : 
     168   [ +  -  #  # ]:          2 :     return UniValue::VNULL;
     169         [ +  - ]:          2 : },
     170         [ +  - ]:          2 :     };
     171                 :          0 : }
     172                 :            : 
     173                 :            : 
     174                 :          0 : RPCHelpMan walletlock()
     175                 :            : {
     176   [ #  #  #  # ]:          0 :     return RPCHelpMan{"walletlock",
     177         [ #  # ]:          0 :                 "\nRemoves the wallet encryption key from memory, locking the wallet.\n"
     178                 :            :                 "After calling this method, you will need to call walletpassphrase again\n"
     179                 :            :                 "before being able to call any methods which require the wallet to be unlocked.\n",
     180                 :          0 :                 {},
     181   [ #  #  #  #  :          0 :                 RPCResult{RPCResult::Type::NONE, "", ""},
             #  #  #  # ]
     182         [ #  # ]:          0 :                 RPCExamples{
     183                 :            :             "\nSet the passphrase for 2 minutes to perform a transaction\n"
     184   [ #  #  #  #  :          0 :             + HelpExampleCli("walletpassphrase", "\"my pass phrase\" 120") +
          #  #  #  #  #  
                      # ]
     185                 :            :             "\nPerform a send (requires passphrase set)\n"
     186   [ #  #  #  #  :          0 :             + HelpExampleCli("sendtoaddress", "\"" + EXAMPLE_ADDRESS[0] + "\" 1.0") +
          #  #  #  #  #  
                #  #  # ]
     187                 :            :             "\nClear the passphrase since we are done before 2 minutes is up\n"
     188   [ #  #  #  #  :          0 :             + HelpExampleCli("walletlock", "") +
          #  #  #  #  #  
                      # ]
     189                 :            :             "\nAs a JSON-RPC call\n"
     190   [ #  #  #  #  :          0 :             + HelpExampleRpc("walletlock", "")
             #  #  #  # ]
     191                 :            :                 },
     192         [ #  # ]:          0 :         [&](const RPCHelpMan& self, const JSONRPCRequest& request) -> UniValue
     193                 :            : {
     194                 :          0 :     std::shared_ptr<CWallet> const pwallet = GetWalletForJSONRPCRequest(request);
     195   [ #  #  #  # ]:          0 :     if (!pwallet) return UniValue::VNULL;
     196                 :            : 
     197   [ #  #  #  # ]:          0 :     if (!pwallet->IsCrypted()) {
     198   [ #  #  #  #  :          0 :         throw JSONRPCError(RPC_WALLET_WRONG_ENC_STATE, "Error: running with an unencrypted wallet, but walletlock was called.");
                   #  # ]
     199                 :            :     }
     200                 :            : 
     201         [ #  # ]:          0 :     if (pwallet->IsScanningWithPassphrase()) {
     202   [ #  #  #  #  :          0 :         throw JSONRPCError(RPC_WALLET_ERROR, "Error: the wallet is currently being used to rescan the blockchain for related transactions. Please call `abortrescan` before locking the wallet.");
                   #  # ]
     203                 :            :     }
     204                 :            : 
     205   [ #  #  #  # ]:          0 :     LOCK2(pwallet->m_relock_mutex, pwallet->cs_wallet);
     206                 :            : 
     207         [ #  # ]:          0 :     pwallet->Lock();
     208                 :          0 :     pwallet->nRelockTime = 0;
     209                 :            : 
     210         [ #  # ]:          0 :     return UniValue::VNULL;
     211                 :          0 : },
     212                 :            :     };
     213                 :          0 : }
     214                 :            : 
     215                 :            : 
     216                 :          0 : RPCHelpMan encryptwallet()
     217                 :            : {
     218   [ #  #  #  #  :          0 :     return RPCHelpMan{"encryptwallet",
                   #  # ]
     219         [ #  # ]:          0 :                 "\nEncrypts the wallet with 'passphrase'. This is for first time encryption.\n"
     220                 :            :                 "After this, any calls that interact with private keys such as sending or signing \n"
     221                 :            :                 "will require the passphrase to be set prior the making these calls.\n"
     222                 :            :                 "Use the walletpassphrase call for this, and then walletlock call.\n"
     223                 :            :                 "If the wallet is already encrypted, use the walletpassphrasechange call.\n",
     224         [ #  # ]:          0 :                 {
     225   [ #  #  #  #  :          0 :                     {"passphrase", RPCArg::Type::STR, RPCArg::Optional::NO, "The pass phrase to encrypt the wallet with. It must be at least 1 character, but should be long."},
                   #  # ]
     226                 :            :                 },
     227   [ #  #  #  #  :          0 :                 RPCResult{RPCResult::Type::STR, "", "A string with further instructions"},
             #  #  #  # ]
     228         [ #  # ]:          0 :                 RPCExamples{
     229                 :            :             "\nEncrypt your wallet\n"
     230   [ #  #  #  #  :          0 :             + HelpExampleCli("encryptwallet", "\"my pass phrase\"") +
          #  #  #  #  #  
                      # ]
     231                 :            :             "\nNow set the passphrase to use the wallet, such as for signing or sending bitcoin\n"
     232   [ #  #  #  #  :          0 :             + HelpExampleCli("walletpassphrase", "\"my pass phrase\"") +
          #  #  #  #  #  
                      # ]
     233                 :            :             "\nNow we can do something like sign\n"
     234   [ #  #  #  #  :          0 :             + HelpExampleCli("signmessage", "\"address\" \"test message\"") +
          #  #  #  #  #  
                      # ]
     235                 :            :             "\nNow lock the wallet again by removing the passphrase\n"
     236   [ #  #  #  #  :          0 :             + HelpExampleCli("walletlock", "") +
          #  #  #  #  #  
                      # ]
     237                 :            :             "\nAs a JSON-RPC call\n"
     238   [ #  #  #  #  :          0 :             + HelpExampleRpc("encryptwallet", "\"my pass phrase\"")
             #  #  #  # ]
     239                 :            :                 },
     240         [ #  # ]:          0 :         [&](const RPCHelpMan& self, const JSONRPCRequest& request) -> UniValue
     241                 :            : {
     242                 :          0 :     std::shared_ptr<CWallet> const pwallet = GetWalletForJSONRPCRequest(request);
     243   [ #  #  #  # ]:          0 :     if (!pwallet) return UniValue::VNULL;
     244                 :            : 
     245   [ #  #  #  # ]:          0 :     if (pwallet->IsWalletFlagSet(WALLET_FLAG_DISABLE_PRIVATE_KEYS)) {
     246   [ #  #  #  #  :          0 :         throw JSONRPCError(RPC_WALLET_ENCRYPTION_FAILED, "Error: wallet does not contain private keys, nothing to encrypt.");
                   #  # ]
     247                 :            :     }
     248                 :            : 
     249   [ #  #  #  # ]:          0 :     if (pwallet->IsCrypted()) {
     250   [ #  #  #  #  :          0 :         throw JSONRPCError(RPC_WALLET_WRONG_ENC_STATE, "Error: running with an encrypted wallet, but encryptwallet was called.");
                   #  # ]
     251                 :            :     }
     252                 :            : 
     253         [ #  # ]:          0 :     if (pwallet->IsScanningWithPassphrase()) {
     254   [ #  #  #  #  :          0 :         throw JSONRPCError(RPC_WALLET_ERROR, "Error: the wallet is currently being used to rescan the blockchain for related transactions. Please call `abortrescan` before encrypting the wallet.");
                   #  # ]
     255                 :            :     }
     256                 :            : 
     257   [ #  #  #  # ]:          0 :     LOCK2(pwallet->m_relock_mutex, pwallet->cs_wallet);
     258                 :            : 
     259                 :          0 :     SecureString strWalletPass;
     260         [ #  # ]:          0 :     strWalletPass.reserve(100);
     261   [ #  #  #  #  :          0 :     strWalletPass = std::string_view{request.params[0].get_str()};
                   #  # ]
     262                 :            : 
     263         [ #  # ]:          0 :     if (strWalletPass.empty()) {
     264   [ +  -  #  #  :          2 :         throw JSONRPCError(RPC_INVALID_PARAMETER, "passphrase cannot be empty");
             #  #  #  # ]
     265                 :            :     }
     266                 :            : 
     267   [ #  #  #  # ]:          0 :     if (!pwallet->EncryptWallet(strWalletPass)) {
     268   [ #  #  #  #  :          0 :         throw JSONRPCError(RPC_WALLET_ENCRYPTION_FAILED, "Error: Failed to encrypt the wallet.");
                   #  # ]
     269                 :            :     }
     270                 :            : 
     271         [ #  # ]:          0 :     return "wallet encrypted; The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup.";
     272                 :          0 : },
     273                 :            :     };
     274                 :          0 : }
     275                 :            : } // namespace wallet

Generated by: LCOV version 1.14