Loading...
Searching...
No Matches
Public Member Functions |
Static Public Member Functions |
Protected Member Functions |
Protected Attributes |
Friends |
List of all members
ots::KeyStore Class Reference
essentialy wraps crypto::secret_key More...
#include <key-store.hpp>
Inheritance diagram for ots::KeyStore:
Public Member Functions | |
| ~KeyStore () noexcept | |
| Destroy KeyStore. | |
| KeyStore () noexcept | |
| empty KeyStore | |
| KeyStore (const std::array< uint8_t, 32 > &key) noexcept | |
| create KeyStore from byte array | |
| KeyStore (const uint8_t *key, size_t size) | |
| create KeyStore from byte pointer and size | |
| KeyStore (crypto::secret_key key) noexcept | |
| create a KeyStore by copying a crypto::secret_key into the KeyStore | |
| void | set (const std::array< uint8_t, 32 > &key) noexcept |
| set key from byte array | |
| void | set (const uint8_t *key, size_t size) |
| set key from byte pointer and size | |
| void | set (crypto::secret_key key) noexcept |
| copy key from crypto::secret_key | |
| void | wipe () noexcept |
| secure wipe of the keystore | |
Static Public Member Functions | |
| static KeyStore | transfer (uint8_t *key, size_t size) |
| moves 32 bytes into the KeyStore and wipes the insecure memory | |
Protected Member Functions | |
| void | unlockInsecure (bool writeable=false) const noexcept |
| unlock insecure access to the stored bytes in crypto::secret_key | |
| void | unlockInsecureOnce (bool writeable=false) const noexcept |
| unlock insecure access once to the stored bytes in crypto::secret_key and locks the insecure access directly after | |
| void | lockInsecure () const noexcept |
| locks insecure access complete | |
| operator crypto::secret_key & () | |
| access the underlying crypto::secret_key by reference | |
| operator const crypto::secret_key & () const | |
| Implicit conversion to const crypto::secret_key reference. | |
| operator const unsigned char * () const | |
| Implicit conversion to const unsigned char pointer for direct byte access. | |
| operator const char * () const | |
| Implicit conversion to const char pointer for direct byte access. | |
| operator std::array< unsigned char, 32 > () const | |
| Implicit conversion to std::array<unsigned char, 32> for direct byte access. | |
| void | insecureAccessRequest (bool write) const |
| guard the insecure access attempts | |
Protected Attributes | |
| crypto::secret_key | m_key |
Friends | |
| class | LegacySeed |
| class | MoneroSeed |
| class | Polyseed |
| class | Account |
Detailed Description
essentialy wraps crypto::secret_key
Constructor & Destructor Documentation
◆ ~KeyStore()
|
noexcept |
Destroy KeyStore.
◆ KeyStore() [1/4]
|
explicitnoexcept |
empty KeyStore
◆ KeyStore() [2/4]
|
explicitnoexcept |
create KeyStore from byte array
◆ KeyStore() [3/4]
|
explicit |
create KeyStore from byte pointer and size
- Parameters
-
key pointer to bytes size size of bytes, must be 32 or less, but should be always 32
- Exceptions
-
ots::exception::BufferOverflowException if size > 32
◆ KeyStore() [4/4]
|
explicitnoexcept |
Member Function Documentation
◆ insecureAccessRequest()
|
protected |
guard the insecure access attempts
- Exceptions
-
ots::exception::keystore::LockedWriteAttempt if not unlocked for write access, if write access is requested ots::exception::keystore::LockedAccessAttempt if not unlocked for access
- Note
- On write access on of two conditions must be true !m_lock && m_writeable, or m_unlock_once && m_writeable_once That means m_writeable_once && !m_lock are not sufficient
◆ lockInsecure()
|
protectednoexcept |
locks insecure access complete
◆ operator const char *()
|
protected |
Implicit conversion to const char pointer for direct byte access.
- Exceptions
-
ots::exception::keystore::LockedAccessAttempt if not unlocked for access
- Note
- You need first unlock the usage!
- Returns
- Pointer to the underlying byte data of the secret key
Usage example:
keyStore.unlockInsecureOnce();
const char* bytes = keyStore; // Direct access to key bytes
◆ operator const crypto::secret_key &()
|
protected |
Implicit conversion to const crypto::secret_key reference.
- Exceptions
-
ots::exception::keystore::LockedAccessAttempt if not unlocked for access
- Note
- You need first unlock the usage!
- Warning
- Do NOT use explicit static_cast or similar as it will prefer the non-const operator which requires write access. Let the implicit conversion work instead.
Usage example:
keyStore.unlockInsecureOnce();
// Good:
const crypto::secret_key& key = keyStore; // Uses this implicit const operator
some_crypto_secret_key_function(keyStore); // some_crypto_secret_key_function(const crypto::secret_key& skey);
// Bad:
static_cast<const crypto::secret_key&>(keyStore); // Will try to use non-const operator!
◆ operator const unsigned char *()
|
protected |
Implicit conversion to const unsigned char pointer for direct byte access.
- Exceptions
-
ots::exception::keystore::LockedAccessAttempt if not unlocked for access
- Note
- You need first unlock the usage!
- Returns
- Pointer to the underlying byte data of the secret key
Usage example:
keyStore.unlockInsecureOnce();
const unsigned char* bytes = keyStore; // Direct access to key bytes
◆ operator crypto::secret_key &()
|
explicitprotected |
access the underlying crypto::secret_key by reference
- Exceptions
-
ots::exception::keystore::LockedWriteAttempt if not unlocked for write access. The reason behind is that with the crypto::secret_key object you are able to modify the data
- Note
- You need first unlock the usage!
Usage example:
keyStore.unlockInsecureOnce(true);
some_crypto_secret_key_function(keyStore, pub&); // some_crypto_secret_key_function(crypto::secret_key& skey, crypto::public_key& pkey);
◆ operator std::array< unsigned char, 32 >()
|
protected |
Implicit conversion to std::array<unsigned char, 32> for direct byte access.
- Exceptions
-
ots::exception::keystore::LockedAccessAttempt if not unlocked for access
- Note
- You need first unlock the usage!
- Returns
- Pointer to the underlying byte data of the secret key
Usage example:
keyStore.unlockInsecureOnce();
std::array<unsigned char, 32> keys = keyStore; // Direct access to key bytes
◆ set() [1/3]
|
noexcept |
set key from byte array
◆ set() [2/3]
| void ots::KeyStore::set | ( | const uint8_t * | key, |
| size_t | size | ||
| ) |
set key from byte pointer and size
- Parameters
-
key pointer to bytes size size of bytes, must be 32 or less, but should be always 32
- Exceptions
-
ots::exception::BufferOverflowException if size > 32
◆ set() [3/3]
|
noexcept |
copy key from crypto::secret_key
◆ transfer()
|
static |
moves 32 bytes into the KeyStore and wipes the insecure memory
- Parameters
-
key the unsecured bytes pointer size size of bytes, must be 32 or less, but should be always 32
- Exceptions
-
ots::exception::BufferOverflowException if size > 32
◆ unlockInsecure()
|
protectednoexcept |
unlock insecure access to the stored bytes in crypto::secret_key
- Parameters
-
writeable by default false, on true permits to write to the bytes
◆ unlockInsecureOnce()
|
protectednoexcept |
unlock insecure access once to the stored bytes in crypto::secret_key and locks the insecure access directly after
- Parameters
-
writeable by default false, on true permits to write to the bytes
◆ wipe()
|
noexcept |
secure wipe of the keystore
Friends And Related Symbol Documentation
◆ Account
|
friend |
◆ LegacySeed
|
friend |
- Note
- friend classes is used to ensure that only following classes can access key data in the KeyStore
◆ MoneroSeed
|
friend |
◆ Polyseed
|
friend |
Member Data Documentation
◆ m_key
|
protected |
The documentation for this class was generated from the following files:
- /projects/monerosigner/monero/ots/include/key-store.hpp
- /projects/monerosigner/monero/ots/src/key-store.cpp
