Extends KeyStore with specific functionality for polyseed-based cryptographic operations. More...

#include <polyseed-key-store.hpp>

Inheritance diagram for ots::PolyseedKeyStore:

Collaboration diagram for ots::PolyseedKeyStore:

Public Member Functions
	PolyseedKeyStore () noexcept
	Default constructor for an empty seed key store.

	PolyseedKeyStore (const std::array< uint8_t, 32 > &key) noexcept
	Construct a PolyseedKeyStore from an existing key.

bool	isEncypted () const noexcept
	check if polyseed_data secret in encrypted

Public Member Functions inherited from ots::KeyStore
	~KeyStore () noexcept
	Destroy KeyStore.

	KeyStore () noexcept
	empty KeyStore

	KeyStore (const std::array< uint8_t, 32 > &key) noexcept
	create KeyStore from byte array

	KeyStore (const uint8_t *key, size_t size)
	create KeyStore from byte pointer and size

	KeyStore (crypto::secret_key key) noexcept
	create a KeyStore by copying a crypto::secret_key into the KeyStore

void	set (const std::array< uint8_t, 32 > &key) noexcept
	set key from byte array

void	set (const uint8_t *key, size_t size)
	set key from byte pointer and size

void	set (crypto::secret_key key) noexcept
	copy key from crypto::secret_key

void	wipe () noexcept
	secure wipe of the keystore

Protected Member Functions
	operator const uint8_t * ()
	Conversion to const byte pointer (read-only access)

uint8_t *	unsafe_mutable_bytes ()
	Get mutable byte access.

void	set (const polyseed_data *data)
	Internal method to set key data from polyseed_data->secret.

void	transfer (polyseed_data *data)
	Internal method to set key data from polyseed_data->secret, and wipes polyseed_data->secret.

const polyseed_data *	getPolyseedDataReadOnlySession ()
	Provide a polyseed_data struct const pointer to work with.

polyseed_data *	getPolyseedDataSession ()
	Provide a polyseed_data struct pointer to work On.

void	commitPolyseedDataSession ()
	update PolyseedKeyStore data from the pointers secret and wipe secure

void	discardPolyseedDataSession ()
	wipe secure the pointers secret

Protected Member Functions inherited from ots::KeyStore
void	unlockInsecure (bool writeable=false) const noexcept
	unlock insecure access to the stored bytes in crypto::secret_key

void	unlockInsecureOnce (bool writeable=false) const noexcept
	unlock insecure access once to the stored bytes in crypto::secret_key and locks the insecure access directly after

void	lockInsecure () const noexcept
	locks insecure access complete

	operator crypto::secret_key & ()
	access the underlying crypto::secret_key by reference

	operator const crypto::secret_key & () const
	Implicit conversion to const crypto::secret_key reference.

	operator const unsigned char * () const
	Implicit conversion to const unsigned char pointer for direct byte access.

	operator const char * () const
	Implicit conversion to const char pointer for direct byte access.

	operator std::array< unsigned char, 32 > () const
	Implicit conversion to std::array<unsigned char, 32> for direct byte access.

void	insecureAccessRequest (bool write) const
	guard the insecure access attempts

Friends
class	Polyseed

Additional Inherited Members
Static Public Member Functions inherited from ots::KeyStore
static KeyStore	transfer (uint8_t *key, size_t size)
	moves 32 bytes into the KeyStore and wipes the insecure memory

Protected Attributes inherited from ots::KeyStore
crypto::secret_key	m_key

Detailed Description

Extends KeyStore with specific functionality for polyseed-based cryptographic operations.

Constructor & Destructor Documentation

◆ PolyseedKeyStore() [1/2]

ots::PolyseedKeyStore::PolyseedKeyStore ( )

explicitnoexcept

Default constructor for an empty seed key store.

Note: Initializes an empty, secure key storage

◆ PolyseedKeyStore() [2/2]

ots::PolyseedKeyStore::PolyseedKeyStore ( const std::array< uint8_t, 32 > & key )

explicitnoexcept

Construct a PolyseedKeyStore from an existing key.

Parameters

key	Byte array representing the seed

Member Function Documentation

◆ commitPolyseedDataSession()

void ots::PolyseedKeyStore::commitPolyseedDataSession ( )

protected

update PolyseedKeyStore data from the pointers secret and wipe secure

Exceptions

ots::exception::keystore::polyseed::NoActivePolyseedDataSession	if there is no active session
ots::exception::keystore::polyseed::PolyseedDataReadOnlySession	if called on a readonly session the pointers secret

◆ discardPolyseedDataSession()

void ots::PolyseedKeyStore::discardPolyseedDataSession ( )

protected

wipe secure the pointers secret

Exceptions

ots::exception::keystore::polyseed::NoActivePolyseedDataSession if there is no active session

◆ getPolyseedDataReadOnlySession()

const polyseed_data * ots::PolyseedKeyStore::getPolyseedDataReadOnlySession ( )

protected

Provide a polyseed_data struct const pointer to work with.

Returns: pointer of the polyseed_data struct enriched containing the secret from the PolyseedKeyStore

Exceptions

ots::exception::keystore::polyseed::ActivePolyseedDataSession	if there is already a session running
ots::exception::keystore::LockedAccessAttempt	if not unlocked for access

Note: Need to unlockInsecure or better unlockInsecureOnce; Need to call discardPolyseedDataSession after finishing working with the const pointer to ensure the secret get's wiped out of insecure memory.

Warning: Do NOT copy the secret data from the pointer ever!

◆ getPolyseedDataSession()

polyseed_data * ots::PolyseedKeyStore::getPolyseedDataSession ( )

protected

Provide a polyseed_data struct pointer to work On.

Returns: pointer of the polyseed_data struct enriched containing the secret from the PolyseedKeyStore

Exceptions

ots::exception::keystore::polyseed::ActivePolyseedDataSession	if there is already a session running
ots::exception::keystore::LockedAccessAttempt	if not unlocked for access
ots::exception::keystore::LockedWriteAttempt	if not unlocked for write access

Warning: You most like need only getPolyseedDataReadOnlySession, except for polyseed_crypt

Note: Need to unlockInsecure or unlockInsecureOnce for write; Need to call commitPolyseedDataSession or discardPolyseedDataSession after finishing working on the pointer to ensure the secret get's wiped out of insecure memory. Do NOT copy the secret data from the pointer.

Warning: Do NOT copy the secret data from the pointer ever!

◆ isEncypted()

bool ots::PolyseedKeyStore::isEncypted ( ) const

noexcept

check if polyseed_data secret in encrypted

Returns: true if encrypted

Note: using is_encrypted from features.h of polyseed to check without taking the secret out of the key store.

◆ operator const uint8_t *()

ots::PolyseedKeyStore::operator const uint8_t * ( )

protected

Conversion to const byte pointer (read-only access)

Exceptions

ots::exception::keystore::LockedAccessAttempt if not unlocked for access

Note: You need first unlock the usage!

Usage example:

keyStore.unlockInsecureOnce();

some_const_byte_function(keyStore, 32); // some_const_byte_function(const uint8_t *data, size_t size);

◆ set()

void ots::PolyseedKeyStore::set ( const polyseed_data * data )

protected

Internal method to set key data from polyseed_data->secret.

Note: friend class is used to ensure that only following classes can access key data in the KeyStore

Parameters

data	Polyseed data structure

◆ transfer()

void ots::PolyseedKeyStore::transfer ( polyseed_data * data )

protected

Internal method to set key data from polyseed_data->secret, and wipes polyseed_data->secret.

Parameters

data	Polyseed data structure

◆ unsafe_mutable_bytes()

uint8_t * ots::PolyseedKeyStore::unsafe_mutable_bytes ( )

protected

Get mutable byte access.

Exceptions

ots::exception::keystore::LockedAccessAttempt	if not unlocked for access
ots::exception::keystore::LockedWriteAttempt	if not unlocked for write access

Warning: Only for critical library-internal operations

Note: You need first unlock the usage!

Usage example:

keyStore.unlockInsecureOnce(true);

some_byte_manipulating_function(keyStore, 32); // some_byte_manipulating_function(uint8_t *data, size_t size);

Friends And Related Symbol Documentation

◆ Polyseed

friend class Polyseed

friend

Note: friend class is used to ensure that only following classes can access key data in the PolyseedKeyStore

The documentation for this class was generated from the following files:

/projects/monerosigner/monero/ots/include/polyseed-key-store.hpp
/projects/monerosigner/monero/ots/src/polyseed-key-store.cpp

Public Member Functions

Protected Member Functions

Friends

Additional Inherited Members

Detailed Description

Constructor & Destructor Documentation

◆ PolyseedKeyStore() [1/2]

◆ PolyseedKeyStore() [2/2]

Member Function Documentation

◆ commitPolyseedDataSession()

◆ discardPolyseedDataSession()

◆ getPolyseedDataReadOnlySession()

◆ getPolyseedDataSession()

◆ isEncypted()

◆ operator const uint8_t *()

◆ set()

◆ transfer()

◆ unsafe_mutable_bytes()

Friends And Related Symbol Documentation

◆ Polyseed