mirror of
https://github.com/cake-tech/cake_wallet.git
synced 2025-01-08 20:09:24 +00:00
Xchaha20 poly1305 integration (#569)
* Integration of xchacha20-poly1305 * Remove force unwrap from _exportPreferencesJSON * Deprecate v1 export * Fix for open backup screen after auth
This commit is contained in:
parent
33935c9b1d
commit
acb03e5530
5 changed files with 168 additions and 53 deletions
|
@ -16,6 +16,7 @@ import 'package:cake_wallet/entities/secret_store_key.dart';
|
|||
import 'package:cw_core/wallet_info.dart';
|
||||
import 'package:cake_wallet/.secrets.g.dart' as secrets;
|
||||
import 'package:cake_wallet/wallet_types.g.dart';
|
||||
import 'package:cake_backup/backup.dart' as cake_backup;
|
||||
|
||||
class BackupService {
|
||||
BackupService(this._flutterSecureStorage, this._walletInfoSource,
|
||||
|
@ -23,9 +24,10 @@ class BackupService {
|
|||
: _cipher = Cryptography.instance.chacha20Poly1305Aead(),
|
||||
_correctWallets = <WalletInfo>[];
|
||||
|
||||
static const currentVersion = _v1;
|
||||
static const currentVersion = _v2;
|
||||
|
||||
static const _v1 = 1;
|
||||
static const _v2 = 2;
|
||||
|
||||
final Cipher _cipher;
|
||||
final FlutterSecureStorage _flutterSecureStorage;
|
||||
|
@ -37,13 +39,16 @@ class BackupService {
|
|||
Future<void> importBackup(Uint8List data, String password,
|
||||
{String nonce = secrets.backupSalt}) async {
|
||||
final version = getVersion(data);
|
||||
final backupBytes = data.toList()..removeAt(0);
|
||||
final backupData = Uint8List.fromList(backupBytes);
|
||||
|
||||
switch (version) {
|
||||
case _v1:
|
||||
final backupBytes = data.toList()..removeAt(0);
|
||||
final backupData = Uint8List.fromList(backupBytes);
|
||||
await _importBackupV1(backupData, password, nonce: nonce);
|
||||
break;
|
||||
case _v2:
|
||||
await _importBackupV2(data, password);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
@ -54,20 +59,26 @@ class BackupService {
|
|||
switch (version) {
|
||||
case _v1:
|
||||
return await _exportBackupV1(password, nonce: nonce);
|
||||
case _v2:
|
||||
return await _exportBackupV2(password);
|
||||
default:
|
||||
throw Exception('Incorrect version: $version for exportBackup');
|
||||
}
|
||||
}
|
||||
|
||||
@Deprecated('Use v2 instead')
|
||||
Future<Uint8List> _exportBackupV1(String password,
|
||||
{String nonce = secrets.backupSalt}) async {
|
||||
{String nonce = secrets.backupSalt}) async
|
||||
=> throw Exception('Deprecated. Export for backups v1 is deprecated. Please use export v2.');
|
||||
|
||||
Future<Uint8List> _exportBackupV2(String password) async {
|
||||
final zipEncoder = ZipFileEncoder();
|
||||
final appDir = await getApplicationDocumentsDirectory();
|
||||
final now = DateTime.now();
|
||||
final tmpDir = Directory('${appDir.path}/~_BACKUP_TMP');
|
||||
final archivePath = '${tmpDir.path}/backup_${now.toString()}.zip';
|
||||
final fileEntities = appDir.listSync(recursive: false);
|
||||
final keychainDump = await _exportKeychainDump(password, nonce: nonce);
|
||||
final keychainDump = await _exportKeychainDumpV2(password);
|
||||
final preferencesDump = await _exportPreferencesJSON();
|
||||
final preferencesDumpFile = File('${tmpDir.path}/~_preferences_dump_TMP');
|
||||
final keychainDumpFile = File('${tmpDir.path}/~_keychain_dump_TMP');
|
||||
|
@ -98,15 +109,13 @@ class BackupService {
|
|||
|
||||
final content = File(archivePath).readAsBytesSync();
|
||||
tmpDir.deleteSync(recursive: true);
|
||||
final encryptedData = await _encrypt(content, password, nonce);
|
||||
|
||||
return setVersion(encryptedData, currentVersion);
|
||||
return await _encryptV2(content, password);
|
||||
}
|
||||
|
||||
Future<void> _importBackupV1(Uint8List data, String password,
|
||||
{required String nonce}) async {
|
||||
final appDir = await getApplicationDocumentsDirectory();
|
||||
final decryptedData = await _decrypt(data, password, nonce);
|
||||
final decryptedData = await _decryptV1(data, password, nonce);
|
||||
final zip = ZipDecoder().decodeBytes(decryptedData);
|
||||
|
||||
zip.files.forEach((file) {
|
||||
|
@ -123,7 +132,30 @@ class BackupService {
|
|||
});
|
||||
|
||||
await _verifyWallets();
|
||||
await _importKeychainDump(password, nonce: nonce);
|
||||
await _importKeychainDumpV1(password, nonce: nonce);
|
||||
await _importPreferencesDump();
|
||||
}
|
||||
|
||||
Future<void> _importBackupV2(Uint8List data, String password) async {
|
||||
final appDir = await getApplicationDocumentsDirectory();
|
||||
final decryptedData = await _decryptV2(data, password);
|
||||
final zip = ZipDecoder().decodeBytes(decryptedData);
|
||||
|
||||
zip.files.forEach((file) {
|
||||
final filename = file.name;
|
||||
|
||||
if (file.isFile) {
|
||||
final content = file.content as List<int>;
|
||||
File('${appDir.path}/' + filename)
|
||||
..createSync(recursive: true)
|
||||
..writeAsBytesSync(content);
|
||||
} else {
|
||||
Directory('${appDir.path}/' + filename)..create(recursive: true);
|
||||
}
|
||||
});
|
||||
|
||||
await _verifyWallets();
|
||||
await _importKeychainDumpV2(password);
|
||||
await _importPreferencesDump();
|
||||
}
|
||||
|
||||
|
@ -258,12 +290,12 @@ class BackupService {
|
|||
await preferencesFile.delete();
|
||||
}
|
||||
|
||||
Future<void> _importKeychainDump(String password,
|
||||
Future<void> _importKeychainDumpV1(String password,
|
||||
{required String nonce,
|
||||
String keychainSalt = secrets.backupKeychainSalt}) async {
|
||||
final appDir = await getApplicationDocumentsDirectory();
|
||||
final keychainDumpFile = File('${appDir.path}/~_keychain_dump');
|
||||
final decryptedKeychainDumpFileData = await _decrypt(
|
||||
final decryptedKeychainDumpFileData = await _decryptV1(
|
||||
keychainDumpFile.readAsBytesSync(), '$keychainSalt$password', nonce);
|
||||
final keychainJSON = json.decode(utf8.decode(decryptedKeychainDumpFileData))
|
||||
as Map<String, dynamic>;
|
||||
|
@ -288,6 +320,35 @@ class BackupService {
|
|||
keychainDumpFile.deleteSync();
|
||||
}
|
||||
|
||||
Future<void> _importKeychainDumpV2(String password,
|
||||
{String keychainSalt = secrets.backupKeychainSalt}) async {
|
||||
final appDir = await getApplicationDocumentsDirectory();
|
||||
final keychainDumpFile = File('${appDir.path}/~_keychain_dump');
|
||||
final decryptedKeychainDumpFileData = await _decryptV2(
|
||||
keychainDumpFile.readAsBytesSync(), '$keychainSalt$password');
|
||||
final keychainJSON = json.decode(utf8.decode(decryptedKeychainDumpFileData))
|
||||
as Map<String, dynamic>;
|
||||
final keychainWalletsInfo = keychainJSON['wallets'] as List;
|
||||
final decodedPin = keychainJSON['pin'] as String;
|
||||
final pinCodeKey = generateStoreKeyFor(key: SecretStoreKey.pinCodePassword);
|
||||
final backupPasswordKey =
|
||||
generateStoreKeyFor(key: SecretStoreKey.backupPassword);
|
||||
final backupPassword = keychainJSON[backupPasswordKey] as String;
|
||||
|
||||
await _flutterSecureStorage.write(
|
||||
key: backupPasswordKey, value: backupPassword);
|
||||
|
||||
keychainWalletsInfo.forEach((dynamic rawInfo) async {
|
||||
final info = rawInfo as Map<String, dynamic>;
|
||||
await importWalletKeychainInfo(info);
|
||||
});
|
||||
|
||||
await _flutterSecureStorage.write(
|
||||
key: pinCodeKey, value: encodedPinCode(pin: decodedPin));
|
||||
|
||||
keychainDumpFile.deleteSync();
|
||||
}
|
||||
|
||||
Future<void> importWalletKeychainInfo(Map<String, dynamic> info) async {
|
||||
final name = info['name'] as String;
|
||||
final password = info['password'] as String;
|
||||
|
@ -295,9 +356,14 @@ class BackupService {
|
|||
await _keyService.saveWalletPassword(walletName: name, password: password);
|
||||
}
|
||||
|
||||
Future<Uint8List> _exportKeychainDump(String password,
|
||||
@Deprecated('Use v2 instead')
|
||||
Future<Uint8List> _exportKeychainDumpV1(String password,
|
||||
{required String nonce,
|
||||
String keychainSalt = secrets.backupKeychainSalt}) async {
|
||||
String keychainSalt = secrets.backupKeychainSalt}) async
|
||||
=> throw Exception('Deprecated');
|
||||
|
||||
Future<Uint8List> _exportKeychainDumpV2(String password,
|
||||
{String keychainSalt = secrets.backupKeychainSalt}) async {
|
||||
final key = generateStoreKeyFor(key: SecretStoreKey.pinCodePassword);
|
||||
final encodedPin = await _flutterSecureStorage.read(key: key);
|
||||
final decodedPin = decodedPinCode(pin: encodedPin!);
|
||||
|
@ -319,49 +385,48 @@ class BackupService {
|
|||
'wallets': wallets,
|
||||
backupPasswordKey: backupPassword
|
||||
}));
|
||||
final encrypted = await _encrypt(
|
||||
Uint8List.fromList(data), '$keychainSalt$password', nonce);
|
||||
final encrypted = await _encryptV2(
|
||||
Uint8List.fromList(data), '$keychainSalt$password');
|
||||
|
||||
return encrypted;
|
||||
}
|
||||
|
||||
Future<String> _exportPreferencesJSON() async {
|
||||
// FIX-ME: Force unwrap
|
||||
final preferences = <String, dynamic>{
|
||||
PreferencesKey.currentWalletName:
|
||||
_sharedPreferences.getString(PreferencesKey.currentWalletName)!,
|
||||
_sharedPreferences.getString(PreferencesKey.currentWalletName),
|
||||
PreferencesKey.currentNodeIdKey:
|
||||
_sharedPreferences.getInt(PreferencesKey.currentNodeIdKey)!,
|
||||
_sharedPreferences.getInt(PreferencesKey.currentNodeIdKey),
|
||||
PreferencesKey.currentBalanceDisplayModeKey: _sharedPreferences
|
||||
.getInt(PreferencesKey.currentBalanceDisplayModeKey)!,
|
||||
.getInt(PreferencesKey.currentBalanceDisplayModeKey),
|
||||
PreferencesKey.currentWalletType:
|
||||
_sharedPreferences.getInt(PreferencesKey.currentWalletType)!,
|
||||
_sharedPreferences.getInt(PreferencesKey.currentWalletType),
|
||||
PreferencesKey.currentFiatCurrencyKey:
|
||||
_sharedPreferences.getString(PreferencesKey.currentFiatCurrencyKey)!,
|
||||
_sharedPreferences.getString(PreferencesKey.currentFiatCurrencyKey),
|
||||
PreferencesKey.shouldSaveRecipientAddressKey: _sharedPreferences
|
||||
.getBool(PreferencesKey.shouldSaveRecipientAddressKey)!,
|
||||
.getBool(PreferencesKey.shouldSaveRecipientAddressKey),
|
||||
PreferencesKey.isDarkThemeLegacy:
|
||||
_sharedPreferences.getBool(PreferencesKey.isDarkThemeLegacy)!,
|
||||
_sharedPreferences.getBool(PreferencesKey.isDarkThemeLegacy),
|
||||
PreferencesKey.currentPinLength:
|
||||
_sharedPreferences.getInt(PreferencesKey.currentPinLength)!,
|
||||
_sharedPreferences.getInt(PreferencesKey.currentPinLength),
|
||||
PreferencesKey.currentTransactionPriorityKeyLegacy: _sharedPreferences
|
||||
.getInt(PreferencesKey.currentTransactionPriorityKeyLegacy)!,
|
||||
.getInt(PreferencesKey.currentTransactionPriorityKeyLegacy),
|
||||
PreferencesKey.allowBiometricalAuthenticationKey: _sharedPreferences
|
||||
.getBool(PreferencesKey.allowBiometricalAuthenticationKey)!,
|
||||
.getBool(PreferencesKey.allowBiometricalAuthenticationKey),
|
||||
PreferencesKey.currentBitcoinElectrumSererIdKey: _sharedPreferences
|
||||
.getInt(PreferencesKey.currentBitcoinElectrumSererIdKey)!,
|
||||
.getInt(PreferencesKey.currentBitcoinElectrumSererIdKey),
|
||||
PreferencesKey.currentLanguageCode:
|
||||
_sharedPreferences.getString(PreferencesKey.currentLanguageCode)!,
|
||||
_sharedPreferences.getString(PreferencesKey.currentLanguageCode),
|
||||
PreferencesKey.displayActionListModeKey:
|
||||
_sharedPreferences.getInt(PreferencesKey.displayActionListModeKey)!,
|
||||
_sharedPreferences.getInt(PreferencesKey.displayActionListModeKey),
|
||||
PreferencesKey.currentTheme:
|
||||
_sharedPreferences.getInt(PreferencesKey.currentTheme)!,
|
||||
_sharedPreferences.getInt(PreferencesKey.currentTheme),
|
||||
PreferencesKey.currentDefaultSettingsMigrationVersion: _sharedPreferences
|
||||
.getInt(PreferencesKey.currentDefaultSettingsMigrationVersion)!,
|
||||
.getInt(PreferencesKey.currentDefaultSettingsMigrationVersion),
|
||||
PreferencesKey.bitcoinTransactionPriority:
|
||||
_sharedPreferences.getInt(PreferencesKey.bitcoinTransactionPriority)!,
|
||||
_sharedPreferences.getInt(PreferencesKey.bitcoinTransactionPriority),
|
||||
PreferencesKey.moneroTransactionPriority:
|
||||
_sharedPreferences.getInt(PreferencesKey.moneroTransactionPriority)!,
|
||||
_sharedPreferences.getInt(PreferencesKey.moneroTransactionPriority),
|
||||
};
|
||||
|
||||
return json.encode(preferences);
|
||||
|
@ -374,16 +439,12 @@ class BackupService {
|
|||
return Uint8List.fromList(bytes);
|
||||
}
|
||||
|
||||
Future<Uint8List> _encrypt(
|
||||
Uint8List data, String secretKeySource, String nonceBase64) async {
|
||||
final secretKeyHash = await Cryptography.instance.sha256().hash(utf8.encode(secretKeySource));
|
||||
final secretKey = SecretKey(secretKeyHash.bytes);
|
||||
final nonce = base64.decode(nonceBase64).toList();
|
||||
final box = await _cipher.encrypt(data.toList(), secretKey: secretKey, nonce: nonce);
|
||||
return Uint8List.fromList(box.cipherText);
|
||||
}
|
||||
@Deprecated('Use v2 instead')
|
||||
Future<Uint8List> _encryptV1(
|
||||
Uint8List data, String secretKeySource, String nonceBase64) async
|
||||
=> throw Exception('Deprecated');
|
||||
|
||||
Future<Uint8List> _decrypt(
|
||||
Future<Uint8List> _decryptV1(
|
||||
Uint8List data, String secretKeySource, String nonceBase64, {int macLength = 16}) async {
|
||||
final secretKeyHash = await Cryptography.instance.sha256().hash(utf8.encode(secretKeySource));
|
||||
final secretKey = SecretKey(secretKeyHash.bytes);
|
||||
|
@ -395,4 +456,12 @@ class BackupService {
|
|||
final plainData = await _cipher.decrypt(box, secretKey: secretKey);
|
||||
return Uint8List.fromList(plainData);
|
||||
}
|
||||
|
||||
Future<Uint8List> _encryptV2(
|
||||
Uint8List data, String passphrase) async
|
||||
=> cake_backup.encrypt(passphrase, data, version: _v2);
|
||||
|
||||
Future<Uint8List> _decryptV2(
|
||||
Uint8List data, String passphrase) async
|
||||
=> cake_backup.decrypt(passphrase, data);
|
||||
}
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
import 'dart:io';
|
||||
import 'package:cake_wallet/palette.dart';
|
||||
import 'package:flutter/material.dart';
|
||||
import 'package:flutter/cupertino.dart';
|
||||
import 'package:flutter/services.dart';
|
||||
import 'package:flutter_mobx/flutter_mobx.dart';
|
||||
// import 'package:esys_flutter_share/esys_flutter_share.dart';
|
||||
import 'package:share_plus/share_plus.dart';
|
||||
import 'package:cross_file/cross_file.dart';
|
||||
import 'package:cake_wallet/utils/show_bar.dart';
|
||||
import 'package:cake_wallet/routes.dart';
|
||||
import 'package:cake_wallet/generated/i18n.dart';
|
||||
|
@ -103,12 +103,14 @@ class BackupPage extends BasePage {
|
|||
Navigator.of(dialogContext).pop();
|
||||
final backup = await backupViewModelBase.exportBackup();
|
||||
|
||||
if (backup == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (Platform.isAndroid) {
|
||||
onExportAndroid(context, backup!);
|
||||
onExportAndroid(context, backup);
|
||||
} else {
|
||||
// FIX-ME: Share esys_flutter_share.dart
|
||||
// await Share.file(S.of(context).backup_file, backup.name,
|
||||
// backup.content, 'application/*');
|
||||
await share(backup);
|
||||
}
|
||||
},
|
||||
actionLeftButton: () => Navigator.of(dialogContext).pop());
|
||||
|
@ -136,12 +138,20 @@ class BackupPage extends BasePage {
|
|||
backup.name, backup.content);
|
||||
Navigator.of(dialogContext).pop();
|
||||
},
|
||||
actionLeftButton: () {
|
||||
actionLeftButton: () async {
|
||||
Navigator.of(dialogContext).pop();
|
||||
// FIX-ME: Share esys_flutter_share.dart
|
||||
// Share.file(S.of(context).backup_file, backup.name,
|
||||
// backup.content, 'application/*');
|
||||
await share(backup);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
Future<void> share(BackupExportFile backup) async {
|
||||
const mimeType = 'application/*';
|
||||
final path = await backupViewModelBase.saveBackupFileLocally(backup);
|
||||
await Share.shareXFiles(<XFile>[XFile(
|
||||
path,
|
||||
name: backup.name,
|
||||
mimeType: mimeType)]);
|
||||
await backupViewModelBase.removeBackupFileLocally(backup);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -51,6 +51,21 @@ class WalletMenu {
|
|||
image: Image.asset('assets/images/open_book_menu.png',
|
||||
height: 16, width: 16),
|
||||
handler: () => Navigator.of(context).pushNamed(Routes.addressBook)),
|
||||
WalletMenuItem(
|
||||
title: S.current.backup,
|
||||
image: Image.asset('assets/images/restore_wallet.png',
|
||||
height: 16,
|
||||
width: 16,
|
||||
color: Palette.darkBlue),
|
||||
handler: () {
|
||||
Navigator.of(context).pushNamed(
|
||||
Routes.auth,
|
||||
arguments: (bool isAuthenticatedSuccessfully, AuthPageState auth) {
|
||||
if (isAuthenticatedSuccessfully) {
|
||||
auth.close(route:Routes.backup);
|
||||
}
|
||||
});
|
||||
}),
|
||||
WalletMenuItem(
|
||||
title: S.current.settings_title,
|
||||
image: Image.asset('assets/images/settings_menu.png',
|
||||
|
|
|
@ -8,6 +8,7 @@ import 'package:flutter_secure_storage/flutter_secure_storage.dart';
|
|||
import 'package:mobx/mobx.dart';
|
||||
import 'package:intl/intl.dart';
|
||||
import 'package:cake_wallet/wallet_type_utils.dart';
|
||||
import 'package:path_provider/path_provider.dart';
|
||||
|
||||
part 'backup_view_model.g.dart';
|
||||
|
||||
|
@ -71,6 +72,21 @@ abstract class BackupViewModelBase with Store {
|
|||
}
|
||||
}
|
||||
|
||||
Future<String> saveBackupFileLocally(BackupExportFile backup) async {
|
||||
final appDir = await getApplicationDocumentsDirectory();
|
||||
final path = '${appDir.path}/${backup.name}';
|
||||
final backupFile = File(path);
|
||||
await backupFile.writeAsBytes(backup.content);
|
||||
return path;
|
||||
}
|
||||
|
||||
Future<void> removeBackupFileLocally(BackupExportFile backup) async {
|
||||
final appDir = await getApplicationDocumentsDirectory();
|
||||
final path = '${appDir.path}/${backup.name}';
|
||||
final backupFile = File(path);
|
||||
await backupFile.delete();
|
||||
}
|
||||
|
||||
@action
|
||||
void showMasterPassword() => isBackupPasswordVisible = true;
|
||||
|
||||
|
|
|
@ -61,6 +61,11 @@ dependencies:
|
|||
permission_handler: ^10.0.0
|
||||
device_display_brightness: ^0.0.6
|
||||
platform_device_id: ^1.0.1
|
||||
cake_backup:
|
||||
git:
|
||||
url: https://github.com/cake-tech/cake_backup.git
|
||||
ref: main
|
||||
version: 1.0.0
|
||||
|
||||
dev_dependencies:
|
||||
flutter_test:
|
||||
|
|
Loading…
Reference in a new issue