ARCHIVE/xahaud
3
0
Fork 0
mirror of https://github.com/Xahau/xahaud.git synced 2025-12-06 17:27:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8429dd67e60ba360da591bfa905b58a35638fda1
xahaud/src/ripple/protocol/Seed.h
Nikolaos D. Bougalis d5f981f5fc Address issues identified by external review: 
* RIPD-1617, RIPD-1619, RIPD-1621:
  Verify serialized public keys more strictly before
  using them.

* RIPD-1618:
    * Simplify the base58 decoder logic.
    * Reduce the complexity of the base58 encoder and
      eliminate a potential out-of-bounds memory access.
    * Improve type safety by using an `enum class` to
      enforce strict type checking for token types.

* RIPD-1616:
  Avoid calling `memcpy` with a null pointer even if the
  size is specified as zero, since it results in undefined
  behavior.

Acknowledgements:
Ripple thanks Guido Vranken for responsibly disclosing these
issues.

Bug Bounties and Responsible Disclosures:
We welcome reviews of the rippled code and urge researchers
to responsibly disclose any issues that they may find. For
more on Ripple's Bug Bounty program, please visit:
https://ripple.com/bug-bounty
2018-03-21 20:39:18 -07:00

111 lines
2.9 KiB
C++
Raw Blame History

//------------------------------------------------------------------------------
/*
This file is part of rippled: https://github.com/ripple/rippled
Copyright (c) 2012, 2013 Ripple Labs Inc.
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL , DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
//==============================================================================
#ifndef RIPPLE_PROTOCOL_SEED_H_INCLUDED
#define RIPPLE_PROTOCOL_SEED_H_INCLUDED
#include <ripple/basics/base_uint.h>
#include <ripple/basics/Slice.h>
#include <ripple/protocol/tokens.h>
#include <boost/optional.hpp>
#include <array>
namespace ripple {
/** Seeds are used to generate deterministic secret keys. */
class Seed
{
private:
std::array<uint8_t, 16> buf_;
public:
Seed() = delete;
Seed (Seed const&) = default;
Seed& operator= (Seed const&) = default;
/** Destroy the seed.
The buffer will first be securely erased.
*/
~Seed();
/** Construct a seed */
/** @{ */
explicit Seed (Slice const& slice);
explicit Seed (uint128 const& seed);
/** @} */
std::uint8_t const*
data() const
{
return buf_.data();
}
std::size_t
size() const
{
return buf_.size();
}
};
//------------------------------------------------------------------------------
/** Create a seed using secure random numbers. */
Seed
randomSeed();
/** Generate a seed deterministically.
The algorithm is specific to Ripple:
The seed is calculated as the first 128 bits
of the SHA512-Half of the string text excluding
any terminating null.
@note This will not attempt to determine the format of
the string (e.g. hex or base58).
*/
Seed
generateSeed (std::string const& passPhrase);
/** Parse a Base58 encoded string into a seed */
template <>
boost::optional<Seed>
parseBase58 (std::string const& s);
/** Attempt to parse a string as a seed */
boost::optional<Seed>
parseGenericSeed (std::string const& str);
/** Encode a Seed in RFC1751 format */
std::string
seedAs1751 (Seed const& seed);
/** Format a seed as a Base58 string */
inline
std::string
toBase58 (Seed const& seed)
{
return base58EncodeToken(TokenType::FamilySeed, seed.data(), seed.size());
}
}
#endif
Reference in New Issue View Git Blame Copy Permalink