aboutsummaryrefslogtreecommitdiff
path: root/src/leveldbwrapper.cpp
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@gmail.com>2015-10-06 17:32:18 +0200
committerWladimir J. van der Laan <laanwj@gmail.com>2015-10-06 17:50:46 +0200
commit4fac576c619f450da8ca09ac8790063b3dea4364 (patch)
tree36184ec8419bc1ae12a0285c58406a745e7a6d71 /src/leveldbwrapper.cpp
parentb7d78fd0bd244b324ded4131c1dd0ec81a87d15d (diff)
parent42cb388167ef78f47a3a440eb651b6938c10f508 (diff)
Merge pull request #6650
42cb388 Add chainstate obfuscation to avoid spurious antivirus detection (James O'Beirne)
Diffstat (limited to 'src/leveldbwrapper.cpp')
-rw-r--r--src/leveldbwrapper.cpp60
1 files changed, 59 insertions, 1 deletions
diff --git a/src/leveldbwrapper.cpp b/src/leveldbwrapper.cpp
index 26cacf95ae..ce96b5c8aa 100644
--- a/src/leveldbwrapper.cpp
+++ b/src/leveldbwrapper.cpp
@@ -5,6 +5,7 @@
#include "leveldbwrapper.h"
#include "util.h"
+#include "random.h"
#include <boost/filesystem.hpp>
@@ -12,6 +13,7 @@
#include <leveldb/env.h>
#include <leveldb/filter_policy.h>
#include <memenv.h>
+#include <stdint.h>
void HandleError(const leveldb::Status& status) throw(leveldb_error)
{
@@ -43,7 +45,7 @@ static leveldb::Options GetOptions(size_t nCacheSize)
return options;
}
-CLevelDBWrapper::CLevelDBWrapper(const boost::filesystem::path& path, size_t nCacheSize, bool fMemory, bool fWipe)
+CLevelDBWrapper::CLevelDBWrapper(const boost::filesystem::path& path, size_t nCacheSize, bool fMemory, bool fWipe, bool obfuscate)
{
penv = NULL;
readoptions.verify_checksums = true;
@@ -67,6 +69,25 @@ CLevelDBWrapper::CLevelDBWrapper(const boost::filesystem::path& path, size_t nCa
leveldb::Status status = leveldb::DB::Open(options, path.string(), &pdb);
HandleError(status);
LogPrintf("Opened LevelDB successfully\n");
+
+ // The base-case obfuscation key, which is a noop.
+ obfuscate_key = std::vector<unsigned char>(OBFUSCATE_KEY_NUM_BYTES, '\000');
+
+ bool key_exists = Read(OBFUSCATE_KEY_KEY, obfuscate_key);
+
+ if (!key_exists && obfuscate && IsEmpty()) {
+ // Initialize non-degenerate obfuscation if it won't upset
+ // existing, non-obfuscated data.
+ std::vector<unsigned char> new_key = CreateObfuscateKey();
+
+ // Write `new_key` so we don't obfuscate the key with itself
+ Write(OBFUSCATE_KEY_KEY, new_key);
+ obfuscate_key = new_key;
+
+ LogPrintf("Wrote new obfuscate key for %s: %s\n", path.string(), GetObfuscateKeyHex());
+ }
+
+ LogPrintf("Using obfuscation key for %s: %s\n", path.string(), GetObfuscateKeyHex());
}
CLevelDBWrapper::~CLevelDBWrapper()
@@ -87,3 +108,40 @@ bool CLevelDBWrapper::WriteBatch(CLevelDBBatch& batch, bool fSync) throw(leveldb
HandleError(status);
return true;
}
+
+// Prefixed with null character to avoid collisions with other keys
+//
+// We must use a string constructor which specifies length so that we copy
+// past the null-terminator.
+const std::string CLevelDBWrapper::OBFUSCATE_KEY_KEY("\000obfuscate_key", 14);
+
+const unsigned int CLevelDBWrapper::OBFUSCATE_KEY_NUM_BYTES = 8;
+
+/**
+ * Returns a string (consisting of 8 random bytes) suitable for use as an
+ * obfuscating XOR key.
+ */
+std::vector<unsigned char> CLevelDBWrapper::CreateObfuscateKey() const
+{
+ unsigned char buff[OBFUSCATE_KEY_NUM_BYTES];
+ GetRandBytes(buff, OBFUSCATE_KEY_NUM_BYTES);
+ return std::vector<unsigned char>(&buff[0], &buff[OBFUSCATE_KEY_NUM_BYTES]);
+
+}
+
+bool CLevelDBWrapper::IsEmpty()
+{
+ boost::scoped_ptr<leveldb::Iterator> it(NewIterator());
+ it->SeekToFirst();
+ return !(it->Valid());
+}
+
+const std::vector<unsigned char>& CLevelDBWrapper::GetObfuscateKey() const
+{
+ return obfuscate_key;
+}
+
+std::string CLevelDBWrapper::GetObfuscateKeyHex() const
+{
+ return HexStr(obfuscate_key);
+}