test: load wallet, coverage for crypted keys

Adds test coverage for the wallet's crypted key loading from db process. The following scenarios are covered: 1) "All ckeys checksums valid" test: Loads an encrypted wallet with all the crypted keys with a valid checksum and verifies that 'CWallet::Unlock' doesn't force an entire crypted keys re-write. (we force a complete ckeys re-write if we find any missing crypted key checksum during the wallet loading process) 2) "Missing checksum in one ckey" test: Verifies that loading up a wallet with, at least one, 'ckey' with no checksum triggers a complete re-write of the crypted keys. 3) "Invalid ckey checksum error" test: Verifies that loading up a ckey with an invalid checksum stops the wallet loading process with a corruption error. 4) "Invalid ckey pubkey error" test: Verifies that loading up a ckey with an invalid pubkey stops the wallet loading process with a corruption error.
2025-01-25 18:53:23 -03:00 · 2022-11-18 17:01:07 -03:00 · 2022-11-18 17:01:07 -03:00 · 13d9760829
commit 13d9760829
parent 373c99633e
1 changed files with 135 additions and 0 deletions
--- a/src/wallet/test/walletload_tests.cpp
+++ b/src/wallet/test/walletload_tests.cpp
@ -2,6 +2,7 @@
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or https://www.opensource.org/licenses/mit-license.php.

+#include <wallet/test/util.h>
 #include <wallet/wallet.h>
 #include <test/util/setup_common.h>

@ -50,5 +51,139 @@ BOOST_FIXTURE_TEST_CASE(wallet_load_unknown_descriptor, TestingSetup)
    }
 }

+bool HasAnyRecordOfType(WalletDatabase& db, const std::string& key)
+{
+    std::unique_ptr<DatabaseBatch> batch = db.MakeBatch(false);
+    BOOST_CHECK(batch->StartCursor());
+    while (true) {
+        CDataStream ssKey(SER_DISK, CLIENT_VERSION);
+        CDataStream ssValue(SER_DISK, CLIENT_VERSION);
+        bool complete;
+        BOOST_CHECK(batch->ReadAtCursor(ssKey, ssValue, complete));
+        if (complete) break;
+        std::string type;
+        ssKey >> type;
+        if (type == key) return true;
+    }
+    return false;
+}
+
+BOOST_FIXTURE_TEST_CASE(wallet_load_verif_crypted_key_checksum, TestingSetup)
+{
+    // The test duplicates the db so each case has its own db instance.
+    int NUMBER_OF_TESTS = 4;
+    std::vector<std::unique_ptr<WalletDatabase>> dbs;
+    CKey first_key;
+    auto get_db = [](std::vector<std::unique_ptr<WalletDatabase>>& dbs) {
+        std::unique_ptr<WalletDatabase> db = std::move(dbs.back());
+        dbs.pop_back();
+        return db;
+    };
+
+    {   // Context setup.
+        // Create and encrypt legacy wallet
+        std::shared_ptr<CWallet> wallet(new CWallet(m_node.chain.get(), "", m_args, CreateMockWalletDatabase()));
+        LOCK(wallet->cs_wallet);
+        auto legacy_spkm = wallet->GetOrCreateLegacyScriptPubKeyMan();
+        BOOST_CHECK(legacy_spkm->SetupGeneration(true));
+
+        // Get the first key in the wallet
+        CTxDestination dest = *Assert(legacy_spkm->GetNewDestination(OutputType::LEGACY));
+        CKeyID key_id = GetKeyForDestination(*legacy_spkm, dest);
+        BOOST_CHECK(legacy_spkm->GetKey(key_id, first_key));
+
+        // Encrypt the wallet and duplicate database
+        BOOST_CHECK(wallet->EncryptWallet("encrypt"));
+        wallet->Flush();
+
+        DatabaseOptions options;
+        for (int i=0; i < NUMBER_OF_TESTS; i++) {
+            dbs.emplace_back(DuplicateMockDatabase(wallet->GetDatabase(), options));
+        }
+    }
+
+    {
+        // First test case:
+        // Erase all the crypted keys from db and unlock the wallet.
+        // The wallet will only re-write the crypted keys to db if any checksum is missing at load time.
+        // So, if any 'ckey' record re-appears on db, then the checksums were not properly calculated, and we are re-writing
+        // the records every time that 'CWallet::Unlock' gets called, which is not good.
+
+        // Load the wallet and check that is encrypted
+        std::shared_ptr<CWallet> wallet(new CWallet(m_node.chain.get(), "", m_args, get_db(dbs)));
+        BOOST_CHECK_EQUAL(wallet->LoadWallet(), DBErrors::LOAD_OK);
+        BOOST_CHECK(wallet->IsCrypted());
+        BOOST_CHECK(HasAnyRecordOfType(wallet->GetDatabase(), DBKeys::CRYPTED_KEY));
+
+        // Now delete all records and check that the 'Unlock' function doesn't re-write them
+        BOOST_CHECK(wallet->GetLegacyScriptPubKeyMan()->DeleteRecords());
+        BOOST_CHECK(!HasAnyRecordOfType(wallet->GetDatabase(), DBKeys::CRYPTED_KEY));
+        BOOST_CHECK(wallet->Unlock("encrypt"));
+        BOOST_CHECK(!HasAnyRecordOfType(wallet->GetDatabase(), DBKeys::CRYPTED_KEY));
+    }
+
+    {
+        // Second test case:
+        // Verify that loading up a 'ckey' with no checksum triggers a complete re-write of the crypted keys.
+        std::unique_ptr<WalletDatabase> db = get_db(dbs);
+        {
+            std::unique_ptr<DatabaseBatch> batch = db->MakeBatch(false);
+            std::pair<std::vector<unsigned char>, uint256> value;
+            BOOST_CHECK(batch->Read(std::make_pair(DBKeys::CRYPTED_KEY, first_key.GetPubKey()), value));
+
+            const auto key = std::make_pair(DBKeys::CRYPTED_KEY, first_key.GetPubKey());
+            BOOST_CHECK(batch->Write(key, value.first, /*fOverwrite=*/true));
+        }
+
+        // Load the wallet and check that is encrypted
+        std::shared_ptr<CWallet> wallet(new CWallet(m_node.chain.get(), "", m_args, std::move(db)));
+        BOOST_CHECK_EQUAL(wallet->LoadWallet(), DBErrors::LOAD_OK);
+        BOOST_CHECK(wallet->IsCrypted());
+        BOOST_CHECK(HasAnyRecordOfType(wallet->GetDatabase(), DBKeys::CRYPTED_KEY));
+
+        // Now delete all ckey records and check that the 'Unlock' function re-writes them
+        // (this is because the wallet, at load time, found a ckey record with no checksum)
+        BOOST_CHECK(wallet->GetLegacyScriptPubKeyMan()->DeleteRecords());
+        BOOST_CHECK(!HasAnyRecordOfType(wallet->GetDatabase(), DBKeys::CRYPTED_KEY));
+        BOOST_CHECK(wallet->Unlock("encrypt"));
+        BOOST_CHECK(HasAnyRecordOfType(wallet->GetDatabase(), DBKeys::CRYPTED_KEY));
+    }
+
+    {
+        // Third test case:
+        // Verify that loading up a 'ckey' with an invalid checksum throws an error.
+        std::unique_ptr<WalletDatabase> db = get_db(dbs);
+        {
+            std::unique_ptr<DatabaseBatch> batch = db->MakeBatch(false);
+            std::vector<unsigned char> crypted_data;
+            BOOST_CHECK(batch->Read(std::make_pair(DBKeys::CRYPTED_KEY, first_key.GetPubKey()), crypted_data));
+
+            // Write an invalid checksum
+            std::pair<std::vector<unsigned char>, uint256> value = std::make_pair(crypted_data, uint256::ONE);
+            const auto key = std::make_pair(DBKeys::CRYPTED_KEY, first_key.GetPubKey());
+            BOOST_CHECK(batch->Write(key, value, /*fOverwrite=*/true));
+        }
+
+        std::shared_ptr<CWallet> wallet(new CWallet(m_node.chain.get(), "", m_args, std::move(db)));
+        BOOST_CHECK_EQUAL(wallet->LoadWallet(), DBErrors::CORRUPT);
+    }
+
+    {
+        // Fourth test case:
+        // Verify that loading up a 'ckey' with an invalid pubkey throws an error
+        std::unique_ptr<WalletDatabase> db = get_db(dbs);
+        {
+            CPubKey invalid_key;
+            BOOST_ASSERT(!invalid_key.IsValid());
+            const auto key = std::make_pair(DBKeys::CRYPTED_KEY, invalid_key);
+            std::pair<std::vector<unsigned char>, uint256> value;
+            BOOST_CHECK(db->MakeBatch(false)->Write(key, value, /*fOverwrite=*/true));
+        }
+
+        std::shared_ptr<CWallet> wallet(new CWallet(m_node.chain.get(), "", m_args, std::move(db)));
+        BOOST_CHECK_EQUAL(wallet->LoadWallet(), DBErrors::CORRUPT);
+    }
+}
+
 BOOST_AUTO_TEST_SUITE_END()
 } // namespace wallet