diff --git a/src/wallet/crypter.h b/src/wallet/crypter.h index f57e8f55d47..b8ac4b7e7ab 100644 --- a/src/wallet/crypter.h +++ b/src/wallet/crypter.h @@ -42,6 +42,11 @@ public: //! Use this for more parameters to key derivation (currently unused) std::vector vchOtherDerivationParameters; + //! Default/minimum number of key derivation rounds + // 25000 rounds is just under 0.1 seconds on a 1.86 GHz Pentium M + // ie slightly lower than the lowest hardware we need bother supporting + static constexpr int DEFAULT_DERIVE_ITERATIONS = 25000; + SERIALIZE_METHODS(CMasterKey, obj) { READWRITE(obj.vchCryptedKey, obj.vchSalt, obj.nDerivationMethod, obj.nDeriveIterations, obj.vchOtherDerivationParameters); @@ -49,9 +54,7 @@ public: CMasterKey() { - // 25000 rounds is just under 0.1 seconds on a 1.86 GHz Pentium M - // ie slightly lower than the lowest hardware we need bother supporting - nDeriveIterations = 25000; + nDeriveIterations = DEFAULT_DERIVE_ITERATIONS; nDerivationMethod = 0; vchOtherDerivationParameters = std::vector(0); } diff --git a/src/wallet/wallet.cpp b/src/wallet/wallet.cpp index 82c0d2caf1e..1d4fdba2881 100644 --- a/src/wallet/wallet.cpp +++ b/src/wallet/wallet.cpp @@ -622,8 +622,8 @@ bool CWallet::ChangeWalletPassphrase(const SecureString& strOldWalletPassphrase, crypter.SetKeyFromPassphrase(strNewWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod); pMasterKey.second.nDeriveIterations = (pMasterKey.second.nDeriveIterations + static_cast(pMasterKey.second.nDeriveIterations * target / (SteadyClock::now() - start))) / 2; - if (pMasterKey.second.nDeriveIterations < 25000) - pMasterKey.second.nDeriveIterations = 25000; + if (pMasterKey.second.nDeriveIterations < CMasterKey::DEFAULT_DERIVE_ITERATIONS) + pMasterKey.second.nDeriveIterations = CMasterKey::DEFAULT_DERIVE_ITERATIONS; WalletLogPrintf("Wallet passphrase changed to an nDeriveIterations of %i\n", pMasterKey.second.nDeriveIterations); @@ -819,15 +819,15 @@ bool CWallet::EncryptWallet(const SecureString& strWalletPassphrase) CCrypter crypter; constexpr MillisecondsDouble target{100}; auto start{SteadyClock::now()}; - crypter.SetKeyFromPassphrase(strWalletPassphrase, kMasterKey.vchSalt, 25000, kMasterKey.nDerivationMethod); - kMasterKey.nDeriveIterations = static_cast(25000 * target / (SteadyClock::now() - start)); + crypter.SetKeyFromPassphrase(strWalletPassphrase, kMasterKey.vchSalt, CMasterKey::DEFAULT_DERIVE_ITERATIONS, kMasterKey.nDerivationMethod); + kMasterKey.nDeriveIterations = static_cast(CMasterKey::DEFAULT_DERIVE_ITERATIONS * target / (SteadyClock::now() - start)); start = SteadyClock::now(); crypter.SetKeyFromPassphrase(strWalletPassphrase, kMasterKey.vchSalt, kMasterKey.nDeriveIterations, kMasterKey.nDerivationMethod); kMasterKey.nDeriveIterations = (kMasterKey.nDeriveIterations + static_cast(kMasterKey.nDeriveIterations * target / (SteadyClock::now() - start))) / 2; - if (kMasterKey.nDeriveIterations < 25000) - kMasterKey.nDeriveIterations = 25000; + if (kMasterKey.nDeriveIterations < CMasterKey::DEFAULT_DERIVE_ITERATIONS) + kMasterKey.nDeriveIterations = CMasterKey::DEFAULT_DERIVE_ITERATIONS; WalletLogPrintf("Encrypting Wallet with an nDeriveIterations of %i\n", kMasterKey.nDeriveIterations);