diff --git a/test/functional/wallet_encryption.py b/test/functional/wallet_encryption.py index 5a5fb3e5be..b30a1478ab 100755 --- a/test/functional/wallet_encryption.py +++ b/test/functional/wallet_encryption.py @@ -5,7 +5,9 @@ """Test Wallet encryption""" import time +import subprocess +from test_framework.messages import hash256 from test_framework.test_framework import BitcoinTestFramework from test_framework.util import ( assert_raises_rpc_error, @@ -100,6 +102,65 @@ class WalletEncryptionTest(BitcoinTestFramework): sig = self.nodes[0].signmessage(address, msg) assert self.nodes[0].verifymessage(address, sig, msg) + self.log.info("Test that wallets without private keys cannot be encrypted") + self.nodes[0].createwallet(wallet_name="noprivs", disable_private_keys=True) + noprivs_wallet = self.nodes[0].get_wallet_rpc("noprivs") + assert_raises_rpc_error(-16, "Error: wallet does not contain private keys, nothing to encrypt.", noprivs_wallet.encryptwallet, "pass") + + if self.is_wallet_tool_compiled(): + self.log.info("Test that encryption keys in wallets without privkeys are removed") + + def do_wallet_tool(*args): + proc = subprocess.Popen( + [self.options.bitcoinwallet, f"-datadir={self.nodes[0].datadir_path}", f"-chain={self.chain}"] + list(args), + stdin=subprocess.PIPE, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + text=True + ) + stdout, stderr = proc.communicate() + assert_equal(proc.poll(), 0) + assert_equal(stderr, "") + + # Since it is no longer possible to encrypt a wallet without privkeys, we need to force one into the wallet + # 1. Make a dump of the wallet + # 2. Add mkey record to the dump + # 3. Create a new wallet from the dump + + # Make the dump + noprivs_wallet.unloadwallet() + dumpfile_path = self.nodes[0].datadir_path / "noprivs.dump" + do_wallet_tool("-wallet=noprivs", f"-dumpfile={dumpfile_path}", "dump") + + # Modify the dump + with open(dumpfile_path, "r", encoding="utf-8") as f: + dump_content = f.readlines() + # Drop the checksum line + dump_content = dump_content[:-1] + # Insert a valid mkey line. This corresponds to a passphrase of "pass". + dump_content.append("046d6b657901000000,300dc926f3b3887aad3d5d5f5a0fc1b1a4a1722f9284bd5c6ff93b64a83902765953939c58fe144013c8b819f42cf698b208e9911e5f0c544fa300000000cc52050000\n") + with open(dumpfile_path, "w", encoding="utf-8") as f: + contents = "".join(dump_content) + f.write(contents) + checksum = hash256(contents.encode()) + f.write(f"checksum,{checksum.hex()}\n") + + # Load the dump into a new wallet + do_wallet_tool("-wallet=noprivs_enc", f"-dumpfile={dumpfile_path}", "createfromdump") + # Load the wallet and make sure it is no longer encrypted + with self.nodes[0].assert_debug_log(["Detected extraneous encryption keys in this wallet without private keys. Removing extraneous encryption keys."]): + self.nodes[0].loadwallet("noprivs_enc") + noprivs_wallet = self.nodes[0].get_wallet_rpc("noprivs_enc") + assert_raises_rpc_error(-15, "Error: running with an unencrypted wallet, but walletpassphrase was called.", noprivs_wallet.walletpassphrase, "pass", 1) + noprivs_wallet.unloadwallet() + + # Make a new dump and check that there are no mkeys + dumpfile_path = self.nodes[0].datadir_path / "noprivs_enc.dump" + do_wallet_tool("-wallet=noprivs_enc", f"-dumpfile={dumpfile_path}", "dump") + with open(dumpfile_path, "r", encoding="utf-8") as f: + # Check theres nothing with an 'mkey' prefix + assert_equal(all([not line.startswith("046d6b6579") for line in f]), True) + if __name__ == '__main__': WalletEncryptionTest(__file__).main()