diff --git a/lib/src/commands.rs b/lib/src/commands.rs index 075dbe8..e0e4c72 100644 --- a/lib/src/commands.rs +++ b/lib/src/commands.rs @@ -332,6 +332,44 @@ impl Command for UnlockCommand { } } + +struct LockCommand {} +impl Command for LockCommand { + fn help(&self) -> String { + let mut h = vec![]; + h.push("Lock a wallet that's been temporarily unlocked. You should already have encryption enabled."); + h.push("Note 1: This will remove all spending keys from memory. The wallet remains encrypted on disk"); + h.push("Note 2: If you've forgotten the password, the only way to recover the wallet is to restore"); + h.push(" from the seed phrase."); + h.push("Usage:"); + h.push("lock"); + h.push(""); + h.push("Example:"); + h.push("lock"); + + h.join("\n") + } + + fn short_help(&self) -> String { + "Lock a wallet that's been temporarily unlocked".to_string() + } + + fn exec(&self, args: &[&str], lightclient: &LightClient) -> String { + if args.len() != 0 { + return self.help(); + } + + match lightclient.wallet.write().unwrap().lock() { + Ok(_) => object!{ "result" => "success" }, + Err(e) => object!{ + "result" => "error", + "error" => e.to_string() + } + }.pretty(2) + } +} + + struct SendCommand {} impl Command for SendCommand { fn help(&self) -> String { @@ -666,6 +704,7 @@ pub fn get_commands() -> Box>> { map.insert("encrypt".to_string(), Box::new(EncryptCommand{})); map.insert("decrypt".to_string(), Box::new(DecryptCommand{})); map.insert("unlock".to_string(), Box::new(UnlockCommand{})); + map.insert("lock".to_string(), Box::new(LockCommand{})); map.insert("fixbip39bug".to_string(), Box::new(FixBip39BugCommand{})); Box::new(map) diff --git a/lib/src/lightwallet.rs b/lib/src/lightwallet.rs index 568ba64..0c4dbed 100644 --- a/lib/src/lightwallet.rs +++ b/lib/src/lightwallet.rs @@ -594,8 +594,8 @@ impl LightWallet { pub fn encrypt(&mut self, passwd: String) -> io::Result<()> { use sodiumoxide::crypto::secretbox; - if self.encrypted && !self.unlocked { - return Err(io::Error::new(ErrorKind::AlreadyExists, "Wallet is already encrypted and locked")); + if self.encrypted { + return Err(io::Error::new(ErrorKind::AlreadyExists, "Wallet is already encrypted")); } // Get the doublesha256 of the password, which is the right length @@ -615,6 +615,14 @@ impl LightWallet { } pub fn lock(&mut self) -> io::Result<()> { + if !self.encrypted { + return Err(io::Error::new(ErrorKind::AlreadyExists, "Wallet is not encrypted")); + } + + if !self.unlocked { + return Err(io::Error::new(ErrorKind::AlreadyExists, "Wallet is already locked")); + } + // Empty the seed and the secret keys self.seed.copy_from_slice(&[0u8; 32]); self.tkeys = Arc::new(RwLock::new(vec![])); @@ -3144,6 +3152,10 @@ pub mod tests { let seed = wallet.seed; + // Trying to lock a wallet that's not encrpyted is an error + assert!(wallet.lock().is_err()); + + // Encrypt the wallet wallet.encrypt("somepassword".to_string()).unwrap(); // Encrypting an already encrypted wallet should fail @@ -3188,6 +3200,9 @@ pub mod tests { wallet.lock().unwrap(); wallet.write(&mut vec![]).expect("Serialize wallet"); + // Locking an already locked wallet is an error + assert!(wallet.lock().is_err()); + // Try from a deserialized, locked wallet let mut wallet2 = LightWallet::read(&serialized_data[..], &config).unwrap(); wallet2.unlock("somepassword".to_string()).unwrap();