aboutsummaryrefslogtreecommitdiff
path: root/src/common/password.cpp
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2017-11-25 14:50:15 +0000
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2017-11-27 22:25:57 +0000
commit3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa (patch)
tree5559bcf502288a62f34e17902de92fcc2c60f110 /src/common/password.cpp
parentutils: initialize easylogging++ in on_startup (diff)
downloadmonero-3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa.tar.xz
new wipeable_string class to replace std::string passphrases
Diffstat (limited to '')
-rw-r--r--src/common/password.cpp36
1 files changed, 13 insertions, 23 deletions
diff --git a/src/common/password.cpp b/src/common/password.cpp
index 01eaf62e1..98a49eb80 100644
--- a/src/common/password.cpp
+++ b/src/common/password.cpp
@@ -56,7 +56,7 @@ namespace
return 0 != _isatty(_fileno(stdin));
}
- bool read_from_tty(std::string& pass)
+ bool read_from_tty(epee::wipeable_string& pass)
{
static constexpr const char BACKSPACE = 8;
@@ -88,8 +88,7 @@ namespace
{
if (!pass.empty())
{
- pass.back() = '\0';
- pass.resize(pass.size() - 1);
+ pass.pop_back();
}
}
else
@@ -127,7 +126,7 @@ namespace
return ch;
}
- bool read_from_tty(std::string& aPass)
+ bool read_from_tty(epee::wipeable_string& aPass)
{
static constexpr const char BACKSPACE = 127;
@@ -148,8 +147,7 @@ namespace
{
if (!aPass.empty())
{
- aPass.back() = '\0';
- aPass.resize(aPass.size() - 1);
+ aPass.pop_back();
}
}
else
@@ -163,15 +161,7 @@ namespace
#endif // end !WIN32
- void clear(std::string& pass) noexcept
- {
- // technically, the std::string documentation says the data should not be modified,
- // but there seems to be no way to get a non const raw pointer to the data
- memwipe((void*)pass.data(), pass.size());
- pass.clear();
- }
-
- bool read_from_tty(const bool verify, const char *message, std::string& pass1, std::string& pass2)
+ bool read_from_tty(const bool verify, const char *message, epee::wipeable_string& pass1, epee::wipeable_string& pass2)
{
while (true)
{
@@ -187,8 +177,8 @@ namespace
if(pass1!=pass2)
{
std::cout << "Passwords do not match! Please try again." << std::endl;
- clear(pass1);
- clear(pass2);
+ pass1.clear();
+ pass2.clear();
}
else //new password matches
return true;
@@ -201,7 +191,7 @@ namespace
return false;
}
- bool read_from_file(std::string& pass)
+ bool read_from_file(epee::wipeable_string& pass)
{
pass.reserve(tools::password_container::max_password_size);
for (size_t i = 0; i < tools::password_container::max_password_size; ++i)
@@ -236,7 +226,7 @@ namespace tools
password_container::~password_container() noexcept
{
- clear(m_password);
+ m_password.clear();
}
boost::optional<password_container> password_container::prompt(const bool verify, const char *message)
@@ -252,9 +242,8 @@ namespace tools
boost::optional<login> login::parse(std::string&& userpass, bool verify, const std::function<boost::optional<password_container>(bool)> &prompt)
{
login out{};
- password_container wipe{std::move(userpass)};
- const auto loc = wipe.password().find(':');
+ const auto loc = userpass.find(':');
if (loc == std::string::npos)
{
auto result = prompt(verify);
@@ -265,10 +254,11 @@ namespace tools
}
else
{
- out.password = password_container{wipe.password().substr(loc + 1)};
+ out.password = password_container{userpass.substr(loc + 1)};
}
- out.username = wipe.password().substr(0, loc);
+ out.username = userpass.substr(0, loc);
+ password_container wipe{std::move(userpass)};
return {std::move(out)};
}
}