diff options
| author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-11-25 14:50:15 +0000 |
|---|---|---|
| committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-11-27 22:25:57 +0000 |
| commit | 3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa (patch) | |
| tree | 5559bcf502288a62f34e17902de92fcc2c60f110 /src/common/password.cpp | |
| parent | utils: initialize easylogging++ in on_startup (diff) | |
| download | monero-3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa.tar.xz | |
new wipeable_string class to replace std::string passphrases
Diffstat (limited to 'src/common/password.cpp')
| -rw-r--r-- | src/common/password.cpp | 36 |
1 files changed, 13 insertions, 23 deletions
diff --git a/src/common/password.cpp b/src/common/password.cpp index 01eaf62e1..98a49eb80 100644 --- a/src/common/password.cpp +++ b/src/common/password.cpp @@ -56,7 +56,7 @@ namespace return 0 != _isatty(_fileno(stdin)); } - bool read_from_tty(std::string& pass) + bool read_from_tty(epee::wipeable_string& pass) { static constexpr const char BACKSPACE = 8; @@ -88,8 +88,7 @@ namespace { if (!pass.empty()) { - pass.back() = '\0'; - pass.resize(pass.size() - 1); + pass.pop_back(); } } else @@ -127,7 +126,7 @@ namespace return ch; } - bool read_from_tty(std::string& aPass) + bool read_from_tty(epee::wipeable_string& aPass) { static constexpr const char BACKSPACE = 127; @@ -148,8 +147,7 @@ namespace { if (!aPass.empty()) { - aPass.back() = '\0'; - aPass.resize(aPass.size() - 1); + aPass.pop_back(); } } else @@ -163,15 +161,7 @@ namespace #endif // end !WIN32 - void clear(std::string& pass) noexcept - { - // technically, the std::string documentation says the data should not be modified, - // but there seems to be no way to get a non const raw pointer to the data - memwipe((void*)pass.data(), pass.size()); - pass.clear(); - } - - bool read_from_tty(const bool verify, const char *message, std::string& pass1, std::string& pass2) + bool read_from_tty(const bool verify, const char *message, epee::wipeable_string& pass1, epee::wipeable_string& pass2) { while (true) { @@ -187,8 +177,8 @@ namespace if(pass1!=pass2) { std::cout << "Passwords do not match! Please try again." << std::endl; - clear(pass1); - clear(pass2); + pass1.clear(); + pass2.clear(); } else //new password matches return true; @@ -201,7 +191,7 @@ namespace return false; } - bool read_from_file(std::string& pass) + bool read_from_file(epee::wipeable_string& pass) { pass.reserve(tools::password_container::max_password_size); for (size_t i = 0; i < tools::password_container::max_password_size; ++i) @@ -236,7 +226,7 @@ namespace tools password_container::~password_container() noexcept { - clear(m_password); + m_password.clear(); } boost::optional<password_container> password_container::prompt(const bool verify, const char *message) @@ -252,9 +242,8 @@ namespace tools boost::optional<login> login::parse(std::string&& userpass, bool verify, const std::function<boost::optional<password_container>(bool)> &prompt) { login out{}; - password_container wipe{std::move(userpass)}; - const auto loc = wipe.password().find(':'); + const auto loc = userpass.find(':'); if (loc == std::string::npos) { auto result = prompt(verify); @@ -265,10 +254,11 @@ namespace tools } else { - out.password = password_container{wipe.password().substr(loc + 1)}; + out.password = password_container{userpass.substr(loc + 1)}; } - out.username = wipe.password().substr(0, loc); + out.username = userpass.substr(0, loc); + password_container wipe{std::move(userpass)}; return {std::move(out)}; } } |