aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/chacha.h
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2018-07-15 14:33:48 +0100
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2018-08-16 11:57:49 +0000
commitab74dc277aac3922a266ccae30fa2c30d9222790 (patch)
tree5846c8cf7c865417039aa90540f330e950625ae6 /src/crypto/chacha.h
parentcommon: add a class to safely wrap mlock/munlock (diff)
downloadmonero-ab74dc277aac3922a266ccae30fa2c30d9222790.tar.xz
crypto: make secret_key automatically mlock
Diffstat (limited to '')
-rw-r--r--src/crypto/chacha.h11
1 files changed, 6 insertions, 5 deletions
diff --git a/src/crypto/chacha.h b/src/crypto/chacha.h
index 1dc270faf..6e85ad0e9 100644
--- a/src/crypto/chacha.h
+++ b/src/crypto/chacha.h
@@ -40,6 +40,7 @@
#include <memory.h>
#include "memwipe.h"
+#include "mlocker.h"
#include "hash.h"
namespace crypto {
@@ -50,7 +51,7 @@ namespace crypto {
#if defined(__cplusplus)
}
- using chacha_key = tools::scrubbed_arr<uint8_t, CHACHA_KEY_SIZE>;
+ using chacha_key = epee::mlocked<tools::scrubbed_arr<uint8_t, CHACHA_KEY_SIZE>>;
#pragma pack(push, 1)
// MS VC 2012 doesn't interpret `class chacha_iv` as POD in spite of [9.0.10], so it is a struct
@@ -71,20 +72,20 @@ namespace crypto {
inline void generate_chacha_key(const void *data, size_t size, chacha_key& key, uint64_t kdf_rounds) {
static_assert(sizeof(chacha_key) <= sizeof(hash), "Size of hash must be at least that of chacha_key");
- tools::scrubbed_arr<char, HASH_SIZE> pwd_hash;
+ epee::mlocked<tools::scrubbed_arr<char, HASH_SIZE>> pwd_hash;
crypto::cn_slow_hash(data, size, pwd_hash.data(), 0/*variant*/, 0/*prehashed*/);
for (uint64_t n = 1; n < kdf_rounds; ++n)
crypto::cn_slow_hash(pwd_hash.data(), pwd_hash.size(), pwd_hash.data(), 0/*variant*/, 0/*prehashed*/);
- memcpy(&unwrap(key), pwd_hash.data(), sizeof(key));
+ memcpy(&unwrap(unwrap(key)), pwd_hash.data(), sizeof(key));
}
inline void generate_chacha_key_prehashed(const void *data, size_t size, chacha_key& key, uint64_t kdf_rounds) {
static_assert(sizeof(chacha_key) <= sizeof(hash), "Size of hash must be at least that of chacha_key");
- tools::scrubbed_arr<char, HASH_SIZE> pwd_hash;
+ epee::mlocked<tools::scrubbed_arr<char, HASH_SIZE>> pwd_hash;
crypto::cn_slow_hash(data, size, pwd_hash.data(), 0/*variant*/, 1/*prehashed*/);
for (uint64_t n = 1; n < kdf_rounds; ++n)
crypto::cn_slow_hash(pwd_hash.data(), pwd_hash.size(), pwd_hash.data(), 0/*variant*/, 0/*prehashed*/);
- memcpy(&unwrap(key), pwd_hash.data(), sizeof(key));
+ memcpy(&unwrap(unwrap(key)), pwd_hash.data(), sizeof(key));
}
inline void generate_chacha_key(std::string password, chacha_key& key, uint64_t kdf_rounds) {