aboutsummaryrefslogtreecommitdiff
path: root/src/crypto
diff options
context:
space:
mode:
authorluigi1111 <luigi1111w@gmail.com>2020-05-05 23:39:32 -0500
committerluigi1111 <luigi1111w@gmail.com>2020-05-05 23:39:32 -0500
commitb4023dcfc5e361be7af6254992699c7cfb090a78 (patch)
treeb41b6e8e3f8b5d14526f10c7edccb6579a4a6737 /src/crypto
parentMerge pull request #6409 (diff)
parentuse memwipe on secret k/alpha values (diff)
downloadmonero-b4023dcfc5e361be7af6254992699c7cfb090a78.tar.xz
Merge pull request #6441
613071f use memwipe on secret k/alpha values (moneromooo-monero)
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/crypto.cpp6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/crypto/crypto.cpp b/src/crypto/crypto.cpp
index 0ec992de9..8a03f28bb 100644
--- a/src/crypto/crypto.cpp
+++ b/src/crypto/crypto.cpp
@@ -294,6 +294,7 @@ namespace crypto {
sc_mulsub(&sig.r, &sig.c, &unwrap(sec), &k);
if (!sc_isnonzero((const unsigned char*)sig.r.data))
goto try_again;
+ memwipe(&k, sizeof(k));
}
bool crypto_ops::check_signature(const hash &prefix_hash, const public_key &pub, const signature &sig) {
@@ -390,6 +391,8 @@ namespace crypto {
// sig.r = k - sig.c*r
sc_mulsub(&sig.r, &sig.c, &unwrap(r), &k);
+
+ memwipe(&k, sizeof(k));
}
bool crypto_ops::check_tx_proof(const hash &prefix_hash, const public_key &R, const public_key &A, const boost::optional<public_key> &B, const public_key &D, const signature &sig) {
@@ -560,6 +563,7 @@ POP_WARNINGS
random_scalar(sig[i].c);
random_scalar(sig[i].r);
if (ge_frombytes_vartime(&tmp3, &*pubs[i]) != 0) {
+ memwipe(&k, sizeof(k));
local_abort("invalid pubkey");
}
ge_double_scalarmult_base_vartime(&tmp2, &sig[i].c, &tmp3, &sig[i].r);
@@ -573,6 +577,8 @@ POP_WARNINGS
hash_to_scalar(buf.get(), rs_comm_size(pubs_count), h);
sc_sub(&sig[sec_index].c, &h, &sum);
sc_mulsub(&sig[sec_index].r, &sig[sec_index].c, &unwrap(sec), &k);
+
+ memwipe(&k, sizeof(k));
}
bool crypto_ops::check_ring_signature(const hash &prefix_hash, const key_image &image,