store secret keys encrypted where possible

The secret spend key is kept encrypted in memory, and decrypted on the fly when needed. Both spend and view secret keys are kept encrypted in a JSON field in the keys file. This avoids leaving the keys in memory due to being manipulated by the JSON I/O API.
author: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2018-07-08 21:12:33 +0100
committer: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2018-08-16 11:57:43 +0000
commit: e9ffa91257b672009e8b8c84027378f3893a6d01 (patch)
tree: f27f1f5fd653756de9c6e990c262b31856369bb8 /src/wallet/api/wallet.cpp
parent: wallet: wipe seed from memory where appropriate (diff)
download: monero-e9ffa91257b672009e8b8c84027378f3893a6d01.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/src/wallet/api/wallet.cpp b/src/wallet/api/wallet.cpp
index e75bee5c9..bfd0e4aff 100644
--- a/src/wallet/api/wallet.cpp
+++ b/src/wallet/api/wallet.cpp
@@ -2032,7 +2032,8 @@ bool WalletImpl::isNewWallet() const
 
 bool WalletImpl::doInit(const string &daemon_address, uint64_t upper_transaction_size_limit, bool ssl)
 {
-    if (!m_wallet->init(daemon_address, m_daemon_login, upper_transaction_size_limit, ssl))
+    // claim RPC so there's no in-memory encryption for now
+    if (!m_wallet->init(true, daemon_address, m_daemon_login, upper_transaction_size_limit, ssl))
        return false;
 
     // in case new wallet, this will force fast-refresh (pulling hashes instead of blocks)
author	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2018-07-08 21:12:33 +0100
committer	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2018-08-16 11:57:43 +0000
commit	e9ffa91257b672009e8b8c84027378f3893a6d01 (patch)
tree	f27f1f5fd653756de9c6e990c262b31856369bb8 /src/wallet/api/wallet.cpp
parent	wallet: wipe seed from memory where appropriate (diff)
download	monero-e9ffa91257b672009e8b8c84027378f3893a6d01.tar.xz