diff options
author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-10-26 10:21:06 +0100 |
---|---|---|
committer | Jonathan Roelofs <jonathan@codesourcery.com> | 2017-12-16 15:40:33 -0700 |
commit | 7193b89fe567327bb78f4c61c887b2e2fad2ed51 (patch) | |
tree | c3064389fdc8d4a07b78882bc77cf475cb4e8d9d /src/wallet | |
parent | Merge pull request #2881 (diff) | |
download | monero-7193b89fe567327bb78f4c61c887b2e2fad2ed51.tar.xz |
Scrub keys from memory just before scope end.
Partially implements #74.
Securely erases keys from memory after they are no longer needed. Might have a
performance impact, which I haven't measured (perf measurements aren't
generally reliable on laptops).
Thanks to @stoffu for the suggestion to specialize the pod_to_hex/hex_to_pod
functions. Using overloads + SFINAE instead generalizes it so other types can
be marked as scrubbed without adding more boilerplate.
Diffstat (limited to '')
-rw-r--r-- | src/wallet/wallet2.cpp | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index 59e759bfc..ef8a75375 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -57,6 +57,7 @@ using namespace epee; #include "rapidjson/writer.h" #include "rapidjson/stringbuffer.h" #include "common/json_util.h" +#include "common/memwipe.h" #include "common/base58.h" #include "ringct/rctSigs.h" @@ -2761,12 +2762,11 @@ bool wallet2::generate_chacha8_key_from_secret_keys(crypto::chacha8_key &key) co const account_keys &keys = m_account.get_keys(); const crypto::secret_key &view_key = keys.m_view_secret_key; const crypto::secret_key &spend_key = keys.m_spend_secret_key; - char data[sizeof(view_key) + sizeof(spend_key) + 1]; - memcpy(data, &view_key, sizeof(view_key)); - memcpy(data + sizeof(view_key), &spend_key, sizeof(spend_key)); + tools::scrubbed_arr<char, sizeof(view_key) + sizeof(spend_key) + 1> data; + memcpy(data.data(), &view_key, sizeof(view_key)); + memcpy(data.data() + sizeof(view_key), &spend_key, sizeof(spend_key)); data[sizeof(data) - 1] = CHACHA8_KEY_TAIL; - crypto::generate_chacha8_key(data, sizeof(data), key); - memset(data, 0, sizeof(data)); + crypto::generate_chacha8_key(data.data(), sizeof(data), key); return true; } //---------------------------------------------------------------------------------------------------- |