new wipeable_string class to replace std::string passphrases

author: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2017-11-25 14:50:15 +0000
committer: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2017-11-27 22:25:57 +0000
commit: 3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa (patch)
tree: 5559bcf502288a62f34e17902de92fcc2c60f110 /src/wallet
parent: utils: initialize easylogging++ in on_startup (diff)
download: monero-3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa.tar.xz
3 files changed, 30 insertions, 29 deletions
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index 3a8662890..13bf54212 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -602,7 +602,7 @@ bool wallet2::is_deterministic() const
   return keys_deterministic;
 }
 //----------------------------------------------------------------------------------------------------
-bool wallet2::get_seed(std::string& electrum_words, const std::string &passphrase) const
+bool wallet2::get_seed(std::string& electrum_words, const epee::wipeable_string &passphrase) const
 {
   bool keys_deterministic = is_deterministic();
   if (!keys_deterministic)
@@ -2128,7 +2128,7 @@ bool wallet2::clear()
  * \param  watch_only     true to save only view key, false to save both spend and view keys
  * \return                Whether it was successful.
  */
-bool wallet2::store_keys(const std::string& keys_file_name, const std::string& password, bool watch_only)
+bool wallet2::store_keys(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only)
 {
   std::string account_data;
   cryptonote::account_base account = m_account;
@@ -2214,7 +2214,7 @@ bool wallet2::store_keys(const std::string& keys_file_name, const std::string& p
 
   // Encrypt the entire JSON object.
   crypto::chacha8_key key;
-  crypto::generate_chacha8_key(password, key);
+  crypto::generate_chacha8_key(password.data(), password.size(), key);
   std::string cipher;
   cipher.resize(account_data.size());
   keys_file_data.iv = crypto::rand<crypto::chacha8_iv>();
@@ -2244,7 +2244,7 @@ namespace
  * \param keys_file_name Name of wallet file
  * \param password       Password of wallet file
  */
-bool wallet2::load_keys(const std::string& keys_file_name, const std::string& password)
+bool wallet2::load_keys(const std::string& keys_file_name, const epee::wipeable_string& password)
 {
   wallet2::keys_file_data keys_file_data;
   std::string buf;
@@ -2255,7 +2255,7 @@ bool wallet2::load_keys(const std::string& keys_file_name, const std::string& pa
   r = ::serialization::parse_binary(buf, keys_file_data);
   THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name + '\"');
   crypto::chacha8_key key;
-  crypto::generate_chacha8_key(password, key);
+  crypto::generate_chacha8_key(password.data(), password.size(), key);
   std::string account_data;
   account_data.resize(keys_file_data.account_data.size());
   crypto::chacha8(keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]);
@@ -2379,7 +2379,7 @@ bool wallet2::load_keys(const std::string& keys_file_name, const std::string& pa
  * can be used prior to rewriting wallet keys file, to ensure user has entered the correct password
  *
  */
-bool wallet2::verify_password(const std::string& password) const
+bool wallet2::verify_password(const epee::wipeable_string& password) const
 {
   return verify_password(m_keys_file, password, m_watch_only);
 }
@@ -2396,7 +2396,7 @@ bool wallet2::verify_password(const std::string& password) const
  * can be used prior to rewriting wallet keys file, to ensure user has entered the correct password
  *
  */
-bool wallet2::verify_password(const std::string& keys_file_name, const std::string& password, bool watch_only)
+bool wallet2::verify_password(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only)
 {
   wallet2::keys_file_data keys_file_data;
   std::string buf;
@@ -2407,7 +2407,7 @@ bool wallet2::verify_password(const std::string& keys_file_name, const std::stri
   r = ::serialization::parse_binary(buf, keys_file_data);
   THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name + '\"');
   crypto::chacha8_key key;
-  crypto::generate_chacha8_key(password, key);
+  crypto::generate_chacha8_key(password.data(), password.size(), key);
   std::string account_data;
   account_data.resize(keys_file_data.account_data.size());
   crypto::chacha8(keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]);
@@ -2444,7 +2444,7 @@ bool wallet2::verify_password(const std::string& keys_file_name, const std::stri
  * \param  two_random     Whether it is a non-deterministic wallet
  * \return                The secret key of the generated wallet
  */
-crypto::secret_key wallet2::generate(const std::string& wallet_, const std::string& password,
+crypto::secret_key wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
   const crypto::secret_key& recovery_param, bool recover, bool two_random)
 {
   clear();
@@ -2511,7 +2511,7 @@ crypto::secret_key wallet2::generate(const std::string& wallet_, const std::stri
 * \param  password       Password of wallet file
 * \param  viewkey        view secret key
 */
-void wallet2::generate(const std::string& wallet_, const std::string& password,
+void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
   const cryptonote::account_public_address &account_public_address,
   const crypto::secret_key& viewkey)
 {
@@ -2547,7 +2547,7 @@ void wallet2::generate(const std::string& wallet_, const std::string& password,
 * \param  spendkey       spend secret key
 * \param  viewkey        view secret key
 */
-void wallet2::generate(const std::string& wallet_, const std::string& password,
+void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
   const cryptonote::account_public_address &account_public_address,
   const crypto::secret_key& spendkey, const crypto::secret_key& viewkey)
 {
@@ -2581,7 +2581,7 @@ void wallet2::generate(const std::string& wallet_, const std::string& password,
  * \param wallet_name Name of wallet file (should exist)
  * \param password    Password for wallet file
  */
-void wallet2::rewrite(const std::string& wallet_name, const std::string& password)
+void wallet2::rewrite(const std::string& wallet_name, const epee::wipeable_string& password)
 {
   prepare_file_names(wallet_name);
   boost::system::error_code ignored_ec;
@@ -2594,7 +2594,7 @@ void wallet2::rewrite(const std::string& wallet_name, const std::string& passwor
  * \param wallet_name Base name of wallet file
  * \param password    Password for wallet file
  */
-void wallet2::write_watch_only_wallet(const std::string& wallet_name, const std::string& password)
+void wallet2::write_watch_only_wallet(const std::string& wallet_name, const epee::wipeable_string& password)
 {
   prepare_file_names(wallet_name);
   boost::system::error_code ignored_ec;
@@ -2730,7 +2730,7 @@ bool wallet2::generate_chacha8_key_from_secret_keys(crypto::chacha8_key &key) co
   return true;
 }
 //----------------------------------------------------------------------------------------------------
-void wallet2::load(const std::string& wallet_, const std::string& password)
+void wallet2::load(const std::string& wallet_, const epee::wipeable_string& password)
 {
   clear();
   prepare_file_names(wallet_);
@@ -2881,10 +2881,10 @@ std::string wallet2::path() const
 //----------------------------------------------------------------------------------------------------
 void wallet2::store()
 {
-  store_to("", "");
+  store_to("", epee::wipeable_string());
 }
 //----------------------------------------------------------------------------------------------------
-void wallet2::store_to(const std::string &path, const std::string &password)
+void wallet2::store_to(const std::string &path, const epee::wipeable_string &password)
 {
   trim_hashchain();
 
diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h
index ce0c67fc3..9308aadeb 100644
--- a/src/wallet/wallet2.h
+++ b/src/wallet/wallet2.h
@@ -168,7 +168,7 @@ namespace tools
     //! Just parses variables.
     static std::unique_ptr<wallet2> make_dummy(const boost::program_options::variables_map& vm, const std::function<boost::optional<password_container>(const char *, bool)> &password_prompter);
 
-    static bool verify_password(const std::string& keys_file_name, const std::string& password, bool watch_only);
+    static bool verify_password(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only);
 
     wallet2(bool testnet = false, bool restricted = false) : m_run(true), m_callback(0), m_testnet(testnet), m_always_confirm_transfers(true), m_print_ring_members(false), m_store_tx_info(true), m_default_mixin(0), m_default_priority(0), m_refresh_type(RefreshDefault), m_auto_refresh(true), m_refresh_from_block_height(0), m_confirm_missing_payment_id(true), m_ask_password(true), m_min_output_count(0), m_min_output_value(0), m_merge_destinations(false), m_confirm_backlog(true), m_is_initialized(false), m_restricted(restricted), is_old_file_format(false), m_node_rpc_proxy(m_http_client, m_daemon_rpc_mutex), m_light_wallet(false), m_light_wallet_scanned_block_height(0), m_light_wallet_blockchain_height(0), m_light_wallet_connected(false), m_light_wallet_balance(0), m_light_wallet_unlocked_balance(0) {}
 
@@ -398,7 +398,7 @@ namespace tools
      * \param  two_random     Whether it is a non-deterministic wallet
      * \return                The secret key of the generated wallet
      */
-    crypto::secret_key generate(const std::string& wallet, const std::string& password,
+    crypto::secret_key generate(const std::string& wallet, const epee::wipeable_string& password,
       const crypto::secret_key& recovery_param = crypto::secret_key(), bool recover = false,
       bool two_random = false);
     /*!
@@ -408,7 +408,7 @@ namespace tools
      * \param  viewkey        view secret key
      * \param  spendkey       spend secret key
      */
-    void generate(const std::string& wallet, const std::string& password,
+    void generate(const std::string& wallet, const epee::wipeable_string& password,
       const cryptonote::account_public_address &account_public_address,
       const crypto::secret_key& spendkey, const crypto::secret_key& viewkey);
     /*!
@@ -417,7 +417,7 @@ namespace tools
      * \param  password       Password of wallet file
      * \param  viewkey        view secret key
      */
-    void generate(const std::string& wallet, const std::string& password,
+    void generate(const std::string& wallet, const epee::wipeable_string& password,
       const cryptonote::account_public_address &account_public_address,
       const crypto::secret_key& viewkey = crypto::secret_key());
     /*!
@@ -425,23 +425,23 @@ namespace tools
      * \param wallet_name Name of wallet file (should exist)
      * \param password    Password for wallet file
      */
-    void rewrite(const std::string& wallet_name, const std::string& password);
-    void write_watch_only_wallet(const std::string& wallet_name, const std::string& password);
-    void load(const std::string& wallet, const std::string& password);
+    void rewrite(const std::string& wallet_name, const epee::wipeable_string& password);
+    void write_watch_only_wallet(const std::string& wallet_name, const epee::wipeable_string& password);
+    void load(const std::string& wallet, const epee::wipeable_string& password);
     void store();
     /*!
      * \brief store_to - stores wallet to another file(s), deleting old ones
      * \param path     - path to the wallet file (keys and address filenames will be generated based on this filename)
      * \param password - password to protect new wallet (TODO: probably better save the password in the wallet object?)
      */
-    void store_to(const std::string &path, const std::string &password);
+    void store_to(const std::string &path, const epee::wipeable_string &password);
 
     std::string path() const;
 
     /*!
      * \brief verifies given password is correct for default wallet keys file
      */
-    bool verify_password(const std::string& password) const;
+    bool verify_password(const epee::wipeable_string& password) const;
     cryptonote::account_base& get_account(){return m_account;}
     const cryptonote::account_base& get_account()const{return m_account;}
 
@@ -466,7 +466,7 @@ namespace tools
      * \brief Checks if deterministic wallet
      */
     bool is_deterministic() const;
-    bool get_seed(std::string& electrum_words, const std::string &passphrase = std::string()) const;
+    bool get_seed(std::string& electrum_words, const epee::wipeable_string &passphrase = epee::wipeable_string()) const;
 
     /*!
     * \brief Checks if light wallet. A light wallet sends view key to a server where the blockchain is scanned.
@@ -838,13 +838,13 @@ namespace tools
      * \param  watch_only     true to save only view key, false to save both spend and view keys
      * \return                Whether it was successful.
      */
-    bool store_keys(const std::string& keys_file_name, const std::string& password, bool watch_only = false);
+    bool store_keys(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only = false);
     /*!
      * \brief Load wallet information from wallet file.
      * \param keys_file_name Name of wallet file
      * \param password       Password of wallet file
      */
-    bool load_keys(const std::string& keys_file_name, const std::string& password);
+    bool load_keys(const std::string& keys_file_name, const epee::wipeable_string& password);
     void process_new_transaction(const crypto::hash &txid, const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint64_t ts, bool miner_tx, bool pool, bool double_spend_seen);
     void process_new_blockchain_entry(const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const crypto::hash& bl_id, uint64_t height, const cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices &o_indices);
     void detach_blockchain(uint64_t height);
diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp
index c315684de..e790b9954 100644
--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@@ -206,7 +206,8 @@ namespace tools
         }
         std::fputs(http_login->username.c_str(), rpc_login_file.handle());
         std::fputc(':', rpc_login_file.handle());
-        std::fputs(http_login->password.c_str(), rpc_login_file.handle());
+        const epee::wipeable_string password = http_login->password;
+        std::fwrite(password.data(), 1, password.size(), rpc_login_file.handle());
         std::fflush(rpc_login_file.handle());
         if (std::ferror(rpc_login_file.handle()))
         {
author	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2017-11-25 14:50:15 +0000
committer	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2017-11-27 22:25:57 +0000
commit	3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa (patch)
tree	5559bcf502288a62f34e17902de92fcc2c60f110 /src/wallet
parent	utils: initialize easylogging++ in on_startup (diff)
download	monero-3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa.tar.xz