diff options
author | Riccardo Spagni <ric@spagni.net> | 2017-12-16 23:19:27 +0200 |
---|---|---|
committer | Riccardo Spagni <ric@spagni.net> | 2017-12-16 23:19:27 +0200 |
commit | 6c0953b15a27a49403c6ec2a48c1b0dcefa1eda5 (patch) | |
tree | 90c341b746beeb252953081f75bef7f315704068 /src/wallet | |
parent | Merge pull request #2856 (diff) | |
parent | new wipeable_string class to replace std::string passphrases (diff) | |
download | monero-6c0953b15a27a49403c6ec2a48c1b0dcefa1eda5.tar.xz |
Merge pull request #2860
3dffe71b new wipeable_string class to replace std::string passphrases (moneromooo-monero)
7a2a5741 utils: initialize easylogging++ in on_startup (moneromooo-monero)
54950829 use memwipe in a few relevant places (moneromooo-monero)
000666ff add a memwipe function (moneromooo-monero)
Diffstat (limited to 'src/wallet')
-rw-r--r-- | src/wallet/wallet2.cpp | 32 | ||||
-rw-r--r-- | src/wallet/wallet2.h | 24 | ||||
-rw-r--r-- | src/wallet/wallet_rpc_server.cpp | 3 |
3 files changed, 30 insertions, 29 deletions
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index e29e1051c..fba1ef534 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -613,7 +613,7 @@ bool wallet2::is_deterministic() const return keys_deterministic; } //---------------------------------------------------------------------------------------------------- -bool wallet2::get_seed(std::string& electrum_words, const std::string &passphrase) const +bool wallet2::get_seed(std::string& electrum_words, const epee::wipeable_string &passphrase) const { bool keys_deterministic = is_deterministic(); if (!keys_deterministic) @@ -2150,7 +2150,7 @@ bool wallet2::clear() * \param watch_only true to save only view key, false to save both spend and view keys * \return Whether it was successful. */ -bool wallet2::store_keys(const std::string& keys_file_name, const std::string& password, bool watch_only) +bool wallet2::store_keys(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only) { std::string account_data; cryptonote::account_base account = m_account; @@ -2236,7 +2236,7 @@ bool wallet2::store_keys(const std::string& keys_file_name, const std::string& p // Encrypt the entire JSON object. crypto::chacha8_key key; - crypto::generate_chacha8_key(password, key); + crypto::generate_chacha8_key(password.data(), password.size(), key); std::string cipher; cipher.resize(account_data.size()); keys_file_data.iv = crypto::rand<crypto::chacha8_iv>(); @@ -2266,7 +2266,7 @@ namespace * \param keys_file_name Name of wallet file * \param password Password of wallet file */ -bool wallet2::load_keys(const std::string& keys_file_name, const std::string& password) +bool wallet2::load_keys(const std::string& keys_file_name, const epee::wipeable_string& password) { wallet2::keys_file_data keys_file_data; std::string buf; @@ -2277,7 +2277,7 @@ bool wallet2::load_keys(const std::string& keys_file_name, const std::string& pa r = ::serialization::parse_binary(buf, keys_file_data); THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name + '\"'); crypto::chacha8_key key; - crypto::generate_chacha8_key(password, key); + crypto::generate_chacha8_key(password.data(), password.size(), key); std::string account_data; account_data.resize(keys_file_data.account_data.size()); crypto::chacha8(keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]); @@ -2401,7 +2401,7 @@ bool wallet2::load_keys(const std::string& keys_file_name, const std::string& pa * can be used prior to rewriting wallet keys file, to ensure user has entered the correct password * */ -bool wallet2::verify_password(const std::string& password) const +bool wallet2::verify_password(const epee::wipeable_string& password) const { return verify_password(m_keys_file, password, m_watch_only); } @@ -2418,7 +2418,7 @@ bool wallet2::verify_password(const std::string& password) const * can be used prior to rewriting wallet keys file, to ensure user has entered the correct password * */ -bool wallet2::verify_password(const std::string& keys_file_name, const std::string& password, bool watch_only) +bool wallet2::verify_password(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only) { wallet2::keys_file_data keys_file_data; std::string buf; @@ -2429,7 +2429,7 @@ bool wallet2::verify_password(const std::string& keys_file_name, const std::stri r = ::serialization::parse_binary(buf, keys_file_data); THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name + '\"'); crypto::chacha8_key key; - crypto::generate_chacha8_key(password, key); + crypto::generate_chacha8_key(password.data(), password.size(), key); std::string account_data; account_data.resize(keys_file_data.account_data.size()); crypto::chacha8(keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]); @@ -2466,7 +2466,7 @@ bool wallet2::verify_password(const std::string& keys_file_name, const std::stri * \param two_random Whether it is a non-deterministic wallet * \return The secret key of the generated wallet */ -crypto::secret_key wallet2::generate(const std::string& wallet_, const std::string& password, +crypto::secret_key wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password, const crypto::secret_key& recovery_param, bool recover, bool two_random) { clear(); @@ -2546,7 +2546,7 @@ crypto::secret_key wallet2::generate(const std::string& wallet_, const std::stri * \param password Password of wallet file * \param viewkey view secret key */ -void wallet2::generate(const std::string& wallet_, const std::string& password, +void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password, const cryptonote::account_public_address &account_public_address, const crypto::secret_key& viewkey) { @@ -2582,7 +2582,7 @@ void wallet2::generate(const std::string& wallet_, const std::string& password, * \param spendkey spend secret key * \param viewkey view secret key */ -void wallet2::generate(const std::string& wallet_, const std::string& password, +void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password, const cryptonote::account_public_address &account_public_address, const crypto::secret_key& spendkey, const crypto::secret_key& viewkey) { @@ -2616,7 +2616,7 @@ void wallet2::generate(const std::string& wallet_, const std::string& password, * \param wallet_name Name of wallet file (should exist) * \param password Password for wallet file */ -void wallet2::rewrite(const std::string& wallet_name, const std::string& password) +void wallet2::rewrite(const std::string& wallet_name, const epee::wipeable_string& password) { prepare_file_names(wallet_name); boost::system::error_code ignored_ec; @@ -2629,7 +2629,7 @@ void wallet2::rewrite(const std::string& wallet_name, const std::string& passwor * \param wallet_name Base name of wallet file * \param password Password for wallet file */ -void wallet2::write_watch_only_wallet(const std::string& wallet_name, const std::string& password) +void wallet2::write_watch_only_wallet(const std::string& wallet_name, const epee::wipeable_string& password) { prepare_file_names(wallet_name); boost::system::error_code ignored_ec; @@ -2765,7 +2765,7 @@ bool wallet2::generate_chacha8_key_from_secret_keys(crypto::chacha8_key &key) co return true; } //---------------------------------------------------------------------------------------------------- -void wallet2::load(const std::string& wallet_, const std::string& password) +void wallet2::load(const std::string& wallet_, const epee::wipeable_string& password) { clear(); prepare_file_names(wallet_); @@ -2916,10 +2916,10 @@ std::string wallet2::path() const //---------------------------------------------------------------------------------------------------- void wallet2::store() { - store_to("", ""); + store_to("", epee::wipeable_string()); } //---------------------------------------------------------------------------------------------------- -void wallet2::store_to(const std::string &path, const std::string &password) +void wallet2::store_to(const std::string &path, const epee::wipeable_string &password) { trim_hashchain(); diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h index 866b95853..de1bed90c 100644 --- a/src/wallet/wallet2.h +++ b/src/wallet/wallet2.h @@ -168,7 +168,7 @@ namespace tools //! Just parses variables. static std::unique_ptr<wallet2> make_dummy(const boost::program_options::variables_map& vm, const std::function<boost::optional<password_container>(const char *, bool)> &password_prompter); - static bool verify_password(const std::string& keys_file_name, const std::string& password, bool watch_only); + static bool verify_password(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only); wallet2(bool testnet = false, bool restricted = false) : m_run(true), m_callback(0), m_testnet(testnet), m_always_confirm_transfers(true), m_print_ring_members(false), m_store_tx_info(true), m_default_mixin(0), m_default_priority(0), m_refresh_type(RefreshDefault), m_auto_refresh(true), m_refresh_from_block_height(0), m_confirm_missing_payment_id(true), m_ask_password(true), m_min_output_count(0), m_min_output_value(0), m_merge_destinations(false), m_confirm_backlog(true), m_is_initialized(false), m_restricted(restricted), is_old_file_format(false), m_node_rpc_proxy(m_http_client, m_daemon_rpc_mutex), m_light_wallet(false), m_light_wallet_scanned_block_height(0), m_light_wallet_blockchain_height(0), m_light_wallet_connected(false), m_light_wallet_balance(0), m_light_wallet_unlocked_balance(0) {} @@ -398,7 +398,7 @@ namespace tools * \param two_random Whether it is a non-deterministic wallet * \return The secret key of the generated wallet */ - crypto::secret_key generate(const std::string& wallet, const std::string& password, + crypto::secret_key generate(const std::string& wallet, const epee::wipeable_string& password, const crypto::secret_key& recovery_param = crypto::secret_key(), bool recover = false, bool two_random = false); /*! @@ -408,7 +408,7 @@ namespace tools * \param viewkey view secret key * \param spendkey spend secret key */ - void generate(const std::string& wallet, const std::string& password, + void generate(const std::string& wallet, const epee::wipeable_string& password, const cryptonote::account_public_address &account_public_address, const crypto::secret_key& spendkey, const crypto::secret_key& viewkey); /*! @@ -417,7 +417,7 @@ namespace tools * \param password Password of wallet file * \param viewkey view secret key */ - void generate(const std::string& wallet, const std::string& password, + void generate(const std::string& wallet, const epee::wipeable_string& password, const cryptonote::account_public_address &account_public_address, const crypto::secret_key& viewkey = crypto::secret_key()); /*! @@ -425,23 +425,23 @@ namespace tools * \param wallet_name Name of wallet file (should exist) * \param password Password for wallet file */ - void rewrite(const std::string& wallet_name, const std::string& password); - void write_watch_only_wallet(const std::string& wallet_name, const std::string& password); - void load(const std::string& wallet, const std::string& password); + void rewrite(const std::string& wallet_name, const epee::wipeable_string& password); + void write_watch_only_wallet(const std::string& wallet_name, const epee::wipeable_string& password); + void load(const std::string& wallet, const epee::wipeable_string& password); void store(); /*! * \brief store_to - stores wallet to another file(s), deleting old ones * \param path - path to the wallet file (keys and address filenames will be generated based on this filename) * \param password - password to protect new wallet (TODO: probably better save the password in the wallet object?) */ - void store_to(const std::string &path, const std::string &password); + void store_to(const std::string &path, const epee::wipeable_string &password); std::string path() const; /*! * \brief verifies given password is correct for default wallet keys file */ - bool verify_password(const std::string& password) const; + bool verify_password(const epee::wipeable_string& password) const; cryptonote::account_base& get_account(){return m_account;} const cryptonote::account_base& get_account()const{return m_account;} @@ -466,7 +466,7 @@ namespace tools * \brief Checks if deterministic wallet */ bool is_deterministic() const; - bool get_seed(std::string& electrum_words, const std::string &passphrase = std::string()) const; + bool get_seed(std::string& electrum_words, const epee::wipeable_string &passphrase = epee::wipeable_string()) const; /*! * \brief Checks if light wallet. A light wallet sends view key to a server where the blockchain is scanned. @@ -839,13 +839,13 @@ namespace tools * \param watch_only true to save only view key, false to save both spend and view keys * \return Whether it was successful. */ - bool store_keys(const std::string& keys_file_name, const std::string& password, bool watch_only = false); + bool store_keys(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only = false); /*! * \brief Load wallet information from wallet file. * \param keys_file_name Name of wallet file * \param password Password of wallet file */ - bool load_keys(const std::string& keys_file_name, const std::string& password); + bool load_keys(const std::string& keys_file_name, const epee::wipeable_string& password); void process_new_transaction(const crypto::hash &txid, const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint64_t ts, bool miner_tx, bool pool, bool double_spend_seen); void process_new_blockchain_entry(const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const crypto::hash& bl_id, uint64_t height, const cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices &o_indices); void detach_blockchain(uint64_t height); diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp index c315684de..e790b9954 100644 --- a/src/wallet/wallet_rpc_server.cpp +++ b/src/wallet/wallet_rpc_server.cpp @@ -206,7 +206,8 @@ namespace tools } std::fputs(http_login->username.c_str(), rpc_login_file.handle()); std::fputc(':', rpc_login_file.handle()); - std::fputs(http_login->password.c_str(), rpc_login_file.handle()); + const epee::wipeable_string password = http_login->password; + std::fwrite(password.data(), 1, password.size(), rpc_login_file.handle()); std::fflush(rpc_login_file.handle()); if (std::ferror(rpc_login_file.handle())) { |