aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2017-11-25 14:50:15 +0000
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2017-11-27 22:25:57 +0000
commit3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa (patch)
tree5559bcf502288a62f34e17902de92fcc2c60f110 /src
parentutils: initialize easylogging++ in on_startup (diff)
downloadmonero-3dffe71b72c3b5dd1246ed74ee4cd1ad89aaccfa.tar.xz
new wipeable_string class to replace std::string passphrases
Diffstat (limited to '')
-rw-r--r--src/common/password.cpp36
-rw-r--r--src/common/password.h6
-rw-r--r--src/common/util.cpp4
-rw-r--r--src/cryptonote_basic/cryptonote_format_utils.cpp5
-rw-r--r--src/cryptonote_basic/cryptonote_format_utils.h9
-rw-r--r--src/simplewallet/simplewallet.cpp8
-rw-r--r--src/wallet/wallet2.cpp32
-rw-r--r--src/wallet/wallet2.h24
-rw-r--r--src/wallet/wallet_rpc_server.cpp3
9 files changed, 64 insertions, 63 deletions
diff --git a/src/common/password.cpp b/src/common/password.cpp
index 01eaf62e1..98a49eb80 100644
--- a/src/common/password.cpp
+++ b/src/common/password.cpp
@@ -56,7 +56,7 @@ namespace
return 0 != _isatty(_fileno(stdin));
}
- bool read_from_tty(std::string& pass)
+ bool read_from_tty(epee::wipeable_string& pass)
{
static constexpr const char BACKSPACE = 8;
@@ -88,8 +88,7 @@ namespace
{
if (!pass.empty())
{
- pass.back() = '\0';
- pass.resize(pass.size() - 1);
+ pass.pop_back();
}
}
else
@@ -127,7 +126,7 @@ namespace
return ch;
}
- bool read_from_tty(std::string& aPass)
+ bool read_from_tty(epee::wipeable_string& aPass)
{
static constexpr const char BACKSPACE = 127;
@@ -148,8 +147,7 @@ namespace
{
if (!aPass.empty())
{
- aPass.back() = '\0';
- aPass.resize(aPass.size() - 1);
+ aPass.pop_back();
}
}
else
@@ -163,15 +161,7 @@ namespace
#endif // end !WIN32
- void clear(std::string& pass) noexcept
- {
- // technically, the std::string documentation says the data should not be modified,
- // but there seems to be no way to get a non const raw pointer to the data
- memwipe((void*)pass.data(), pass.size());
- pass.clear();
- }
-
- bool read_from_tty(const bool verify, const char *message, std::string& pass1, std::string& pass2)
+ bool read_from_tty(const bool verify, const char *message, epee::wipeable_string& pass1, epee::wipeable_string& pass2)
{
while (true)
{
@@ -187,8 +177,8 @@ namespace
if(pass1!=pass2)
{
std::cout << "Passwords do not match! Please try again." << std::endl;
- clear(pass1);
- clear(pass2);
+ pass1.clear();
+ pass2.clear();
}
else //new password matches
return true;
@@ -201,7 +191,7 @@ namespace
return false;
}
- bool read_from_file(std::string& pass)
+ bool read_from_file(epee::wipeable_string& pass)
{
pass.reserve(tools::password_container::max_password_size);
for (size_t i = 0; i < tools::password_container::max_password_size; ++i)
@@ -236,7 +226,7 @@ namespace tools
password_container::~password_container() noexcept
{
- clear(m_password);
+ m_password.clear();
}
boost::optional<password_container> password_container::prompt(const bool verify, const char *message)
@@ -252,9 +242,8 @@ namespace tools
boost::optional<login> login::parse(std::string&& userpass, bool verify, const std::function<boost::optional<password_container>(bool)> &prompt)
{
login out{};
- password_container wipe{std::move(userpass)};
- const auto loc = wipe.password().find(':');
+ const auto loc = userpass.find(':');
if (loc == std::string::npos)
{
auto result = prompt(verify);
@@ -265,10 +254,11 @@ namespace tools
}
else
{
- out.password = password_container{wipe.password().substr(loc + 1)};
+ out.password = password_container{userpass.substr(loc + 1)};
}
- out.username = wipe.password().substr(0, loc);
+ out.username = userpass.substr(0, loc);
+ password_container wipe{std::move(userpass)};
return {std::move(out)};
}
}
diff --git a/src/common/password.h b/src/common/password.h
index ba1c30a28..01c6bf05a 100644
--- a/src/common/password.h
+++ b/src/common/password.h
@@ -32,6 +32,7 @@
#include <string>
#include <boost/optional/optional.hpp>
+#include "wipeable_string.h"
namespace tools
{
@@ -58,11 +59,10 @@ namespace tools
password_container& operator=(const password_container&) = delete;
password_container& operator=(password_container&&) = default;
- const std::string& password() const noexcept { return m_password; }
+ const epee::wipeable_string &password() const noexcept { return m_password; }
private:
- //! TODO Custom allocator that locks to RAM?
- std::string m_password;
+ epee::wipeable_string m_password;
};
struct login
diff --git a/src/common/util.cpp b/src/common/util.cpp
index 0d56e5eb7..eac5a67cf 100644
--- a/src/common/util.cpp
+++ b/src/common/util.cpp
@@ -36,9 +36,11 @@
#include "include_base_utils.h"
#include "file_io_utils.h"
+#include "wipeable_string.h"
using namespace epee;
#include "util.h"
+#include "memwipe.h"
#include "cryptonote_config.h"
#include "net/http_client.h" // epee::net_utils::...
@@ -542,6 +544,8 @@ std::string get_nix_version_display_string()
}
bool on_startup()
{
+ wipeable_string::set_wipe(&memwipe);
+
mlog_configure("", true);
sanitize_locale();
diff --git a/src/cryptonote_basic/cryptonote_format_utils.cpp b/src/cryptonote_basic/cryptonote_format_utils.cpp
index 3c760493f..6759f1826 100644
--- a/src/cryptonote_basic/cryptonote_format_utils.cpp
+++ b/src/cryptonote_basic/cryptonote_format_utils.cpp
@@ -32,6 +32,7 @@
using namespace epee;
#include <atomic>
+#include "wipeable_string.h"
#include "cryptonote_format_utils.h"
#include "cryptonote_config.h"
#include "crypto/crypto.h"
@@ -994,7 +995,7 @@ namespace cryptonote
block_hashes_cached = block_hashes_cached_count;
}
//---------------------------------------------------------------
- crypto::secret_key encrypt_key(crypto::secret_key key, const std::string &passphrase)
+ crypto::secret_key encrypt_key(crypto::secret_key key, const epee::wipeable_string &passphrase)
{
crypto::hash hash;
crypto::cn_slow_hash(passphrase.data(), passphrase.size(), hash);
@@ -1002,7 +1003,7 @@ namespace cryptonote
return key;
}
//---------------------------------------------------------------
- crypto::secret_key decrypt_key(crypto::secret_key key, const std::string &passphrase)
+ crypto::secret_key decrypt_key(crypto::secret_key key, const epee::wipeable_string &passphrase)
{
crypto::hash hash;
crypto::cn_slow_hash(passphrase.data(), passphrase.size(), hash);
diff --git a/src/cryptonote_basic/cryptonote_format_utils.h b/src/cryptonote_basic/cryptonote_format_utils.h
index aebeaa6f4..714d80195 100644
--- a/src/cryptonote_basic/cryptonote_format_utils.h
+++ b/src/cryptonote_basic/cryptonote_format_utils.h
@@ -38,6 +38,11 @@
#include "crypto/hash.h"
#include <unordered_map>
+namespace epee
+{
+ class wipeable_string;
+}
+
namespace cryptonote
{
//---------------------------------------------------------------
@@ -226,8 +231,8 @@ namespace cryptonote
bool is_valid_decomposed_amount(uint64_t amount);
void get_hash_stats(uint64_t &tx_hashes_calculated, uint64_t &tx_hashes_cached, uint64_t &block_hashes_calculated, uint64_t & block_hashes_cached);
- crypto::secret_key encrypt_key(crypto::secret_key key, const std::string &passphrase);
- crypto::secret_key decrypt_key(crypto::secret_key key, const std::string &passphrase);
+ crypto::secret_key encrypt_key(crypto::secret_key key, const epee::wipeable_string &passphrase);
+ crypto::secret_key decrypt_key(crypto::secret_key key, const epee::wipeable_string &passphrase);
#define CHECKED_GET_SPECIFIC_VARIANT(variant_var, specific_type, variable_name, fail_return_val) \
CHECK_AND_ASSERT_MES(variant_var.type() == typeid(specific_type), fail_return_val, "wrong variant type: " << variant_var.type().name() << ", expected " << typeid(specific_type).name()); \
specific_type& variable_name = boost::get<specific_type>(variant_var);
diff --git a/src/simplewallet/simplewallet.cpp b/src/simplewallet/simplewallet.cpp
index 17462bb81..a20bbd336 100644
--- a/src/simplewallet/simplewallet.cpp
+++ b/src/simplewallet/simplewallet.cpp
@@ -411,7 +411,7 @@ bool simple_wallet::print_seed(bool encrypted)
m_wallet->set_seed_language(mnemonic_language);
}
- std::string seed_pass;
+ epee::wipeable_string seed_pass;
if (encrypted)
{
auto pwd_container = tools::password_container::prompt(true, tr("Enter optional seed encryption passphrase, empty to see raw seed"));
@@ -1212,7 +1212,7 @@ bool simple_wallet::init(const boost::program_options::variables_map& vm)
auto pwd_container = tools::password_container::prompt(false, tr("Enter seed encryption passphrase, empty if none"));
if (std::cin.eof() || !pwd_container)
return false;
- std::string seed_pass = pwd_container->password();
+ epee::wipeable_string seed_pass = pwd_container->password();
if (!seed_pass.empty())
m_recovery_key = cryptonote::decrypt_key(m_recovery_key, seed_pass);
}
@@ -1862,12 +1862,12 @@ bool simple_wallet::open_wallet(const boost::program_options::variables_map& vm)
fail_msg_writer() << tr("wallet file path not valid: ") << m_wallet_file;
return false;
}
- std::string password;
+ epee::wipeable_string password;
try
{
auto rc = tools::wallet2::make_from_file(vm, m_wallet_file, password_prompter);
m_wallet = std::move(rc.first);
- password = std::move(rc.second).password();
+ password = std::move(std::move(rc.second).password());
if (!m_wallet)
{
return false;
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index 3a8662890..13bf54212 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -602,7 +602,7 @@ bool wallet2::is_deterministic() const
return keys_deterministic;
}
//----------------------------------------------------------------------------------------------------
-bool wallet2::get_seed(std::string& electrum_words, const std::string &passphrase) const
+bool wallet2::get_seed(std::string& electrum_words, const epee::wipeable_string &passphrase) const
{
bool keys_deterministic = is_deterministic();
if (!keys_deterministic)
@@ -2128,7 +2128,7 @@ bool wallet2::clear()
* \param watch_only true to save only view key, false to save both spend and view keys
* \return Whether it was successful.
*/
-bool wallet2::store_keys(const std::string& keys_file_name, const std::string& password, bool watch_only)
+bool wallet2::store_keys(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only)
{
std::string account_data;
cryptonote::account_base account = m_account;
@@ -2214,7 +2214,7 @@ bool wallet2::store_keys(const std::string& keys_file_name, const std::string& p
// Encrypt the entire JSON object.
crypto::chacha8_key key;
- crypto::generate_chacha8_key(password, key);
+ crypto::generate_chacha8_key(password.data(), password.size(), key);
std::string cipher;
cipher.resize(account_data.size());
keys_file_data.iv = crypto::rand<crypto::chacha8_iv>();
@@ -2244,7 +2244,7 @@ namespace
* \param keys_file_name Name of wallet file
* \param password Password of wallet file
*/
-bool wallet2::load_keys(const std::string& keys_file_name, const std::string& password)
+bool wallet2::load_keys(const std::string& keys_file_name, const epee::wipeable_string& password)
{
wallet2::keys_file_data keys_file_data;
std::string buf;
@@ -2255,7 +2255,7 @@ bool wallet2::load_keys(const std::string& keys_file_name, const std::string& pa
r = ::serialization::parse_binary(buf, keys_file_data);
THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name + '\"');
crypto::chacha8_key key;
- crypto::generate_chacha8_key(password, key);
+ crypto::generate_chacha8_key(password.data(), password.size(), key);
std::string account_data;
account_data.resize(keys_file_data.account_data.size());
crypto::chacha8(keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]);
@@ -2379,7 +2379,7 @@ bool wallet2::load_keys(const std::string& keys_file_name, const std::string& pa
* can be used prior to rewriting wallet keys file, to ensure user has entered the correct password
*
*/
-bool wallet2::verify_password(const std::string& password) const
+bool wallet2::verify_password(const epee::wipeable_string& password) const
{
return verify_password(m_keys_file, password, m_watch_only);
}
@@ -2396,7 +2396,7 @@ bool wallet2::verify_password(const std::string& password) const
* can be used prior to rewriting wallet keys file, to ensure user has entered the correct password
*
*/
-bool wallet2::verify_password(const std::string& keys_file_name, const std::string& password, bool watch_only)
+bool wallet2::verify_password(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only)
{
wallet2::keys_file_data keys_file_data;
std::string buf;
@@ -2407,7 +2407,7 @@ bool wallet2::verify_password(const std::string& keys_file_name, const std::stri
r = ::serialization::parse_binary(buf, keys_file_data);
THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name + '\"');
crypto::chacha8_key key;
- crypto::generate_chacha8_key(password, key);
+ crypto::generate_chacha8_key(password.data(), password.size(), key);
std::string account_data;
account_data.resize(keys_file_data.account_data.size());
crypto::chacha8(keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]);
@@ -2444,7 +2444,7 @@ bool wallet2::verify_password(const std::string& keys_file_name, const std::stri
* \param two_random Whether it is a non-deterministic wallet
* \return The secret key of the generated wallet
*/
-crypto::secret_key wallet2::generate(const std::string& wallet_, const std::string& password,
+crypto::secret_key wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
const crypto::secret_key& recovery_param, bool recover, bool two_random)
{
clear();
@@ -2511,7 +2511,7 @@ crypto::secret_key wallet2::generate(const std::string& wallet_, const std::stri
* \param password Password of wallet file
* \param viewkey view secret key
*/
-void wallet2::generate(const std::string& wallet_, const std::string& password,
+void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
const cryptonote::account_public_address &account_public_address,
const crypto::secret_key& viewkey)
{
@@ -2547,7 +2547,7 @@ void wallet2::generate(const std::string& wallet_, const std::string& password,
* \param spendkey spend secret key
* \param viewkey view secret key
*/
-void wallet2::generate(const std::string& wallet_, const std::string& password,
+void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
const cryptonote::account_public_address &account_public_address,
const crypto::secret_key& spendkey, const crypto::secret_key& viewkey)
{
@@ -2581,7 +2581,7 @@ void wallet2::generate(const std::string& wallet_, const std::string& password,
* \param wallet_name Name of wallet file (should exist)
* \param password Password for wallet file
*/
-void wallet2::rewrite(const std::string& wallet_name, const std::string& password)
+void wallet2::rewrite(const std::string& wallet_name, const epee::wipeable_string& password)
{
prepare_file_names(wallet_name);
boost::system::error_code ignored_ec;
@@ -2594,7 +2594,7 @@ void wallet2::rewrite(const std::string& wallet_name, const std::string& passwor
* \param wallet_name Base name of wallet file
* \param password Password for wallet file
*/
-void wallet2::write_watch_only_wallet(const std::string& wallet_name, const std::string& password)
+void wallet2::write_watch_only_wallet(const std::string& wallet_name, const epee::wipeable_string& password)
{
prepare_file_names(wallet_name);
boost::system::error_code ignored_ec;
@@ -2730,7 +2730,7 @@ bool wallet2::generate_chacha8_key_from_secret_keys(crypto::chacha8_key &key) co
return true;
}
//----------------------------------------------------------------------------------------------------
-void wallet2::load(const std::string& wallet_, const std::string& password)
+void wallet2::load(const std::string& wallet_, const epee::wipeable_string& password)
{
clear();
prepare_file_names(wallet_);
@@ -2881,10 +2881,10 @@ std::string wallet2::path() const
//----------------------------------------------------------------------------------------------------
void wallet2::store()
{
- store_to("", "");
+ store_to("", epee::wipeable_string());
}
//----------------------------------------------------------------------------------------------------
-void wallet2::store_to(const std::string &path, const std::string &password)
+void wallet2::store_to(const std::string &path, const epee::wipeable_string &password)
{
trim_hashchain();
diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h
index ce0c67fc3..9308aadeb 100644
--- a/src/wallet/wallet2.h
+++ b/src/wallet/wallet2.h
@@ -168,7 +168,7 @@ namespace tools
//! Just parses variables.
static std::unique_ptr<wallet2> make_dummy(const boost::program_options::variables_map& vm, const std::function<boost::optional<password_container>(const char *, bool)> &password_prompter);
- static bool verify_password(const std::string& keys_file_name, const std::string& password, bool watch_only);
+ static bool verify_password(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only);
wallet2(bool testnet = false, bool restricted = false) : m_run(true), m_callback(0), m_testnet(testnet), m_always_confirm_transfers(true), m_print_ring_members(false), m_store_tx_info(true), m_default_mixin(0), m_default_priority(0), m_refresh_type(RefreshDefault), m_auto_refresh(true), m_refresh_from_block_height(0), m_confirm_missing_payment_id(true), m_ask_password(true), m_min_output_count(0), m_min_output_value(0), m_merge_destinations(false), m_confirm_backlog(true), m_is_initialized(false), m_restricted(restricted), is_old_file_format(false), m_node_rpc_proxy(m_http_client, m_daemon_rpc_mutex), m_light_wallet(false), m_light_wallet_scanned_block_height(0), m_light_wallet_blockchain_height(0), m_light_wallet_connected(false), m_light_wallet_balance(0), m_light_wallet_unlocked_balance(0) {}
@@ -398,7 +398,7 @@ namespace tools
* \param two_random Whether it is a non-deterministic wallet
* \return The secret key of the generated wallet
*/
- crypto::secret_key generate(const std::string& wallet, const std::string& password,
+ crypto::secret_key generate(const std::string& wallet, const epee::wipeable_string& password,
const crypto::secret_key& recovery_param = crypto::secret_key(), bool recover = false,
bool two_random = false);
/*!
@@ -408,7 +408,7 @@ namespace tools
* \param viewkey view secret key
* \param spendkey spend secret key
*/
- void generate(const std::string& wallet, const std::string& password,
+ void generate(const std::string& wallet, const epee::wipeable_string& password,
const cryptonote::account_public_address &account_public_address,
const crypto::secret_key& spendkey, const crypto::secret_key& viewkey);
/*!
@@ -417,7 +417,7 @@ namespace tools
* \param password Password of wallet file
* \param viewkey view secret key
*/
- void generate(const std::string& wallet, const std::string& password,
+ void generate(const std::string& wallet, const epee::wipeable_string& password,
const cryptonote::account_public_address &account_public_address,
const crypto::secret_key& viewkey = crypto::secret_key());
/*!
@@ -425,23 +425,23 @@ namespace tools
* \param wallet_name Name of wallet file (should exist)
* \param password Password for wallet file
*/
- void rewrite(const std::string& wallet_name, const std::string& password);
- void write_watch_only_wallet(const std::string& wallet_name, const std::string& password);
- void load(const std::string& wallet, const std::string& password);
+ void rewrite(const std::string& wallet_name, const epee::wipeable_string& password);
+ void write_watch_only_wallet(const std::string& wallet_name, const epee::wipeable_string& password);
+ void load(const std::string& wallet, const epee::wipeable_string& password);
void store();
/*!
* \brief store_to - stores wallet to another file(s), deleting old ones
* \param path - path to the wallet file (keys and address filenames will be generated based on this filename)
* \param password - password to protect new wallet (TODO: probably better save the password in the wallet object?)
*/
- void store_to(const std::string &path, const std::string &password);
+ void store_to(const std::string &path, const epee::wipeable_string &password);
std::string path() const;
/*!
* \brief verifies given password is correct for default wallet keys file
*/
- bool verify_password(const std::string& password) const;
+ bool verify_password(const epee::wipeable_string& password) const;
cryptonote::account_base& get_account(){return m_account;}
const cryptonote::account_base& get_account()const{return m_account;}
@@ -466,7 +466,7 @@ namespace tools
* \brief Checks if deterministic wallet
*/
bool is_deterministic() const;
- bool get_seed(std::string& electrum_words, const std::string &passphrase = std::string()) const;
+ bool get_seed(std::string& electrum_words, const epee::wipeable_string &passphrase = epee::wipeable_string()) const;
/*!
* \brief Checks if light wallet. A light wallet sends view key to a server where the blockchain is scanned.
@@ -838,13 +838,13 @@ namespace tools
* \param watch_only true to save only view key, false to save both spend and view keys
* \return Whether it was successful.
*/
- bool store_keys(const std::string& keys_file_name, const std::string& password, bool watch_only = false);
+ bool store_keys(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only = false);
/*!
* \brief Load wallet information from wallet file.
* \param keys_file_name Name of wallet file
* \param password Password of wallet file
*/
- bool load_keys(const std::string& keys_file_name, const std::string& password);
+ bool load_keys(const std::string& keys_file_name, const epee::wipeable_string& password);
void process_new_transaction(const crypto::hash &txid, const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint64_t ts, bool miner_tx, bool pool, bool double_spend_seen);
void process_new_blockchain_entry(const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const crypto::hash& bl_id, uint64_t height, const cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices &o_indices);
void detach_blockchain(uint64_t height);
diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp
index c315684de..e790b9954 100644
--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@@ -206,7 +206,8 @@ namespace tools
}
std::fputs(http_login->username.c_str(), rpc_login_file.handle());
std::fputc(':', rpc_login_file.handle());
- std::fputs(http_login->password.c_str(), rpc_login_file.handle());
+ const epee::wipeable_string password = http_login->password;
+ std::fwrite(password.data(), 1, password.size(), rpc_login_file.handle());
std::fflush(rpc_login_file.handle());
if (std::ferror(rpc_login_file.handle()))
{