4 files changed, 28 insertions, 23 deletions

diff --git a/src/crypto/chacha.h b/src/crypto/chacha.h
index 7a120931a..2b3ed8043 100644
--- a/src/crypto/chacha.h
+++ b/src/crypto/chacha.h
@@ -73,14 +73,14 @@ namespace crypto {
     static_assert(sizeof(chacha_key) <= sizeof(hash), "Size of hash must be at least that of chacha_key");
     tools::scrubbed_arr<char, HASH_SIZE> pwd_hash;
     crypto::cn_slow_hash(data, size, pwd_hash.data(), 0/*variant*/, 0/*prehashed*/);
-    memcpy(&key, pwd_hash.data(), sizeof(key));
+    memcpy(&unwrap(key), pwd_hash.data(), sizeof(key));
   }
 
   inline void generate_chacha_key_prehashed(const void *data, size_t size, chacha_key& key) {
     static_assert(sizeof(chacha_key) <= sizeof(hash), "Size of hash must be at least that of chacha_key");
     tools::scrubbed_arr<char, HASH_SIZE> pwd_hash;
     crypto::cn_slow_hash(data, size, pwd_hash.data(), 0/*variant*/, 1/*prehashed*/);
-    memcpy(&key, pwd_hash.data(), sizeof(key));
+    memcpy(&unwrap(key), pwd_hash.data(), sizeof(key));
   }
 
   inline void generate_chacha_key(std::string password, chacha_key& key) {
diff --git a/src/crypto/crypto.cpp b/src/crypto/crypto.cpp
index 494027560..f4ef751d3 100644
--- a/src/crypto/crypto.cpp
+++ b/src/crypto/crypto.cpp
@@ -70,8 +70,6 @@ namespace crypto {
 #include "random.h"
   }
 
-  boost::mutex random_lock;
-
   static inline unsigned char *operator &(ec_point &point) {
     return &reinterpret_cast<unsigned char &>(point);
   }
@@ -88,6 +86,13 @@ namespace crypto {
     return &reinterpret_cast<const unsigned char &>(scalar);
   }
 
+  void generate_random_bytes_thread_safe(size_t N, uint8_t *bytes)
+  {
+    static boost::mutex random_lock;
+    boost::lock_guard<boost::mutex> lock(random_lock);
+    generate_random_bytes_not_thread_safe(N, bytes);
+  }
+
   /* generate a random 32-byte (256-bit) integer and copy it to res */
   static inline void random_scalar_not_thread_safe(ec_scalar &res) {
     unsigned char tmp[64];
@@ -96,8 +101,10 @@ namespace crypto {
     memcpy(&res, tmp, 32);
   }
   static inline void random_scalar(ec_scalar &res) {
-    boost::lock_guard<boost::mutex> lock(random_lock);
-    random_scalar_not_thread_safe(res);
+    unsigned char tmp[64];
+    generate_random_bytes_thread_safe(64, tmp);
+    sc_reduce(tmp);
+    memcpy(&res, tmp, 32);
   }
 
   void hash_to_scalar(const void *data, size_t length, ec_scalar &res) {
@@ -124,9 +131,9 @@ namespace crypto {
       random_scalar(rng);
     }
     sec = rng;
-    sc_reduce32(&sec);  // reduce in case second round of keys (sendkeys)
+    sc_reduce32(&unwrap(sec));  // reduce in case second round of keys (sendkeys)
 
-    ge_scalarmult_base(&point, &sec);
+    ge_scalarmult_base(&point, &unwrap(sec));
     ge_p3_tobytes(&pub, &point);
 
     return rng;
@@ -139,10 +146,10 @@ namespace crypto {
 
   bool crypto_ops::secret_key_to_public_key(const secret_key &sec, public_key &pub) {
     ge_p3 point;
-    if (sc_check(&sec) != 0) {
+    if (sc_check(&unwrap(sec)) != 0) {
       return false;
     }
-    ge_scalarmult_base(&point, &sec);
+    ge_scalarmult_base(&point, &unwrap(sec));
     ge_p3_tobytes(&pub, &point);
     return true;
   }
@@ -155,7 +162,7 @@ namespace crypto {
     if (ge_frombytes_vartime(&point, &key1) != 0) {
       return false;
     }
-    ge_scalarmult(&point2, &key2, &point);
+    ge_scalarmult(&point2, &unwrap(key2), &point);
     ge_mul8(&point3, &point2);
     ge_p1p1_to_p2(&point2, &point3);
     ge_tobytes(&derivation, &point2);
@@ -199,7 +206,7 @@ namespace crypto {
     ec_scalar scalar;
     assert(sc_check(&base) == 0);
     derivation_to_scalar(derivation, output_index, scalar);
-    sc_add(&derived_key, &base, &scalar);
+    sc_add(&unwrap(derived_key), &unwrap(base), &scalar);
   }
 
   bool crypto_ops::derive_subaddress_public_key(const public_key &out_key, const key_derivation &derivation, std::size_t output_index, public_key &derived_key) {
@@ -254,7 +261,7 @@ namespace crypto {
     ge_scalarmult_base(&tmp3, &k);
     ge_p3_tobytes(&buf.comm, &tmp3);
     hash_to_scalar(&buf, sizeof(s_comm), sig.c);
-    sc_mulsub(&sig.r, &sig.c, &sec, &k);
+    sc_mulsub(&sig.r, &sig.c, &unwrap(sec), &k);
   }
 
   bool crypto_ops::check_signature(const hash &prefix_hash, const public_key &pub, const signature &sig) {
@@ -347,7 +354,7 @@ namespace crypto {
     hash_to_scalar(&buf, sizeof(buf), sig.c);
 
     // sig.r = k - sig.c*r
-    sc_mulsub(&sig.r, &sig.c, &r, &k);
+    sc_mulsub(&sig.r, &sig.c, &unwrap(r), &k);
   }
 
   bool crypto_ops::check_tx_proof(const hash &prefix_hash, const public_key &R, const public_key &A, const boost::optional<public_key> &B, const public_key &D, const signature &sig) {
@@ -451,7 +458,7 @@ namespace crypto {
     ge_p2 point2;
     assert(sc_check(&sec) == 0);
     hash_to_ec(pub, point);
-    ge_scalarmult(&point2, &sec, &point);
+    ge_scalarmult(&point2, &unwrap(sec), &point);
     ge_tobytes(&image, &point2);
   }
 
@@ -530,7 +537,7 @@ POP_WARNINGS
     }
     hash_to_scalar(buf.get(), rs_comm_size(pubs_count), h);
     sc_sub(&sig[sec_index].c, &h, &sum);
-    sc_mulsub(&sig[sec_index].r, &sig[sec_index].c, &sec, &k);
+    sc_mulsub(&sig[sec_index].r, &sig[sec_index].c, &unwrap(sec), &k);
   }
 
   bool crypto_ops::check_ring_signature(const hash &prefix_hash, const key_image &image,
diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h
index 81ebfb9e2..9ea0f2ec0 100644
--- a/src/crypto/crypto.h
+++ b/src/crypto/crypto.h
@@ -53,8 +53,6 @@ namespace crypto {
 #include "random.h"
   }
 
-  extern boost::mutex random_lock;
-
 #pragma pack(push, 1)
   POD_CLASS ec_point {
     char data[32];
@@ -149,11 +147,12 @@ namespace crypto {
       const public_key *const *, std::size_t, const signature *);
   };
 
+  void generate_random_bytes_thread_safe(size_t N, uint8_t *bytes);
+
   /* Generate N random bytes
    */
   inline void rand(size_t N, uint8_t *bytes) {
-    boost::lock_guard<boost::mutex> lock(random_lock);
-    generate_random_bytes_not_thread_safe(N, bytes);
+    generate_random_bytes_thread_safe(N, bytes);
   }
 
   /* Generate a value filled with random bytes.
@@ -161,8 +160,7 @@ namespace crypto {
   template<typename T>
   typename std::enable_if<std::is_pod<T>::value, T>::type rand() {
     typename std::remove_cv<T>::type res;
-    boost::lock_guard<boost::mutex> lock(random_lock);
-    generate_random_bytes_not_thread_safe(sizeof(T), &res);
+    generate_random_bytes_thread_safe(sizeof(T), (uint8_t*)&res);
     return res;
   }
 
diff --git a/src/crypto/slow-hash.c b/src/crypto/slow-hash.c
index d7dcbd274..35e98f2f5 100644
--- a/src/crypto/slow-hash.c
+++ b/src/crypto/slow-hash.c
@@ -524,7 +524,7 @@ void slow_hash_free_state(void)
     else
     {
 #if defined(_MSC_VER) || defined(__MINGW32__)
-        VirtualFree(hp_state, MEMORY, MEM_RELEASE);
+        VirtualFree(hp_state, 0, MEM_RELEASE);
 #else
         munmap(hp_state, MEMORY);
 #endif