aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/common/password.cpp7
-rw-r--r--src/crypto/chacha8.h5
2 files changed, 8 insertions, 4 deletions
diff --git a/src/common/password.cpp b/src/common/password.cpp
index 5d56464a5..01eaf62e1 100644
--- a/src/common/password.cpp
+++ b/src/common/password.cpp
@@ -46,6 +46,8 @@
#include "readline_buffer.h"
#endif
+#include "common/memwipe.h"
+
namespace
{
#if defined(_WIN32)
@@ -163,8 +165,9 @@ namespace
void clear(std::string& pass) noexcept
{
- //! TODO Call a memory wipe function that hopefully is not optimized out
- pass.replace(0, pass.capacity(), pass.capacity(), '\0');
+ // technically, the std::string documentation says the data should not be modified,
+ // but there seems to be no way to get a non const raw pointer to the data
+ memwipe((void*)pass.data(), pass.size());
pass.clear();
}
diff --git a/src/crypto/chacha8.h b/src/crypto/chacha8.h
index 80557e9f5..1bf695731 100644
--- a/src/crypto/chacha8.h
+++ b/src/crypto/chacha8.h
@@ -39,6 +39,7 @@
#if defined(__cplusplus)
#include <memory.h>
+#include "common/memwipe.h"
#include "hash.h"
namespace crypto {
@@ -54,7 +55,7 @@ namespace crypto {
~chacha8_key()
{
- memset(data, 0, sizeof(data));
+ memwipe(data, sizeof(data));
}
};
@@ -75,7 +76,7 @@ namespace crypto {
char pwd_hash[HASH_SIZE];
crypto::cn_slow_hash(data, size, pwd_hash);
memcpy(&key, pwd_hash, sizeof(key));
- memset(pwd_hash, 0, sizeof(pwd_hash));
+ memwipe(pwd_hash, sizeof(pwd_hash));
}
inline void generate_chacha8_key(std::string password, chacha8_key& key) {