kvazar
/
kevacoin
mirror of https://github.com/kvazar-network/kevacoin.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Implement an mlock()'d string class for storing passphrases 

SecureString is identical to std::string except with secure_allocator
substituting for std::allocator. This makes casting between them
impossible, so converting between the two at API boundaries requires
calling ::c_str() for now.
0.8
Dylan Noblesmith 13 years ago
parent
d8b8640863
commit
94f778bdeb
9 changed files with 40 additions and 54 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 48
      src/bitcoinrpc.cpp
  2. 2
      src/crypter.cpp
  3. 2
      src/crypter.h
  4. 11
      src/qt/askpassphrasedialog.cpp
  5. 6
      src/qt/walletmodel.cpp
  6. 9
      src/qt/walletmodel.h
  7. 4
      src/util.h
  8. 6
      src/wallet.cpp
  9. 6
      src/wallet.h

48
src/bitcoinrpc.cpp
Unescape View File

@ -1453,21 +1453,16 @@ Value walletpassphrase(const Array& params, bool fHelp) @@ -1453,21 +1453,16 @@ Value walletpassphrase(const Array& params, bool fHelp)
throw JSONRPCError(-17, "Error: Wallet is already unlocked.");
// Note that the walletpassphrase is stored in params[0] which is not mlock()ed
string strWalletPass;
SecureString strWalletPass;
strWalletPass.reserve(100);
mlock(&strWalletPass[0], strWalletPass.capacity());
strWalletPass = params[0].get_str();
// TODO: get rid of this .c_str() by implementing SecureString::operator=(std::string)
// Alternately, find a way to make params[0] mlock()'d to begin with.
strWalletPass = params[0].get_str().c_str();
if (strWalletPass.length() > 0)
{
if (!pwalletMain->Unlock(strWalletPass))
{
fill(strWalletPass.begin(), strWalletPass.end(), '\0');
munlock(&strWalletPass[0], strWalletPass.capacity());
throw JSONRPCError(-14, "Error: The wallet passphrase entered was incorrect.");
}
fill(strWalletPass.begin(), strWalletPass.end(), '\0');
munlock(&strWalletPass[0], strWalletPass.capacity());
}
else
throw runtime_error(
@ -1493,15 +1488,15 @@ Value walletpassphrasechange(const Array& params, bool fHelp) @@ -1493,15 +1488,15 @@ Value walletpassphrasechange(const Array& params, bool fHelp)
if (!pwalletMain->IsCrypted())
throw JSONRPCError(-15, "Error: running with an unencrypted wallet, but walletpassphrasechange was called.");
string strOldWalletPass;
// TODO: get rid of these .c_str() calls by implementing SecureString::operator=(std::string)
// Alternately, find a way to make params[0] mlock()'d to begin with.
SecureString strOldWalletPass;
strOldWalletPass.reserve(100);
mlock(&strOldWalletPass[0], strOldWalletPass.capacity());
strOldWalletPass = params[0].get_str();
strOldWalletPass = params[0].get_str().c_str();
string strNewWalletPass;
SecureString strNewWalletPass;
strNewWalletPass.reserve(100);
mlock(&strNewWalletPass[0], strNewWalletPass.capacity());
strNewWalletPass = params[1].get_str();
strNewWalletPass = params[1].get_str().c_str();
if (strOldWalletPass.length() < 1 || strNewWalletPass.length() < 1)
throw runtime_error(
@ -1509,17 +1504,7 @@ Value walletpassphrasechange(const Array& params, bool fHelp) @@ -1509,17 +1504,7 @@ Value walletpassphrasechange(const Array& params, bool fHelp)
"Changes the wallet passphrase from <oldpassphrase> to <newpassphrase>.");
if (!pwalletMain->ChangeWalletPassphrase(strOldWalletPass, strNewWalletPass))
{
fill(strOldWalletPass.begin(), strOldWalletPass.end(), '\0');
fill(strNewWalletPass.begin(), strNewWalletPass.end(), '\0');
munlock(&strOldWalletPass[0], strOldWalletPass.capacity());
munlock(&strNewWalletPass[0], strNewWalletPass.capacity());
throw JSONRPCError(-14, "Error: The wallet passphrase entered was incorrect.");
}
fill(strNewWalletPass.begin(), strNewWalletPass.end(), '\0');
fill(strOldWalletPass.begin(), strOldWalletPass.end(), '\0');
munlock(&strOldWalletPass[0], strOldWalletPass.capacity());
munlock(&strNewWalletPass[0], strNewWalletPass.capacity());
return Value::null;
}
@ -1564,10 +1549,11 @@ Value encryptwallet(const Array& params, bool fHelp) @@ -1564,10 +1549,11 @@ Value encryptwallet(const Array& params, bool fHelp)
throw runtime_error("Not Yet Implemented: use GUI to encrypt wallet, not RPC command");
#endif
string strWalletPass;
// TODO: get rid of this .c_str() by implementing SecureString::operator=(std::string)
// Alternately, find a way to make params[0] mlock()'d to begin with.
SecureString strWalletPass;
strWalletPass.reserve(100);
mlock(&strWalletPass[0], strWalletPass.capacity());
strWalletPass = params[0].get_str();
strWalletPass = params[0].get_str().c_str();
if (strWalletPass.length() < 1)
throw runtime_error(
@ -1575,13 +1561,7 @@ Value encryptwallet(const Array& params, bool fHelp) @@ -1575,13 +1561,7 @@ Value encryptwallet(const Array& params, bool fHelp)
"Encrypts the wallet with <passphrase>.");
if (!pwalletMain->EncryptWallet(strWalletPass))
{
fill(strWalletPass.begin(), strWalletPass.end(), '\0');
munlock(&strWalletPass[0], strWalletPass.capacity());
throw JSONRPCError(-16, "Error: Failed to encrypt the wallet.");
}
fill(strWalletPass.begin(), strWalletPass.end(), '\0');
munlock(&strWalletPass[0], strWalletPass.capacity());
// BDB seems to have a bad habit of writing old data into
// slack space in .dat files; that is bad if the old data is

2
src/crypter.cpp
Unescape View File

@ -15,7 +15,7 @@ @@ -15,7 +15,7 @@
#include "main.h"
#include "util.h"
bool CCrypter::SetKeyFromPassphrase(const std::string& strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod)
bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod)
{
if (nRounds < 1 || chSalt.size() != WALLET_CRYPTO_SALT_SIZE)
return false;

2
src/crypter.h
Unescape View File

@ -65,7 +65,7 @@ private: @@ -65,7 +65,7 @@ private:
bool fKeySet;
public:
bool SetKeyFromPassphrase(const std::string &strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod);
bool SetKeyFromPassphrase(const SecureString &strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod);
bool Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned char> &vchCiphertext);
bool Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext);
bool SetKey(const CKeyingMaterial& chNewKey, const std::vector<unsigned char>& chNewIV);

11
src/qt/askpassphrasedialog.cpp
Unescape View File

@ -71,16 +71,17 @@ void AskPassphraseDialog::setModel(WalletModel *model) @@ -71,16 +71,17 @@ void AskPassphraseDialog::setModel(WalletModel *model)
void AskPassphraseDialog::accept()
{
std::string oldpass, newpass1, newpass2;
SecureString oldpass, newpass1, newpass2;
if(!model)
return;
// TODO: mlock memory / munlock on return so they will not be swapped out, really need "mlockedstring" wrapper class to do this safely
oldpass.reserve(MAX_PASSPHRASE_SIZE);
newpass1.reserve(MAX_PASSPHRASE_SIZE);
newpass2.reserve(MAX_PASSPHRASE_SIZE);
oldpass.assign(ui->passEdit1->text().toStdString());
newpass1.assign(ui->passEdit2->text().toStdString());
newpass2.assign(ui->passEdit3->text().toStdString());
// TODO: get rid of this .c_str() by implementing SecureString::operator=(std::string)
// Alternately, find a way to make this input mlock()'d to begin with.
oldpass.assign(ui->passEdit1->text().toStdString().c_str());
newpass1.assign(ui->passEdit2->text().toStdString().c_str());
newpass2.assign(ui->passEdit3->text().toStdString().c_str());
switch(mode)
{

6
src/qt/walletmodel.cpp
Unescape View File

@ -200,7 +200,7 @@ WalletModel::EncryptionStatus WalletModel::getEncryptionStatus() const @@ -200,7 +200,7 @@ WalletModel::EncryptionStatus WalletModel::getEncryptionStatus() const
}
}
bool WalletModel::setWalletEncrypted(bool encrypted, const std::string &passphrase)
bool WalletModel::setWalletEncrypted(bool encrypted, const SecureString &passphrase)
{
if(encrypted)
{
@ -214,7 +214,7 @@ bool WalletModel::setWalletEncrypted(bool encrypted, const std::string &passphra @@ -214,7 +214,7 @@ bool WalletModel::setWalletEncrypted(bool encrypted, const std::string &passphra
}
}
bool WalletModel::setWalletLocked(bool locked, const std::string &passPhrase)
bool WalletModel::setWalletLocked(bool locked, const SecureString &passPhrase)
{
if(locked)
{
@ -228,7 +228,7 @@ bool WalletModel::setWalletLocked(bool locked, const std::string &passPhrase) @@ -228,7 +228,7 @@ bool WalletModel::setWalletLocked(bool locked, const std::string &passPhrase)
}
}
bool WalletModel::changePassphrase(const std::string &oldPass, const std::string &newPass)
bool WalletModel::changePassphrase(const SecureString &oldPass, const SecureString &newPass)
{
bool retval;
CRITICAL_BLOCK(wallet->cs_wallet)

9
src/qt/walletmodel.h
Unescape View File

@ -2,7 +2,8 @@ @@ -2,7 +2,8 @@
#define WALLETMODEL_H
#include <QObject>
#include <string>
#include "util.h"
class OptionsModel;
class AddressTableModel;
@ -72,10 +73,10 @@ public: @@ -72,10 +73,10 @@ public:
SendCoinsReturn sendCoins(const QList<SendCoinsRecipient> &recipients);
// Wallet encryption
bool setWalletEncrypted(bool encrypted, const std::string &passphrase);
bool setWalletEncrypted(bool encrypted, const SecureString &passphrase);
// Passphrase only needed when unlocking
bool setWalletLocked(bool locked, const std::string &passPhrase=std::string());
bool changePassphrase(const std::string &oldPass, const std::string &newPass);
bool setWalletLocked(bool locked, const SecureString &passPhrase=SecureString());
bool changePassphrase(const SecureString &oldPass, const SecureString &newPass);
// RAI object for unlocking wallet, returned by requestUnlock()
class UnlockContext

4
src/util.h
Unescape View File

@ -292,6 +292,10 @@ public: @@ -292,6 +292,10 @@ public:
// This is exactly like std::string, but with a custom allocator.
// (secure_allocator<> is defined in serialize.h)
typedef std::basic_string<char, std::char_traits<char>, secure_allocator<char> > SecureString;

6
src/wallet.cpp
Unescape View File

@ -42,7 +42,7 @@ bool CWallet::AddCryptedKey(const vector<unsigned char> &vchPubKey, const vector @@ -42,7 +42,7 @@ bool CWallet::AddCryptedKey(const vector<unsigned char> &vchPubKey, const vector
return false;
}
bool CWallet::Unlock(const string& strWalletPassphrase)
bool CWallet::Unlock(const SecureString& strWalletPassphrase)
{
if (!IsLocked())
return false;
@ -63,7 +63,7 @@ bool CWallet::Unlock(const string& strWalletPassphrase) @@ -63,7 +63,7 @@ bool CWallet::Unlock(const string& strWalletPassphrase)
return false;
}
bool CWallet::ChangeWalletPassphrase(const string& strOldWalletPassphrase, const string& strNewWalletPassphrase)
bool CWallet::ChangeWalletPassphrase(const SecureString& strOldWalletPassphrase, const SecureString& strNewWalletPassphrase)
{
bool fWasLocked = IsLocked();
@ -122,7 +122,7 @@ public: @@ -122,7 +122,7 @@ public:
)
};
bool CWallet::EncryptWallet(const string& strWalletPassphrase)
bool CWallet::EncryptWallet(const SecureString& strWalletPassphrase)
{
if (IsCrypted())
return false;

6
src/wallet.h
Unescape View File

@ -70,9 +70,9 @@ public: @@ -70,9 +70,9 @@ public:
// Adds an encrypted key to the store, without saving it to disk (used by LoadWallet)
bool LoadCryptedKey(const std::vector<unsigned char> &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret) { return CCryptoKeyStore::AddCryptedKey(vchPubKey, vchCryptedSecret); }
bool Unlock(const std::string& strWalletPassphrase);
bool ChangeWalletPassphrase(const std::string& strOldWalletPassphrase, const std::string& strNewWalletPassphrase);
bool EncryptWallet(const std::string& strWalletPassphrase);
bool Unlock(const SecureString& strWalletPassphrase);
bool ChangeWalletPassphrase(const SecureString& strOldWalletPassphrase, const SecureString& strNewWalletPassphrase);
bool EncryptWallet(const SecureString& strWalletPassphrase);
bool AddToWallet(const CWalletTx& wtxIn);
bool AddToWalletIfInvolvingMe(const CTransaction& tx, const CBlock* pblock, bool fUpdate = false);

Write Preview
Loading…
Cancel
Save