new wipeable_string class to replace std::string passphrases

This commit is contained in:
moneromooo-monero 2017-11-25 14:50:15 +00:00
parent 7a2a574118
commit 3dffe71b72
No known key found for this signature in database
GPG key ID: 686F07454D6CEFC3
15 changed files with 293 additions and 68 deletions

View file

@ -33,7 +33,7 @@
#include <functional> #include <functional>
#include <string> #include <string>
#include <utility> #include <utility>
#include "wipeable_string.h"
#include "http_base.h" #include "http_base.h"
#undef MONERO_DEFAULT_LOG_CATEGORY #undef MONERO_DEFAULT_LOG_CATEGORY
@ -48,12 +48,12 @@ namespace net_utils
struct login struct login
{ {
login() : username(), password() {} login() : username(), password() {}
login(std::string username_, std::string password_) login(std::string username_, wipeable_string password_)
: username(std::move(username_)), password(std::move(password_)) : username(std::move(username_)), password(std::move(password_))
{} {}
std::string username; std::string username;
std::string password; wipeable_string password;
}; };
//! Implements RFC 2617 digest auth. Digests from RFC 7616 can be added. //! Implements RFC 2617 digest auth. Digests from RFC 7616 can be added.

View file

@ -0,0 +1,70 @@
// Copyright (c) 2017, The Monero Project
//
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification, are
// permitted provided that the following conditions are met:
//
// 1. Redistributions of source code must retain the above copyright notice, this list of
// conditions and the following disclaimer.
//
// 2. Redistributions in binary form must reproduce the above copyright notice, this list
// of conditions and the following disclaimer in the documentation and/or other
// materials provided with the distribution.
//
// 3. Neither the name of the copyright holder nor the names of its contributors may be
// used to endorse or promote products derived from this software without specific
// prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#pragma once
#include <stddef.h>
#include <vector>
#include <string>
namespace epee
{
class wipeable_string
{
public:
wipeable_string() {}
wipeable_string(const wipeable_string &other);
wipeable_string(wipeable_string &&other);
wipeable_string(const std::string &other);
wipeable_string(std::string &&other);
wipeable_string(const char *s);
~wipeable_string();
void wipe();
void push_back(char c);
void pop_back();
const char *data() const noexcept { return buffer.data(); }
size_t size() const noexcept { return buffer.size(); }
bool empty() const noexcept { return buffer.empty(); }
void resize(size_t sz);
void reserve(size_t sz);
void clear();
bool operator==(const wipeable_string &other) const noexcept { return buffer == other.buffer; }
bool operator!=(const wipeable_string &other) const noexcept { return buffer != other.buffer; }
wipeable_string &operator=(wipeable_string &&other);
wipeable_string &operator=(const wipeable_string &other);
static void set_wipe(void *(*f)(void*, size_t)) { wipefunc = f; }
private:
void grow(size_t sz, size_t reserved = 0);
private:
std::vector<char> buffer;
static void *(*wipefunc)(void*, size_t);
};
}

View file

@ -26,7 +26,7 @@
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF # STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
# THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
add_library(epee STATIC hex.cpp http_auth.cpp mlog.cpp net_utils_base.cpp string_tools.cpp) add_library(epee STATIC hex.cpp http_auth.cpp mlog.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp)
if (USE_READLINE AND GNU_READLINE_FOUND) if (USE_READLINE AND GNU_READLINE_FOUND)
add_library(epee_readline STATIC readline_buffer.cpp) add_library(epee_readline STATIC readline_buffer.cpp)
endif() endif()

View file

@ -125,6 +125,14 @@ namespace
{ {
(*this)(boost::string_ref(arg)); (*this)(boost::string_ref(arg));
} }
void operator()(const epee::wipeable_string& arg) const
{
md5::MD5Update(
std::addressof(ctx),
reinterpret_cast<const std::uint8_t*>(arg.data()),
arg.size()
);
}
md5::MD5_CTX& ctx; md5::MD5_CTX& ctx;
}; };

View file

@ -0,0 +1,146 @@
// Copyright (c) 2017, The Monero Project
//
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification, are
// permitted provided that the following conditions are met:
//
// 1. Redistributions of source code must retain the above copyright notice, this list of
// conditions and the following disclaimer.
//
// 2. Redistributions in binary form must reproduce the above copyright notice, this list
// of conditions and the following disclaimer in the documentation and/or other
// materials provided with the distribution.
//
// 3. Neither the name of the copyright holder nor the names of its contributors may be
// used to endorse or promote products derived from this software without specific
// prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <string.h>
#include "misc_log_ex.h"
#include "wipeable_string.h"
namespace epee
{
void *(*wipeable_string::wipefunc)(void*, size_t) = NULL;
wipeable_string::wipeable_string(const wipeable_string &other):
buffer(other.buffer)
{
}
wipeable_string::wipeable_string(wipeable_string &&other)
{
if (&other == this)
return;
buffer = std::move(other.buffer);
}
wipeable_string::wipeable_string(const std::string &other)
{
grow(other.size());
memcpy(buffer.data(), other.c_str(), size());
}
wipeable_string::wipeable_string(std::string &&other)
{
CHECK_AND_ASSERT_THROW_MES(wipefunc, "wipefunc is not set");
grow(other.size());
memcpy(buffer.data(), other.c_str(), size());
if (!other.empty())
{
wipefunc(&other[0], other.size()); // we're kinda left with this again aren't we
other = std::string();
}
}
wipeable_string::wipeable_string(const char *s)
{
grow(strlen(s));
memcpy(buffer.data(), s, size());
}
wipeable_string::~wipeable_string()
{
wipe();
}
void wipeable_string::wipe()
{
CHECK_AND_ASSERT_THROW_MES(wipefunc, "wipefunc is not set");
wipefunc(buffer.data(), buffer.size() * sizeof(char));
}
void wipeable_string::grow(size_t sz, size_t reserved)
{
CHECK_AND_ASSERT_THROW_MES(wipefunc, "wipefunc is not set");
if (reserved == 0)
reserved = sz;
CHECK_AND_ASSERT_THROW_MES(reserved >= sz, "reserved < sz");
if (reserved <= buffer.capacity())
return;
size_t old_sz = buffer.size();
std::unique_ptr<char[]> tmp{new char[old_sz]};
memcpy(tmp.get(), buffer.data(), old_sz * sizeof(char));
wipefunc(buffer.data(), old_sz * sizeof(char));
buffer.reserve(reserved);
buffer.resize(sz);
memcpy(buffer.data(), tmp.get(), sz * sizeof(char));
wipefunc(tmp.get(), old_sz * sizeof(char));
}
void wipeable_string::push_back(char c)
{
grow(size() + 1);
buffer.push_back(c);
}
void wipeable_string::pop_back()
{
resize(size() - 1);
}
void wipeable_string::resize(size_t sz)
{
CHECK_AND_ASSERT_THROW_MES(wipefunc, "wipefunc is not set");
if (sz < buffer.size())
wipefunc(buffer.data() + sz, buffer.size() - sz);
grow(sz);
}
void wipeable_string::reserve(size_t sz)
{
grow(size(), sz);
}
void wipeable_string::clear()
{
resize(0);
}
wipeable_string &wipeable_string::operator=(wipeable_string &&other)
{
if (&other != this)
buffer = std::move(other.buffer);
return *this;
}
wipeable_string &wipeable_string::operator=(const wipeable_string &other)
{
if (&other != this)
buffer = other.buffer;
return *this;
}
}

View file

@ -56,7 +56,7 @@ namespace
return 0 != _isatty(_fileno(stdin)); return 0 != _isatty(_fileno(stdin));
} }
bool read_from_tty(std::string& pass) bool read_from_tty(epee::wipeable_string& pass)
{ {
static constexpr const char BACKSPACE = 8; static constexpr const char BACKSPACE = 8;
@ -88,8 +88,7 @@ namespace
{ {
if (!pass.empty()) if (!pass.empty())
{ {
pass.back() = '\0'; pass.pop_back();
pass.resize(pass.size() - 1);
} }
} }
else else
@ -127,7 +126,7 @@ namespace
return ch; return ch;
} }
bool read_from_tty(std::string& aPass) bool read_from_tty(epee::wipeable_string& aPass)
{ {
static constexpr const char BACKSPACE = 127; static constexpr const char BACKSPACE = 127;
@ -148,8 +147,7 @@ namespace
{ {
if (!aPass.empty()) if (!aPass.empty())
{ {
aPass.back() = '\0'; aPass.pop_back();
aPass.resize(aPass.size() - 1);
} }
} }
else else
@ -163,15 +161,7 @@ namespace
#endif // end !WIN32 #endif // end !WIN32
void clear(std::string& pass) noexcept bool read_from_tty(const bool verify, const char *message, epee::wipeable_string& pass1, epee::wipeable_string& pass2)
{
// technically, the std::string documentation says the data should not be modified,
// but there seems to be no way to get a non const raw pointer to the data
memwipe((void*)pass.data(), pass.size());
pass.clear();
}
bool read_from_tty(const bool verify, const char *message, std::string& pass1, std::string& pass2)
{ {
while (true) while (true)
{ {
@ -187,8 +177,8 @@ namespace
if(pass1!=pass2) if(pass1!=pass2)
{ {
std::cout << "Passwords do not match! Please try again." << std::endl; std::cout << "Passwords do not match! Please try again." << std::endl;
clear(pass1); pass1.clear();
clear(pass2); pass2.clear();
} }
else //new password matches else //new password matches
return true; return true;
@ -201,7 +191,7 @@ namespace
return false; return false;
} }
bool read_from_file(std::string& pass) bool read_from_file(epee::wipeable_string& pass)
{ {
pass.reserve(tools::password_container::max_password_size); pass.reserve(tools::password_container::max_password_size);
for (size_t i = 0; i < tools::password_container::max_password_size; ++i) for (size_t i = 0; i < tools::password_container::max_password_size; ++i)
@ -236,7 +226,7 @@ namespace tools
password_container::~password_container() noexcept password_container::~password_container() noexcept
{ {
clear(m_password); m_password.clear();
} }
boost::optional<password_container> password_container::prompt(const bool verify, const char *message) boost::optional<password_container> password_container::prompt(const bool verify, const char *message)
@ -252,9 +242,8 @@ namespace tools
boost::optional<login> login::parse(std::string&& userpass, bool verify, const std::function<boost::optional<password_container>(bool)> &prompt) boost::optional<login> login::parse(std::string&& userpass, bool verify, const std::function<boost::optional<password_container>(bool)> &prompt)
{ {
login out{}; login out{};
password_container wipe{std::move(userpass)};
const auto loc = wipe.password().find(':'); const auto loc = userpass.find(':');
if (loc == std::string::npos) if (loc == std::string::npos)
{ {
auto result = prompt(verify); auto result = prompt(verify);
@ -265,10 +254,11 @@ namespace tools
} }
else else
{ {
out.password = password_container{wipe.password().substr(loc + 1)}; out.password = password_container{userpass.substr(loc + 1)};
} }
out.username = wipe.password().substr(0, loc); out.username = userpass.substr(0, loc);
password_container wipe{std::move(userpass)};
return {std::move(out)}; return {std::move(out)};
} }
} }

View file

@ -32,6 +32,7 @@
#include <string> #include <string>
#include <boost/optional/optional.hpp> #include <boost/optional/optional.hpp>
#include "wipeable_string.h"
namespace tools namespace tools
{ {
@ -58,11 +59,10 @@ namespace tools
password_container& operator=(const password_container&) = delete; password_container& operator=(const password_container&) = delete;
password_container& operator=(password_container&&) = default; password_container& operator=(password_container&&) = default;
const std::string& password() const noexcept { return m_password; } const epee::wipeable_string &password() const noexcept { return m_password; }
private: private:
//! TODO Custom allocator that locks to RAM? epee::wipeable_string m_password;
std::string m_password;
}; };
struct login struct login

View file

@ -36,9 +36,11 @@
#include "include_base_utils.h" #include "include_base_utils.h"
#include "file_io_utils.h" #include "file_io_utils.h"
#include "wipeable_string.h"
using namespace epee; using namespace epee;
#include "util.h" #include "util.h"
#include "memwipe.h"
#include "cryptonote_config.h" #include "cryptonote_config.h"
#include "net/http_client.h" // epee::net_utils::... #include "net/http_client.h" // epee::net_utils::...
@ -542,6 +544,8 @@ std::string get_nix_version_display_string()
} }
bool on_startup() bool on_startup()
{ {
wipeable_string::set_wipe(&memwipe);
mlog_configure("", true); mlog_configure("", true);
sanitize_locale(); sanitize_locale();

View file

@ -32,6 +32,7 @@
using namespace epee; using namespace epee;
#include <atomic> #include <atomic>
#include "wipeable_string.h"
#include "cryptonote_format_utils.h" #include "cryptonote_format_utils.h"
#include "cryptonote_config.h" #include "cryptonote_config.h"
#include "crypto/crypto.h" #include "crypto/crypto.h"
@ -994,7 +995,7 @@ namespace cryptonote
block_hashes_cached = block_hashes_cached_count; block_hashes_cached = block_hashes_cached_count;
} }
//--------------------------------------------------------------- //---------------------------------------------------------------
crypto::secret_key encrypt_key(crypto::secret_key key, const std::string &passphrase) crypto::secret_key encrypt_key(crypto::secret_key key, const epee::wipeable_string &passphrase)
{ {
crypto::hash hash; crypto::hash hash;
crypto::cn_slow_hash(passphrase.data(), passphrase.size(), hash); crypto::cn_slow_hash(passphrase.data(), passphrase.size(), hash);
@ -1002,7 +1003,7 @@ namespace cryptonote
return key; return key;
} }
//--------------------------------------------------------------- //---------------------------------------------------------------
crypto::secret_key decrypt_key(crypto::secret_key key, const std::string &passphrase) crypto::secret_key decrypt_key(crypto::secret_key key, const epee::wipeable_string &passphrase)
{ {
crypto::hash hash; crypto::hash hash;
crypto::cn_slow_hash(passphrase.data(), passphrase.size(), hash); crypto::cn_slow_hash(passphrase.data(), passphrase.size(), hash);

View file

@ -38,6 +38,11 @@
#include "crypto/hash.h" #include "crypto/hash.h"
#include <unordered_map> #include <unordered_map>
namespace epee
{
class wipeable_string;
}
namespace cryptonote namespace cryptonote
{ {
//--------------------------------------------------------------- //---------------------------------------------------------------
@ -226,8 +231,8 @@ namespace cryptonote
bool is_valid_decomposed_amount(uint64_t amount); bool is_valid_decomposed_amount(uint64_t amount);
void get_hash_stats(uint64_t &tx_hashes_calculated, uint64_t &tx_hashes_cached, uint64_t &block_hashes_calculated, uint64_t & block_hashes_cached); void get_hash_stats(uint64_t &tx_hashes_calculated, uint64_t &tx_hashes_cached, uint64_t &block_hashes_calculated, uint64_t & block_hashes_cached);
crypto::secret_key encrypt_key(crypto::secret_key key, const std::string &passphrase); crypto::secret_key encrypt_key(crypto::secret_key key, const epee::wipeable_string &passphrase);
crypto::secret_key decrypt_key(crypto::secret_key key, const std::string &passphrase); crypto::secret_key decrypt_key(crypto::secret_key key, const epee::wipeable_string &passphrase);
#define CHECKED_GET_SPECIFIC_VARIANT(variant_var, specific_type, variable_name, fail_return_val) \ #define CHECKED_GET_SPECIFIC_VARIANT(variant_var, specific_type, variable_name, fail_return_val) \
CHECK_AND_ASSERT_MES(variant_var.type() == typeid(specific_type), fail_return_val, "wrong variant type: " << variant_var.type().name() << ", expected " << typeid(specific_type).name()); \ CHECK_AND_ASSERT_MES(variant_var.type() == typeid(specific_type), fail_return_val, "wrong variant type: " << variant_var.type().name() << ", expected " << typeid(specific_type).name()); \
specific_type& variable_name = boost::get<specific_type>(variant_var); specific_type& variable_name = boost::get<specific_type>(variant_var);

View file

@ -411,7 +411,7 @@ bool simple_wallet::print_seed(bool encrypted)
m_wallet->set_seed_language(mnemonic_language); m_wallet->set_seed_language(mnemonic_language);
} }
std::string seed_pass; epee::wipeable_string seed_pass;
if (encrypted) if (encrypted)
{ {
auto pwd_container = tools::password_container::prompt(true, tr("Enter optional seed encryption passphrase, empty to see raw seed")); auto pwd_container = tools::password_container::prompt(true, tr("Enter optional seed encryption passphrase, empty to see raw seed"));
@ -1212,7 +1212,7 @@ bool simple_wallet::init(const boost::program_options::variables_map& vm)
auto pwd_container = tools::password_container::prompt(false, tr("Enter seed encryption passphrase, empty if none")); auto pwd_container = tools::password_container::prompt(false, tr("Enter seed encryption passphrase, empty if none"));
if (std::cin.eof() || !pwd_container) if (std::cin.eof() || !pwd_container)
return false; return false;
std::string seed_pass = pwd_container->password(); epee::wipeable_string seed_pass = pwd_container->password();
if (!seed_pass.empty()) if (!seed_pass.empty())
m_recovery_key = cryptonote::decrypt_key(m_recovery_key, seed_pass); m_recovery_key = cryptonote::decrypt_key(m_recovery_key, seed_pass);
} }
@ -1862,12 +1862,12 @@ bool simple_wallet::open_wallet(const boost::program_options::variables_map& vm)
fail_msg_writer() << tr("wallet file path not valid: ") << m_wallet_file; fail_msg_writer() << tr("wallet file path not valid: ") << m_wallet_file;
return false; return false;
} }
std::string password; epee::wipeable_string password;
try try
{ {
auto rc = tools::wallet2::make_from_file(vm, m_wallet_file, password_prompter); auto rc = tools::wallet2::make_from_file(vm, m_wallet_file, password_prompter);
m_wallet = std::move(rc.first); m_wallet = std::move(rc.first);
password = std::move(rc.second).password(); password = std::move(std::move(rc.second).password());
if (!m_wallet) if (!m_wallet)
{ {
return false; return false;

View file

@ -602,7 +602,7 @@ bool wallet2::is_deterministic() const
return keys_deterministic; return keys_deterministic;
} }
//---------------------------------------------------------------------------------------------------- //----------------------------------------------------------------------------------------------------
bool wallet2::get_seed(std::string& electrum_words, const std::string &passphrase) const bool wallet2::get_seed(std::string& electrum_words, const epee::wipeable_string &passphrase) const
{ {
bool keys_deterministic = is_deterministic(); bool keys_deterministic = is_deterministic();
if (!keys_deterministic) if (!keys_deterministic)
@ -2128,7 +2128,7 @@ bool wallet2::clear()
* \param watch_only true to save only view key, false to save both spend and view keys * \param watch_only true to save only view key, false to save both spend and view keys
* \return Whether it was successful. * \return Whether it was successful.
*/ */
bool wallet2::store_keys(const std::string& keys_file_name, const std::string& password, bool watch_only) bool wallet2::store_keys(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only)
{ {
std::string account_data; std::string account_data;
cryptonote::account_base account = m_account; cryptonote::account_base account = m_account;
@ -2214,7 +2214,7 @@ bool wallet2::store_keys(const std::string& keys_file_name, const std::string& p
// Encrypt the entire JSON object. // Encrypt the entire JSON object.
crypto::chacha8_key key; crypto::chacha8_key key;
crypto::generate_chacha8_key(password, key); crypto::generate_chacha8_key(password.data(), password.size(), key);
std::string cipher; std::string cipher;
cipher.resize(account_data.size()); cipher.resize(account_data.size());
keys_file_data.iv = crypto::rand<crypto::chacha8_iv>(); keys_file_data.iv = crypto::rand<crypto::chacha8_iv>();
@ -2244,7 +2244,7 @@ namespace
* \param keys_file_name Name of wallet file * \param keys_file_name Name of wallet file
* \param password Password of wallet file * \param password Password of wallet file
*/ */
bool wallet2::load_keys(const std::string& keys_file_name, const std::string& password) bool wallet2::load_keys(const std::string& keys_file_name, const epee::wipeable_string& password)
{ {
wallet2::keys_file_data keys_file_data; wallet2::keys_file_data keys_file_data;
std::string buf; std::string buf;
@ -2255,7 +2255,7 @@ bool wallet2::load_keys(const std::string& keys_file_name, const std::string& pa
r = ::serialization::parse_binary(buf, keys_file_data); r = ::serialization::parse_binary(buf, keys_file_data);
THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name + '\"'); THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name + '\"');
crypto::chacha8_key key; crypto::chacha8_key key;
crypto::generate_chacha8_key(password, key); crypto::generate_chacha8_key(password.data(), password.size(), key);
std::string account_data; std::string account_data;
account_data.resize(keys_file_data.account_data.size()); account_data.resize(keys_file_data.account_data.size());
crypto::chacha8(keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]); crypto::chacha8(keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]);
@ -2379,7 +2379,7 @@ bool wallet2::load_keys(const std::string& keys_file_name, const std::string& pa
* can be used prior to rewriting wallet keys file, to ensure user has entered the correct password * can be used prior to rewriting wallet keys file, to ensure user has entered the correct password
* *
*/ */
bool wallet2::verify_password(const std::string& password) const bool wallet2::verify_password(const epee::wipeable_string& password) const
{ {
return verify_password(m_keys_file, password, m_watch_only); return verify_password(m_keys_file, password, m_watch_only);
} }
@ -2396,7 +2396,7 @@ bool wallet2::verify_password(const std::string& password) const
* can be used prior to rewriting wallet keys file, to ensure user has entered the correct password * can be used prior to rewriting wallet keys file, to ensure user has entered the correct password
* *
*/ */
bool wallet2::verify_password(const std::string& keys_file_name, const std::string& password, bool watch_only) bool wallet2::verify_password(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only)
{ {
wallet2::keys_file_data keys_file_data; wallet2::keys_file_data keys_file_data;
std::string buf; std::string buf;
@ -2407,7 +2407,7 @@ bool wallet2::verify_password(const std::string& keys_file_name, const std::stri
r = ::serialization::parse_binary(buf, keys_file_data); r = ::serialization::parse_binary(buf, keys_file_data);
THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name + '\"'); THROW_WALLET_EXCEPTION_IF(!r, error::wallet_internal_error, "internal error: failed to deserialize \"" + keys_file_name + '\"');
crypto::chacha8_key key; crypto::chacha8_key key;
crypto::generate_chacha8_key(password, key); crypto::generate_chacha8_key(password.data(), password.size(), key);
std::string account_data; std::string account_data;
account_data.resize(keys_file_data.account_data.size()); account_data.resize(keys_file_data.account_data.size());
crypto::chacha8(keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]); crypto::chacha8(keys_file_data.account_data.data(), keys_file_data.account_data.size(), key, keys_file_data.iv, &account_data[0]);
@ -2444,7 +2444,7 @@ bool wallet2::verify_password(const std::string& keys_file_name, const std::stri
* \param two_random Whether it is a non-deterministic wallet * \param two_random Whether it is a non-deterministic wallet
* \return The secret key of the generated wallet * \return The secret key of the generated wallet
*/ */
crypto::secret_key wallet2::generate(const std::string& wallet_, const std::string& password, crypto::secret_key wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
const crypto::secret_key& recovery_param, bool recover, bool two_random) const crypto::secret_key& recovery_param, bool recover, bool two_random)
{ {
clear(); clear();
@ -2511,7 +2511,7 @@ crypto::secret_key wallet2::generate(const std::string& wallet_, const std::stri
* \param password Password of wallet file * \param password Password of wallet file
* \param viewkey view secret key * \param viewkey view secret key
*/ */
void wallet2::generate(const std::string& wallet_, const std::string& password, void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
const cryptonote::account_public_address &account_public_address, const cryptonote::account_public_address &account_public_address,
const crypto::secret_key& viewkey) const crypto::secret_key& viewkey)
{ {
@ -2547,7 +2547,7 @@ void wallet2::generate(const std::string& wallet_, const std::string& password,
* \param spendkey spend secret key * \param spendkey spend secret key
* \param viewkey view secret key * \param viewkey view secret key
*/ */
void wallet2::generate(const std::string& wallet_, const std::string& password, void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
const cryptonote::account_public_address &account_public_address, const cryptonote::account_public_address &account_public_address,
const crypto::secret_key& spendkey, const crypto::secret_key& viewkey) const crypto::secret_key& spendkey, const crypto::secret_key& viewkey)
{ {
@ -2581,7 +2581,7 @@ void wallet2::generate(const std::string& wallet_, const std::string& password,
* \param wallet_name Name of wallet file (should exist) * \param wallet_name Name of wallet file (should exist)
* \param password Password for wallet file * \param password Password for wallet file
*/ */
void wallet2::rewrite(const std::string& wallet_name, const std::string& password) void wallet2::rewrite(const std::string& wallet_name, const epee::wipeable_string& password)
{ {
prepare_file_names(wallet_name); prepare_file_names(wallet_name);
boost::system::error_code ignored_ec; boost::system::error_code ignored_ec;
@ -2594,7 +2594,7 @@ void wallet2::rewrite(const std::string& wallet_name, const std::string& passwor
* \param wallet_name Base name of wallet file * \param wallet_name Base name of wallet file
* \param password Password for wallet file * \param password Password for wallet file
*/ */
void wallet2::write_watch_only_wallet(const std::string& wallet_name, const std::string& password) void wallet2::write_watch_only_wallet(const std::string& wallet_name, const epee::wipeable_string& password)
{ {
prepare_file_names(wallet_name); prepare_file_names(wallet_name);
boost::system::error_code ignored_ec; boost::system::error_code ignored_ec;
@ -2730,7 +2730,7 @@ bool wallet2::generate_chacha8_key_from_secret_keys(crypto::chacha8_key &key) co
return true; return true;
} }
//---------------------------------------------------------------------------------------------------- //----------------------------------------------------------------------------------------------------
void wallet2::load(const std::string& wallet_, const std::string& password) void wallet2::load(const std::string& wallet_, const epee::wipeable_string& password)
{ {
clear(); clear();
prepare_file_names(wallet_); prepare_file_names(wallet_);
@ -2881,10 +2881,10 @@ std::string wallet2::path() const
//---------------------------------------------------------------------------------------------------- //----------------------------------------------------------------------------------------------------
void wallet2::store() void wallet2::store()
{ {
store_to("", ""); store_to("", epee::wipeable_string());
} }
//---------------------------------------------------------------------------------------------------- //----------------------------------------------------------------------------------------------------
void wallet2::store_to(const std::string &path, const std::string &password) void wallet2::store_to(const std::string &path, const epee::wipeable_string &password)
{ {
trim_hashchain(); trim_hashchain();

View file

@ -168,7 +168,7 @@ namespace tools
//! Just parses variables. //! Just parses variables.
static std::unique_ptr<wallet2> make_dummy(const boost::program_options::variables_map& vm, const std::function<boost::optional<password_container>(const char *, bool)> &password_prompter); static std::unique_ptr<wallet2> make_dummy(const boost::program_options::variables_map& vm, const std::function<boost::optional<password_container>(const char *, bool)> &password_prompter);
static bool verify_password(const std::string& keys_file_name, const std::string& password, bool watch_only); static bool verify_password(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only);
wallet2(bool testnet = false, bool restricted = false) : m_run(true), m_callback(0), m_testnet(testnet), m_always_confirm_transfers(true), m_print_ring_members(false), m_store_tx_info(true), m_default_mixin(0), m_default_priority(0), m_refresh_type(RefreshDefault), m_auto_refresh(true), m_refresh_from_block_height(0), m_confirm_missing_payment_id(true), m_ask_password(true), m_min_output_count(0), m_min_output_value(0), m_merge_destinations(false), m_confirm_backlog(true), m_is_initialized(false), m_restricted(restricted), is_old_file_format(false), m_node_rpc_proxy(m_http_client, m_daemon_rpc_mutex), m_light_wallet(false), m_light_wallet_scanned_block_height(0), m_light_wallet_blockchain_height(0), m_light_wallet_connected(false), m_light_wallet_balance(0), m_light_wallet_unlocked_balance(0) {} wallet2(bool testnet = false, bool restricted = false) : m_run(true), m_callback(0), m_testnet(testnet), m_always_confirm_transfers(true), m_print_ring_members(false), m_store_tx_info(true), m_default_mixin(0), m_default_priority(0), m_refresh_type(RefreshDefault), m_auto_refresh(true), m_refresh_from_block_height(0), m_confirm_missing_payment_id(true), m_ask_password(true), m_min_output_count(0), m_min_output_value(0), m_merge_destinations(false), m_confirm_backlog(true), m_is_initialized(false), m_restricted(restricted), is_old_file_format(false), m_node_rpc_proxy(m_http_client, m_daemon_rpc_mutex), m_light_wallet(false), m_light_wallet_scanned_block_height(0), m_light_wallet_blockchain_height(0), m_light_wallet_connected(false), m_light_wallet_balance(0), m_light_wallet_unlocked_balance(0) {}
@ -398,7 +398,7 @@ namespace tools
* \param two_random Whether it is a non-deterministic wallet * \param two_random Whether it is a non-deterministic wallet
* \return The secret key of the generated wallet * \return The secret key of the generated wallet
*/ */
crypto::secret_key generate(const std::string& wallet, const std::string& password, crypto::secret_key generate(const std::string& wallet, const epee::wipeable_string& password,
const crypto::secret_key& recovery_param = crypto::secret_key(), bool recover = false, const crypto::secret_key& recovery_param = crypto::secret_key(), bool recover = false,
bool two_random = false); bool two_random = false);
/*! /*!
@ -408,7 +408,7 @@ namespace tools
* \param viewkey view secret key * \param viewkey view secret key
* \param spendkey spend secret key * \param spendkey spend secret key
*/ */
void generate(const std::string& wallet, const std::string& password, void generate(const std::string& wallet, const epee::wipeable_string& password,
const cryptonote::account_public_address &account_public_address, const cryptonote::account_public_address &account_public_address,
const crypto::secret_key& spendkey, const crypto::secret_key& viewkey); const crypto::secret_key& spendkey, const crypto::secret_key& viewkey);
/*! /*!
@ -417,7 +417,7 @@ namespace tools
* \param password Password of wallet file * \param password Password of wallet file
* \param viewkey view secret key * \param viewkey view secret key
*/ */
void generate(const std::string& wallet, const std::string& password, void generate(const std::string& wallet, const epee::wipeable_string& password,
const cryptonote::account_public_address &account_public_address, const cryptonote::account_public_address &account_public_address,
const crypto::secret_key& viewkey = crypto::secret_key()); const crypto::secret_key& viewkey = crypto::secret_key());
/*! /*!
@ -425,23 +425,23 @@ namespace tools
* \param wallet_name Name of wallet file (should exist) * \param wallet_name Name of wallet file (should exist)
* \param password Password for wallet file * \param password Password for wallet file
*/ */
void rewrite(const std::string& wallet_name, const std::string& password); void rewrite(const std::string& wallet_name, const epee::wipeable_string& password);
void write_watch_only_wallet(const std::string& wallet_name, const std::string& password); void write_watch_only_wallet(const std::string& wallet_name, const epee::wipeable_string& password);
void load(const std::string& wallet, const std::string& password); void load(const std::string& wallet, const epee::wipeable_string& password);
void store(); void store();
/*! /*!
* \brief store_to - stores wallet to another file(s), deleting old ones * \brief store_to - stores wallet to another file(s), deleting old ones
* \param path - path to the wallet file (keys and address filenames will be generated based on this filename) * \param path - path to the wallet file (keys and address filenames will be generated based on this filename)
* \param password - password to protect new wallet (TODO: probably better save the password in the wallet object?) * \param password - password to protect new wallet (TODO: probably better save the password in the wallet object?)
*/ */
void store_to(const std::string &path, const std::string &password); void store_to(const std::string &path, const epee::wipeable_string &password);
std::string path() const; std::string path() const;
/*! /*!
* \brief verifies given password is correct for default wallet keys file * \brief verifies given password is correct for default wallet keys file
*/ */
bool verify_password(const std::string& password) const; bool verify_password(const epee::wipeable_string& password) const;
cryptonote::account_base& get_account(){return m_account;} cryptonote::account_base& get_account(){return m_account;}
const cryptonote::account_base& get_account()const{return m_account;} const cryptonote::account_base& get_account()const{return m_account;}
@ -466,7 +466,7 @@ namespace tools
* \brief Checks if deterministic wallet * \brief Checks if deterministic wallet
*/ */
bool is_deterministic() const; bool is_deterministic() const;
bool get_seed(std::string& electrum_words, const std::string &passphrase = std::string()) const; bool get_seed(std::string& electrum_words, const epee::wipeable_string &passphrase = epee::wipeable_string()) const;
/*! /*!
* \brief Checks if light wallet. A light wallet sends view key to a server where the blockchain is scanned. * \brief Checks if light wallet. A light wallet sends view key to a server where the blockchain is scanned.
@ -838,13 +838,13 @@ namespace tools
* \param watch_only true to save only view key, false to save both spend and view keys * \param watch_only true to save only view key, false to save both spend and view keys
* \return Whether it was successful. * \return Whether it was successful.
*/ */
bool store_keys(const std::string& keys_file_name, const std::string& password, bool watch_only = false); bool store_keys(const std::string& keys_file_name, const epee::wipeable_string& password, bool watch_only = false);
/*! /*!
* \brief Load wallet information from wallet file. * \brief Load wallet information from wallet file.
* \param keys_file_name Name of wallet file * \param keys_file_name Name of wallet file
* \param password Password of wallet file * \param password Password of wallet file
*/ */
bool load_keys(const std::string& keys_file_name, const std::string& password); bool load_keys(const std::string& keys_file_name, const epee::wipeable_string& password);
void process_new_transaction(const crypto::hash &txid, const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint64_t ts, bool miner_tx, bool pool, bool double_spend_seen); void process_new_transaction(const crypto::hash &txid, const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint64_t ts, bool miner_tx, bool pool, bool double_spend_seen);
void process_new_blockchain_entry(const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const crypto::hash& bl_id, uint64_t height, const cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices &o_indices); void process_new_blockchain_entry(const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const crypto::hash& bl_id, uint64_t height, const cryptonote::COMMAND_RPC_GET_BLOCKS_FAST::block_output_indices &o_indices);
void detach_blockchain(uint64_t height); void detach_blockchain(uint64_t height);

View file

@ -206,7 +206,8 @@ namespace tools
} }
std::fputs(http_login->username.c_str(), rpc_login_file.handle()); std::fputs(http_login->username.c_str(), rpc_login_file.handle());
std::fputc(':', rpc_login_file.handle()); std::fputc(':', rpc_login_file.handle());
std::fputs(http_login->password.c_str(), rpc_login_file.handle()); const epee::wipeable_string password = http_login->password;
std::fwrite(password.data(), 1, password.size(), rpc_login_file.handle());
std::fflush(rpc_login_file.handle()); std::fflush(rpc_login_file.handle());
if (std::ferror(rpc_login_file.handle())) if (std::ferror(rpc_login_file.handle()))
{ {

View file

@ -211,7 +211,7 @@ std::string get_a1(const http::login& user, const fields& src)
{ {
const std::string& realm = src.at(u8"realm"); const std::string& realm = src.at(u8"realm");
return boost::join( return boost::join(
std::vector<std::string>{user.username, realm, user.password}, u8":" std::vector<std::string>{user.username, realm, std::string(user.password.data(), user.password.size())}, u8":"
); );
} }