X-Git-Url: https://git.novaco.in/?a=blobdiff_plain;f=src%2Fcrypter.h;h=733d9a31230a76f87516656f30f75dcabdbeda87;hb=1ebe5b92ef18395cdae9b88fc38b0ed6166c3243;hp=5b95ea415e0359ec45838b6cd5331f2138780f46;hpb=4e87d341f75f13bbd7d108c31c03886fbc4df56f;p=novacoin.git diff --git a/src/crypter.h b/src/crypter.h index 5b95ea4..733d9a3 100644 --- a/src/crypter.h +++ b/src/crypter.h @@ -1,10 +1,12 @@ -// Copyright (c) 2011 The Bitcoin Developers +// Copyright (c) 2009-2012 The Bitcoin Developers // Distributed under the MIT/X11 software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #ifndef __CRYPTER_H__ #define __CRYPTER_H__ +#include "allocators.h" /* for SecureString */ #include "key.h" +#include "serialize.h" const unsigned int WALLET_CRYPTO_KEY_SIZE = 32; const unsigned int WALLET_CRYPTO_SALT_SIZE = 8; @@ -13,17 +15,18 @@ const unsigned int WALLET_CRYPTO_SALT_SIZE = 8; Private key encryption is done based on a CMasterKey, which holds a salt and random encryption key. -CMasterKeys is encrypted using AES-256-CBC using a key +CMasterKeys are encrypted using AES-256-CBC using a key derived using derivation method nDerivationMethod (0 == EVP_sha512()) and derivation iterations nDeriveIterations. vchOtherDerivationParameters is provided for alternative algorithms which may require more parameters (such as scrypt). Wallet Private Keys are then encrypted using AES-256-CBC -with the double-sha256 of the private key as the IV, and the -master key's key as the encryption key. +with the double-sha256 of the public key as the IV, and the +master key's key as the encryption key (see keystore.[ch]). */ +/** Master key for wallet encryption */ class CMasterKey { public: @@ -57,6 +60,7 @@ public: typedef std::vector > CKeyingMaterial; +/** Encryption/decryption context with key information */ class CCrypter { private: @@ -65,28 +69,35 @@ private: bool fKeySet; public: - bool SetKeyFromPassphrase(const std::string &strKeyData, const std::vector& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod); + bool SetKeyFromPassphrase(const SecureString &strKeyData, const std::vector& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod); bool Encrypt(const CKeyingMaterial& vchPlaintext, std::vector &vchCiphertext); bool Decrypt(const std::vector& vchCiphertext, CKeyingMaterial& vchPlaintext); bool SetKey(const CKeyingMaterial& chNewKey, const std::vector& chNewIV); void CleanKey() { - memset(&chKey, 0, sizeof chKey); - memset(&chIV, 0, sizeof chIV); - munlock(&chKey, sizeof chKey); - munlock(&chIV, sizeof chIV); + OPENSSL_cleanse(&chKey, sizeof chKey); + OPENSSL_cleanse(&chIV, sizeof chIV); fKeySet = false; } CCrypter() { fKeySet = false; + + // Try to keep the key data out of swap (and be a bit over-careful to keep the IV that we don't even use out of swap) + // Note that this does nothing about suspend-to-disk (which will put all our key data on disk) + // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process. + LockedPageManager::instance.LockRange(&chKey[0], sizeof chKey); + LockedPageManager::instance.LockRange(&chIV[0], sizeof chIV); } ~CCrypter() { CleanKey(); + + LockedPageManager::instance.UnlockRange(&chKey[0], sizeof chKey); + LockedPageManager::instance.UnlockRange(&chIV[0], sizeof chIV); } };