X-Git-Url: https://git.novaco.in/?a=blobdiff_plain;f=src%2Fcrypter.h;h=733d9a31230a76f87516656f30f75dcabdbeda87;hb=cecf7a56ed5a5efd939b21c760c69da616306005;hp=b7fc788807d668e2e8c494d39bd52b3b3857eba9;hpb=882164196e5b1971313493f95a6d027f05e2ec92;p=novacoin.git diff --git a/src/crypter.h b/src/crypter.h index b7fc788..733d9a3 100644 --- a/src/crypter.h +++ b/src/crypter.h @@ -4,8 +4,9 @@ #ifndef __CRYPTER_H__ #define __CRYPTER_H__ -#include "util.h" /* for SecureString */ +#include "allocators.h" /* for SecureString */ #include "key.h" +#include "serialize.h" const unsigned int WALLET_CRYPTO_KEY_SIZE = 32; const unsigned int WALLET_CRYPTO_SALT_SIZE = 8; @@ -25,6 +26,7 @@ with the double-sha256 of the public key as the IV, and the master key's key as the encryption key (see keystore.[ch]). */ +/** Master key for wallet encryption */ class CMasterKey { public: @@ -58,6 +60,7 @@ public: typedef std::vector > CKeyingMaterial; +/** Encryption/decryption context with key information */ class CCrypter { private: @@ -73,21 +76,28 @@ public: void CleanKey() { - memset(&chKey, 0, sizeof chKey); - memset(&chIV, 0, sizeof chIV); - munlock(&chKey, sizeof chKey); - munlock(&chIV, sizeof chIV); + OPENSSL_cleanse(&chKey, sizeof chKey); + OPENSSL_cleanse(&chIV, sizeof chIV); fKeySet = false; } CCrypter() { fKeySet = false; + + // Try to keep the key data out of swap (and be a bit over-careful to keep the IV that we don't even use out of swap) + // Note that this does nothing about suspend-to-disk (which will put all our key data on disk) + // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process. + LockedPageManager::instance.LockRange(&chKey[0], sizeof chKey); + LockedPageManager::instance.LockRange(&chIV[0], sizeof chIV); } ~CCrypter() { CleanKey(); + + LockedPageManager::instance.UnlockRange(&chKey[0], sizeof chKey); + LockedPageManager::instance.UnlockRange(&chIV[0], sizeof chIV); } };