From ab74dc277aac3922a266ccae30fa2c30d9222790 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Sun, 15 Jul 2018 14:33:48 +0100 Subject: [PATCH] crypto: make secret_key automatically mlock --- src/crypto/chacha.h | 11 ++++++----- src/crypto/crypto.h | 3 ++- src/cryptonote_basic/account.cpp | 4 ++-- src/device/device_default.cpp | 2 +- src/wallet/wallet2.cpp | 2 +- 5 files changed, 12 insertions(+), 10 deletions(-) diff --git a/src/crypto/chacha.h b/src/crypto/chacha.h index 1dc270faf..6e85ad0e9 100644 --- a/src/crypto/chacha.h +++ b/src/crypto/chacha.h @@ -40,6 +40,7 @@ #include #include "memwipe.h" +#include "mlocker.h" #include "hash.h" namespace crypto { @@ -50,7 +51,7 @@ namespace crypto { #if defined(__cplusplus) } - using chacha_key = tools::scrubbed_arr; + using chacha_key = epee::mlocked>; #pragma pack(push, 1) // MS VC 2012 doesn't interpret `class chacha_iv` as POD in spite of [9.0.10], so it is a struct @@ -71,20 +72,20 @@ namespace crypto { inline void generate_chacha_key(const void *data, size_t size, chacha_key& key, uint64_t kdf_rounds) { static_assert(sizeof(chacha_key) <= sizeof(hash), "Size of hash must be at least that of chacha_key"); - tools::scrubbed_arr pwd_hash; + epee::mlocked> pwd_hash; crypto::cn_slow_hash(data, size, pwd_hash.data(), 0/*variant*/, 0/*prehashed*/); for (uint64_t n = 1; n < kdf_rounds; ++n) crypto::cn_slow_hash(pwd_hash.data(), pwd_hash.size(), pwd_hash.data(), 0/*variant*/, 0/*prehashed*/); - memcpy(&unwrap(key), pwd_hash.data(), sizeof(key)); + memcpy(&unwrap(unwrap(key)), pwd_hash.data(), sizeof(key)); } inline void generate_chacha_key_prehashed(const void *data, size_t size, chacha_key& key, uint64_t kdf_rounds) { static_assert(sizeof(chacha_key) <= sizeof(hash), "Size of hash must be at least that of chacha_key"); - tools::scrubbed_arr pwd_hash; + epee::mlocked> pwd_hash; crypto::cn_slow_hash(data, size, pwd_hash.data(), 0/*variant*/, 1/*prehashed*/); for (uint64_t n = 1; n < kdf_rounds; ++n) crypto::cn_slow_hash(pwd_hash.data(), pwd_hash.size(), pwd_hash.data(), 0/*variant*/, 0/*prehashed*/); - memcpy(&unwrap(key), pwd_hash.data(), sizeof(key)); + memcpy(&unwrap(unwrap(key)), pwd_hash.data(), sizeof(key)); } inline void generate_chacha_key(std::string password, chacha_key& key, uint64_t kdf_rounds) { diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index a2d61b04e..c1576a218 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -41,6 +41,7 @@ #include "common/pod-class.h" #include "common/util.h" #include "memwipe.h" +#include "mlocker.h" #include "generic-ops.h" #include "hex.h" #include "span.h" @@ -65,7 +66,7 @@ namespace crypto { friend class crypto_ops; }; - using secret_key = tools::scrubbed; + using secret_key = epee::mlocked>; POD_CLASS public_keyV { std::vector keys; diff --git a/src/cryptonote_basic/account.cpp b/src/cryptonote_basic/account.cpp index 0aebf9223..4cbfa8142 100644 --- a/src/cryptonote_basic/account.cpp +++ b/src/cryptonote_basic/account.cpp @@ -67,7 +67,7 @@ DISABLE_VS_WARNINGS(4244 4345) static void derive_key(const crypto::chacha_key &base_key, crypto::chacha_key &key) { static_assert(sizeof(base_key) == sizeof(crypto::hash), "chacha key and hash should be the same size"); - tools::scrubbed_arr data; + epee::mlocked> data; memcpy(data.data(), &base_key, sizeof(base_key)); data[sizeof(base_key)] = KEYS_ENCRYPTION_SALT; crypto::generate_chacha_key(data.data(), sizeof(data), key, 1); @@ -223,7 +223,7 @@ DISABLE_VS_WARNINGS(4244 4345) void account_base::create_from_viewkey(const cryptonote::account_public_address& address, const crypto::secret_key& viewkey) { crypto::secret_key fake; - memset(&unwrap(fake), 0, sizeof(fake)); + memset(&unwrap(unwrap(fake)), 0, sizeof(fake)); create_from_keys(address, fake, viewkey); } //----------------------------------------------------------------- diff --git a/src/device/device_default.cpp b/src/device/device_default.cpp index bf14813ea..a4f40e041 100644 --- a/src/device/device_default.cpp +++ b/src/device/device_default.cpp @@ -103,7 +103,7 @@ namespace hw { bool device_default::generate_chacha_key(const cryptonote::account_keys &keys, crypto::chacha_key &key, uint64_t kdf_rounds) { const crypto::secret_key &view_key = keys.m_view_secret_key; const crypto::secret_key &spend_key = keys.m_spend_secret_key; - tools::scrubbed_arr data; + epee::mlocked> data; memcpy(data.data(), &view_key, sizeof(view_key)); memcpy(data.data() + sizeof(view_key), &spend_key, sizeof(spend_key)); data[sizeof(data) - 1] = CHACHA8_KEY_TAIL; diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index ea3cca1ce..115438351 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -2963,7 +2963,7 @@ void wallet2::setup_keys(const epee::wipeable_string &password) } static_assert(HASH_SIZE == sizeof(crypto::chacha_key), "Mismatched sizes of hash and chacha key"); - tools::scrubbed_arr cache_key_data; + epee::mlocked> cache_key_data; memcpy(cache_key_data.data(), &key, HASH_SIZE); cache_key_data[HASH_SIZE] = CACHE_KEY_TAIL; cn_fast_hash(cache_key_data.data(), HASH_SIZE+1, (crypto::hash&)m_cache_key);