diff options
author | Wladimir J. van der Laan <laanwj@gmail.com> | 2012-08-22 13:39:21 +0200 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2012-08-23 06:55:35 +0200 |
commit | 0b886ad1bda23c01a68d0ebeac9ec480ca5690fd (patch) | |
tree | 91ab9f3d614af27d73e6e8266bd2249495a7ed62 | |
parent | e95568b78ddead0173339ca98df6cd92131ceb62 (diff) |
Make CCrypter use LockedPageManager to manage locked pages
Replace direct calls to mlock.
Also, change the class to lock the memory areas in the constructor and unlock them again in the destructor. This makes sure that locked pages won't leak.
-rw-r--r-- | src/crypter.cpp | 12 | ||||
-rw-r--r-- | src/crypter.h | 11 |
2 files changed, 9 insertions, 14 deletions
diff --git a/src/crypter.cpp b/src/crypter.cpp index 411a1ee4c1..181b8fa00a 100644 --- a/src/crypter.cpp +++ b/src/crypter.cpp @@ -17,12 +17,6 @@ bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::v if (nRounds < 1 || chSalt.size() != WALLET_CRYPTO_SALT_SIZE) return false; - // Try to keep the key data out of swap (and be a bit over-careful to keep the IV that we don't even use out of swap) - // Note that this does nothing about suspend-to-disk (which will put all our key data on disk) - // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process. - mlock(&chKey[0], sizeof chKey); - mlock(&chIV[0], sizeof chIV); - int i = 0; if (nDerivationMethod == 0) i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha512(), &chSalt[0], @@ -44,12 +38,6 @@ bool CCrypter::SetKey(const CKeyingMaterial& chNewKey, const std::vector<unsigne if (chNewKey.size() != WALLET_CRYPTO_KEY_SIZE || chNewIV.size() != WALLET_CRYPTO_KEY_SIZE) return false; - // Try to keep the key data out of swap - // Note that this does nothing about suspend-to-disk (which will put all our key data on disk) - // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process. - mlock(&chKey[0], sizeof chKey); - mlock(&chIV[0], sizeof chIV); - memcpy(&chKey[0], &chNewKey[0], sizeof chKey); memcpy(&chIV[0], &chNewIV[0], sizeof chIV); diff --git a/src/crypter.h b/src/crypter.h index d1bdb92c91..04538a3fa5 100644 --- a/src/crypter.h +++ b/src/crypter.h @@ -78,19 +78,26 @@ public: { memset(&chKey, 0, sizeof chKey); memset(&chIV, 0, sizeof chIV); - munlock(&chKey, sizeof chKey); - munlock(&chIV, sizeof chIV); fKeySet = false; } CCrypter() { fKeySet = false; + + // Try to keep the key data out of swap (and be a bit over-careful to keep the IV that we don't even use out of swap) + // Note that this does nothing about suspend-to-disk (which will put all our key data on disk) + // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process. + LockedPageManager::instance.LockRange(&chKey[0], sizeof chKey); + LockedPageManager::instance.LockRange(&chIV[0], sizeof chIV); } ~CCrypter() { CleanKey(); + + LockedPageManager::instance.UnlockRange(&chKey[0], sizeof chKey); + LockedPageManager::instance.UnlockRange(&chIV[0], sizeof chIV); } }; |