aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@gmail.com>2012-08-22 13:39:21 +0200
committerWladimir J. van der Laan <laanwj@gmail.com>2012-08-23 06:55:35 +0200
commit0b886ad1bda23c01a68d0ebeac9ec480ca5690fd (patch)
tree91ab9f3d614af27d73e6e8266bd2249495a7ed62
parente95568b78ddead0173339ca98df6cd92131ceb62 (diff)
Make CCrypter use LockedPageManager to manage locked pages
Replace direct calls to mlock. Also, change the class to lock the memory areas in the constructor and unlock them again in the destructor. This makes sure that locked pages won't leak.
-rw-r--r--src/crypter.cpp12
-rw-r--r--src/crypter.h11
2 files changed, 9 insertions, 14 deletions
diff --git a/src/crypter.cpp b/src/crypter.cpp
index 411a1ee4c1..181b8fa00a 100644
--- a/src/crypter.cpp
+++ b/src/crypter.cpp
@@ -17,12 +17,6 @@ bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::v
if (nRounds < 1 || chSalt.size() != WALLET_CRYPTO_SALT_SIZE)
return false;
- // Try to keep the key data out of swap (and be a bit over-careful to keep the IV that we don't even use out of swap)
- // Note that this does nothing about suspend-to-disk (which will put all our key data on disk)
- // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process.
- mlock(&chKey[0], sizeof chKey);
- mlock(&chIV[0], sizeof chIV);
-
int i = 0;
if (nDerivationMethod == 0)
i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha512(), &chSalt[0],
@@ -44,12 +38,6 @@ bool CCrypter::SetKey(const CKeyingMaterial& chNewKey, const std::vector<unsigne
if (chNewKey.size() != WALLET_CRYPTO_KEY_SIZE || chNewIV.size() != WALLET_CRYPTO_KEY_SIZE)
return false;
- // Try to keep the key data out of swap
- // Note that this does nothing about suspend-to-disk (which will put all our key data on disk)
- // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process.
- mlock(&chKey[0], sizeof chKey);
- mlock(&chIV[0], sizeof chIV);
-
memcpy(&chKey[0], &chNewKey[0], sizeof chKey);
memcpy(&chIV[0], &chNewIV[0], sizeof chIV);
diff --git a/src/crypter.h b/src/crypter.h
index d1bdb92c91..04538a3fa5 100644
--- a/src/crypter.h
+++ b/src/crypter.h
@@ -78,19 +78,26 @@ public:
{
memset(&chKey, 0, sizeof chKey);
memset(&chIV, 0, sizeof chIV);
- munlock(&chKey, sizeof chKey);
- munlock(&chIV, sizeof chIV);
fKeySet = false;
}
CCrypter()
{
fKeySet = false;
+
+ // Try to keep the key data out of swap (and be a bit over-careful to keep the IV that we don't even use out of swap)
+ // Note that this does nothing about suspend-to-disk (which will put all our key data on disk)
+ // Note as well that at no point in this program is any attempt made to prevent stealing of keys by reading the memory of the running process.
+ LockedPageManager::instance.LockRange(&chKey[0], sizeof chKey);
+ LockedPageManager::instance.LockRange(&chIV[0], sizeof chIV);
}
~CCrypter()
{
CleanKey();
+
+ LockedPageManager::instance.UnlockRange(&chKey[0], sizeof chKey);
+ LockedPageManager::instance.UnlockRange(&chIV[0], sizeof chIV);
}
};