diff options
author | Dylan Noblesmith <nobled@dreamwidth.org> | 2011-11-26 06:02:04 +0000 |
---|---|---|
committer | Dylan Noblesmith <nobled@dreamwidth.org> | 2011-11-26 06:02:04 +0000 |
commit | 94f778bdebe1438fbe0206621ce44b4e25196e59 (patch) | |
tree | 5e8add3e2a97bf32f59bc94a7b250dbae728783f /src/qt | |
parent | d8b86408636388195596f6c7dded23f777f99a07 (diff) |
Implement an mlock()'d string class for storing passphrases
SecureString is identical to std::string except with secure_allocator
substituting for std::allocator. This makes casting between them
impossible, so converting between the two at API boundaries requires
calling ::c_str() for now.
Diffstat (limited to 'src/qt')
-rw-r--r-- | src/qt/askpassphrasedialog.cpp | 11 | ||||
-rw-r--r-- | src/qt/walletmodel.cpp | 6 | ||||
-rw-r--r-- | src/qt/walletmodel.h | 9 |
3 files changed, 14 insertions, 12 deletions
diff --git a/src/qt/askpassphrasedialog.cpp b/src/qt/askpassphrasedialog.cpp index a574ef925b..24f622d637 100644 --- a/src/qt/askpassphrasedialog.cpp +++ b/src/qt/askpassphrasedialog.cpp @@ -71,16 +71,17 @@ void AskPassphraseDialog::setModel(WalletModel *model) void AskPassphraseDialog::accept() { - std::string oldpass, newpass1, newpass2; + SecureString oldpass, newpass1, newpass2; if(!model) return; - // TODO: mlock memory / munlock on return so they will not be swapped out, really need "mlockedstring" wrapper class to do this safely oldpass.reserve(MAX_PASSPHRASE_SIZE); newpass1.reserve(MAX_PASSPHRASE_SIZE); newpass2.reserve(MAX_PASSPHRASE_SIZE); - oldpass.assign(ui->passEdit1->text().toStdString()); - newpass1.assign(ui->passEdit2->text().toStdString()); - newpass2.assign(ui->passEdit3->text().toStdString()); + // TODO: get rid of this .c_str() by implementing SecureString::operator=(std::string) + // Alternately, find a way to make this input mlock()'d to begin with. + oldpass.assign(ui->passEdit1->text().toStdString().c_str()); + newpass1.assign(ui->passEdit2->text().toStdString().c_str()); + newpass2.assign(ui->passEdit3->text().toStdString().c_str()); switch(mode) { diff --git a/src/qt/walletmodel.cpp b/src/qt/walletmodel.cpp index 2f989661f0..f028f10f6c 100644 --- a/src/qt/walletmodel.cpp +++ b/src/qt/walletmodel.cpp @@ -200,7 +200,7 @@ WalletModel::EncryptionStatus WalletModel::getEncryptionStatus() const } } -bool WalletModel::setWalletEncrypted(bool encrypted, const std::string &passphrase) +bool WalletModel::setWalletEncrypted(bool encrypted, const SecureString &passphrase) { if(encrypted) { @@ -214,7 +214,7 @@ bool WalletModel::setWalletEncrypted(bool encrypted, const std::string &passphra } } -bool WalletModel::setWalletLocked(bool locked, const std::string &passPhrase) +bool WalletModel::setWalletLocked(bool locked, const SecureString &passPhrase) { if(locked) { @@ -228,7 +228,7 @@ bool WalletModel::setWalletLocked(bool locked, const std::string &passPhrase) } } -bool WalletModel::changePassphrase(const std::string &oldPass, const std::string &newPass) +bool WalletModel::changePassphrase(const SecureString &oldPass, const SecureString &newPass) { bool retval; CRITICAL_BLOCK(wallet->cs_wallet) diff --git a/src/qt/walletmodel.h b/src/qt/walletmodel.h index 43b96f6d0e..89e8cdd2a0 100644 --- a/src/qt/walletmodel.h +++ b/src/qt/walletmodel.h @@ -2,7 +2,8 @@ #define WALLETMODEL_H #include <QObject> -#include <string> + +#include "util.h" class OptionsModel; class AddressTableModel; @@ -72,10 +73,10 @@ public: SendCoinsReturn sendCoins(const QList<SendCoinsRecipient> &recipients); // Wallet encryption - bool setWalletEncrypted(bool encrypted, const std::string &passphrase); + bool setWalletEncrypted(bool encrypted, const SecureString &passphrase); // Passphrase only needed when unlocking - bool setWalletLocked(bool locked, const std::string &passPhrase=std::string()); - bool changePassphrase(const std::string &oldPass, const std::string &newPass); + bool setWalletLocked(bool locked, const SecureString &passPhrase=SecureString()); + bool changePassphrase(const SecureString &oldPass, const SecureString &newPass); // RAI object for unlocking wallet, returned by requestUnlock() class UnlockContext |