LBRYCommunity/lbrycrd
1
0
Fork 0
Code Issues 29 Pull requests 1 Projects Releases 32 Packages Wiki Activity

Merge #5689: openssl: abstract out OPENSSL_cleanse

Browse source 
1630219 openssl: abstract out OPENSSL_cleanse (Cory Fields)
This commit is contained in:
Wladimir J. van der Laan 2015-02-19 12:00:17 +01:00
commit 07f4386b38
No known key found for this signature in database
GPG key ID: 74810B012346C9A6
13 changed files with 44 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/Makefile.am
View file

@ -123,6 +123,7 @@ BITCOIN_CORE_H = \
script/standard.h \ script/standard.h \
serialize.h \ serialize.h \
streams.h \ streams.h \
support/cleanse.h \
sync.h \ sync.h \
threadsafety.h \ threadsafety.h \
timedata.h \ timedata.h \
@ -268,6 +269,7 @@ libbitcoin_util_a_SOURCES = \
compat/strnlen.cpp \ compat/strnlen.cpp \
random.cpp \ random.cpp \
rpcprotocol.cpp \ rpcprotocol.cpp \
support/cleanse.cpp \
sync.cpp \ sync.cpp \
uint256.cpp \ uint256.cpp \
util.cpp \ util.cpp \

10
src/allocators.h
View file

@ -6,6 +6,8 @@
#ifndef BITCOIN_ALLOCATORS_H #ifndef BITCOIN_ALLOCATORS_H
#define BITCOIN_ALLOCATORS_H #define BITCOIN_ALLOCATORS_H
#include "support/cleanse.h"
#include <map> #include <map>
#include <string> #include <string>
#include <string.h> #include <string.h>
@ -14,8 +16,6 @@
#include <boost/thread/mutex.hpp> #include <boost/thread/mutex.hpp>
#include <boost/thread/once.hpp> #include <boost/thread/once.hpp>
#include <openssl/crypto.h> // for OPENSSL_cleanse()
/** /**
* Thread-safe class to keep track of locked (ie, non-swappable) memory pages. * Thread-safe class to keep track of locked (ie, non-swappable) memory pages.
* *
@ -174,7 +174,7 @@ void LockObject(const T& t)
template <typename T> template <typename T>
void UnlockObject(const T& t) void UnlockObject(const T& t)
{ {
OPENSSL_cleanse((void*)(&t), sizeof(T)); memory_cleanse((void*)(&t), sizeof(T));
LockedPageManager::Instance().UnlockRange((void*)(&t), sizeof(T)); LockedPageManager::Instance().UnlockRange((void*)(&t), sizeof(T));
} }
@ -217,7 +217,7 @@ struct secure_allocator : public std::allocator<T> {
void deallocate(T* p, std::size_t n) void deallocate(T* p, std::size_t n)
{ {
if (p != NULL) { if (p != NULL) {
OPENSSL_cleanse(p, sizeof(T) * n); memory_cleanse(p, sizeof(T) * n);
LockedPageManager::Instance().UnlockRange(p, sizeof(T) * n); LockedPageManager::Instance().UnlockRange(p, sizeof(T) * n);
} }
std::allocator<T>::deallocate(p, n); std::allocator<T>::deallocate(p, n);
@ -254,7 +254,7 @@ struct zero_after_free_allocator : public std::allocator<T> {
void deallocate(T* p, std::size_t n) void deallocate(T* p, std::size_t n)
{ {
if (p != NULL) if (p != NULL)
OPENSSL_cleanse(p, sizeof(T) * n); memory_cleanse(p, sizeof(T) * n);
std::allocator<T>::deallocate(p, n); std::allocator<T>::deallocate(p, n);
} }
}; };

2
src/base58.cpp
View file

@ -172,7 +172,7 @@ bool CBase58Data::SetString(const char* psz, unsigned int nVersionBytes)
vchData.resize(vchTemp.size() - nVersionBytes); vchData.resize(vchTemp.size() - nVersionBytes);
if (!vchData.empty()) if (!vchData.empty())
memcpy(&vchData[0], &vchTemp[nVersionBytes], vchData.size()); memcpy(&vchData[0], &vchTemp[nVersionBytes], vchData.size());
OPENSSL_cleanse(&vchTemp[0], vchData.size()); memory_cleanse(&vchTemp[0], vchData.size());
return true; return true;
} }

4
src/crypter.cpp
View file

@ -26,8 +26,8 @@ bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::v
if (i != (int)WALLET_CRYPTO_KEY_SIZE) if (i != (int)WALLET_CRYPTO_KEY_SIZE)
{ {
OPENSSL_cleanse(chKey, sizeof(chKey)); memory_cleanse(chKey, sizeof(chKey));
OPENSSL_cleanse(chIV, sizeof(chIV)); memory_cleanse(chIV, sizeof(chIV));
return false; return false;
} }

4
src/crypter.h
View file

@ -82,8 +82,8 @@ public:
void CleanKey() void CleanKey()
{ {
OPENSSL_cleanse(chKey, sizeof(chKey)); memory_cleanse(chKey, sizeof(chKey));
OPENSSL_cleanse(chIV, sizeof(chIV)); memory_cleanse(chIV, sizeof(chIV));
fKeySet = false; fKeySet = false;
} }

2
src/db.cpp
View file

@ -21,8 +21,6 @@
#include <boost/thread.hpp> #include <boost/thread.hpp>
#include <boost/version.hpp> #include <boost/version.hpp>
#include <openssl/rand.h>
using namespace std; using namespace std;

1
src/qt/paymentrequestplus.cpp
View file

@ -13,7 +13,6 @@
#include <stdexcept> #include <stdexcept>
#include <openssl/x509.h>
#include <openssl/x509_vfy.h> #include <openssl/x509_vfy.h>
#include <QDateTime> #include <QDateTime>

2
src/qt/paymentrequestplus.h
View file

@ -9,6 +9,8 @@
#include "base58.h" #include "base58.h"
#include <openssl/x509.h>
#include <QByteArray> #include <QByteArray>
#include <QList> #include <QList>
#include <QString> #include <QString>

1
src/qt/paymentserver.cpp
View file

@ -16,7 +16,6 @@
#include <cstdlib> #include <cstdlib>
#include <openssl/x509.h>
#include <openssl/x509_vfy.h> #include <openssl/x509_vfy.h>
#include <QApplication> #include <QApplication>

6
src/random.cpp
View file

@ -5,6 +5,7 @@
#include "random.h" #include "random.h"
#include "support/cleanse.h"
#ifdef WIN32 #ifdef WIN32
#include "compat.h" // for Windows API #include "compat.h" // for Windows API
#endif #endif
@ -18,7 +19,6 @@
#include <sys/time.h> #include <sys/time.h>
#endif #endif
#include <openssl/crypto.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/rand.h> #include <openssl/rand.h>
@ -40,7 +40,7 @@ void RandAddSeed()
// Seed with CPU performance counter // Seed with CPU performance counter
int64_t nCounter = GetPerformanceCounter(); int64_t nCounter = GetPerformanceCounter();
RAND_add(&nCounter, sizeof(nCounter), 1.5); RAND_add(&nCounter, sizeof(nCounter), 1.5);
OPENSSL_cleanse((void*)&nCounter, sizeof(nCounter)); memory_cleanse((void*)&nCounter, sizeof(nCounter));
} }
void RandAddSeedPerfmon() void RandAddSeedPerfmon()
@ -70,7 +70,7 @@ void RandAddSeedPerfmon()
RegCloseKey(HKEY_PERFORMANCE_DATA); RegCloseKey(HKEY_PERFORMANCE_DATA);
if (ret == ERROR_SUCCESS) { if (ret == ERROR_SUCCESS) {
RAND_add(begin_ptr(vData), nSize, nSize / 100.0); RAND_add(begin_ptr(vData), nSize, nSize / 100.0);
OPENSSL_cleanse(begin_ptr(vData), nSize); memory_cleanse(begin_ptr(vData), nSize);
LogPrint("rand", "%s: %lu bytes\n", __func__, nSize); LogPrint("rand", "%s: %lu bytes\n", __func__, nSize);
} else { } else {
static bool warned = false; // Warn only once static bool warned = false; // Warn only once

1
src/streams.h
View file

@ -16,6 +16,7 @@
#include <map> #include <map>
#include <set> #include <set>
#include <stdint.h> #include <stdint.h>
#include <stdio.h>
#include <string> #include <string>
#include <string.h> #include <string.h>
#include <utility> #include <utility>

13
src/support/cleanse.cpp Normal file
View file

@ -0,0 +1,13 @@
// Copyright (c) 2009-2010 Satoshi Nakamoto
// Copyright (c) 2009-2015 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
#include "cleanse.h"
#include <openssl/crypto.h>
void memory_cleanse(void *ptr, size_t len)
{
OPENSSL_cleanse(ptr, len);
}

13
src/support/cleanse.h Normal file
View file

@ -0,0 +1,13 @@
// Copyright (c) 2009-2010 Satoshi Nakamoto
// Copyright (c) 2009-2015 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
#ifndef BITCOIN_SUPPORT_CLEANSE_H
#define BITCOIN_SUPPORT_CLEANSE_H
#include <stdlib.h>
void memory_cleanse(void *ptr, size_t len);
#endif // BITCOIN_SUPPORT_CLEANSE_H