[wallet] Securely erase potentially sensitive keys/values
This commit is contained in:
parent
e2b99b1313
commit
6c914ac176
2 changed files with 22 additions and 20 deletions
|
@ -8,6 +8,7 @@
|
||||||
|
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
// Attempt to overwrite data in the specified memory span.
|
||||||
void memory_cleanse(void *ptr, size_t len);
|
void memory_cleanse(void *ptr, size_t len);
|
||||||
|
|
||||||
#endif // BITCOIN_SUPPORT_CLEANSE_H
|
#endif // BITCOIN_SUPPORT_CLEANSE_H
|
||||||
|
|
|
@ -180,22 +180,23 @@ public:
|
||||||
Dbt datValue;
|
Dbt datValue;
|
||||||
datValue.set_flags(DB_DBT_MALLOC);
|
datValue.set_flags(DB_DBT_MALLOC);
|
||||||
int ret = pdb->get(activeTxn, &datKey, &datValue, 0);
|
int ret = pdb->get(activeTxn, &datKey, &datValue, 0);
|
||||||
memset(datKey.get_data(), 0, datKey.get_size());
|
memory_cleanse(datKey.get_data(), datKey.get_size());
|
||||||
if (datValue.get_data() == NULL)
|
bool success = false;
|
||||||
return false;
|
if (datValue.get_data() != NULL) {
|
||||||
|
|
||||||
// Unserialize value
|
// Unserialize value
|
||||||
try {
|
try {
|
||||||
CDataStream ssValue((char*)datValue.get_data(), (char*)datValue.get_data() + datValue.get_size(), SER_DISK, CLIENT_VERSION);
|
CDataStream ssValue((char*)datValue.get_data(), (char*)datValue.get_data() + datValue.get_size(), SER_DISK, CLIENT_VERSION);
|
||||||
ssValue >> value;
|
ssValue >> value;
|
||||||
|
success = true;
|
||||||
} catch (const std::exception&) {
|
} catch (const std::exception&) {
|
||||||
return false;
|
// In this case success remains 'false'
|
||||||
}
|
}
|
||||||
|
|
||||||
// Clear and free memory
|
// Clear and free memory
|
||||||
memset(datValue.get_data(), 0, datValue.get_size());
|
memory_cleanse(datValue.get_data(), datValue.get_size());
|
||||||
free(datValue.get_data());
|
free(datValue.get_data());
|
||||||
return (ret == 0);
|
}
|
||||||
|
return ret == 0 && success;
|
||||||
}
|
}
|
||||||
|
|
||||||
template <typename K, typename T>
|
template <typename K, typename T>
|
||||||
|
@ -222,8 +223,8 @@ public:
|
||||||
int ret = pdb->put(activeTxn, &datKey, &datValue, (fOverwrite ? 0 : DB_NOOVERWRITE));
|
int ret = pdb->put(activeTxn, &datKey, &datValue, (fOverwrite ? 0 : DB_NOOVERWRITE));
|
||||||
|
|
||||||
// Clear memory in case it was a private key
|
// Clear memory in case it was a private key
|
||||||
memset(datKey.get_data(), 0, datKey.get_size());
|
memory_cleanse(datKey.get_data(), datKey.get_size());
|
||||||
memset(datValue.get_data(), 0, datValue.get_size());
|
memory_cleanse(datValue.get_data(), datValue.get_size());
|
||||||
return (ret == 0);
|
return (ret == 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -245,7 +246,7 @@ public:
|
||||||
int ret = pdb->del(activeTxn, &datKey, 0);
|
int ret = pdb->del(activeTxn, &datKey, 0);
|
||||||
|
|
||||||
// Clear memory
|
// Clear memory
|
||||||
memset(datKey.get_data(), 0, datKey.get_size());
|
memory_cleanse(datKey.get_data(), datKey.get_size());
|
||||||
return (ret == 0 || ret == DB_NOTFOUND);
|
return (ret == 0 || ret == DB_NOTFOUND);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -265,7 +266,7 @@ public:
|
||||||
int ret = pdb->exists(activeTxn, &datKey, 0);
|
int ret = pdb->exists(activeTxn, &datKey, 0);
|
||||||
|
|
||||||
// Clear memory
|
// Clear memory
|
||||||
memset(datKey.get_data(), 0, datKey.get_size());
|
memory_cleanse(datKey.get_data(), datKey.get_size());
|
||||||
return (ret == 0);
|
return (ret == 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -308,8 +309,8 @@ public:
|
||||||
ssValue.write((char*)datValue.get_data(), datValue.get_size());
|
ssValue.write((char*)datValue.get_data(), datValue.get_size());
|
||||||
|
|
||||||
// Clear and free memory
|
// Clear and free memory
|
||||||
memset(datKey.get_data(), 0, datKey.get_size());
|
memory_cleanse(datKey.get_data(), datKey.get_size());
|
||||||
memset(datValue.get_data(), 0, datValue.get_size());
|
memory_cleanse(datValue.get_data(), datValue.get_size());
|
||||||
free(datKey.get_data());
|
free(datKey.get_data());
|
||||||
free(datValue.get_data());
|
free(datValue.get_data());
|
||||||
return 0;
|
return 0;
|
||||||
|
|
Loading…
Add table
Reference in a new issue