From 06de1d7e1458cb00cc242025c5e0d536633083a0 Mon Sep 17 00:00:00 2001 From: Craig Raw Date: Tue, 19 May 2020 16:41:37 +0200 Subject: [PATCH] more clearing private bits --- src/main/java/com/sparrowwallet/drongo/Utils.java | 1 + .../com/sparrowwallet/drongo/crypto/ECIESKeyCrypter.java | 2 +- src/main/java/com/sparrowwallet/drongo/crypto/ECKey.java | 6 ++++++ src/main/java/com/sparrowwallet/drongo/crypto/Key.java | 1 - src/main/java/com/sparrowwallet/drongo/wallet/Keystore.java | 6 ++++++ src/main/java/com/sparrowwallet/drongo/wallet/Wallet.java | 6 ++++++ 6 files changed, 20 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/sparrowwallet/drongo/Utils.java b/src/main/java/com/sparrowwallet/drongo/Utils.java index b7666f3..2410f8a 100644 --- a/src/main/java/com/sparrowwallet/drongo/Utils.java +++ b/src/main/java/com/sparrowwallet/drongo/Utils.java @@ -111,6 +111,7 @@ public class Utils { int srcPos = isFirstByteOnlyForSign ? 1 : 0; int destPos = numBytes - length; System.arraycopy(src, srcPos, dest, destPos, length); + Arrays.fill(src, (byte)0); return dest; } diff --git a/src/main/java/com/sparrowwallet/drongo/crypto/ECIESKeyCrypter.java b/src/main/java/com/sparrowwallet/drongo/crypto/ECIESKeyCrypter.java index 21f3e2e..fab6a64 100644 --- a/src/main/java/com/sparrowwallet/drongo/crypto/ECIESKeyCrypter.java +++ b/src/main/java/com/sparrowwallet/drongo/crypto/ECIESKeyCrypter.java @@ -45,7 +45,7 @@ public class ECIESKeyCrypter implements AsymmetricKeyCrypter { byte[] hmacInput = Arrays.copyOfRange(decoded, 0, decoded.length - 32); if(!Arrays.equals(mac, hmac256(key_m, hmacInput))) { - throw new InvalidPasswordException(); + throw new InvalidPasswordException("The password was invalid"); } return aesKeyCrypter.decrypt(new EncryptedData(iv, ciphertext, null, null), new Key(key_e, null, null)); diff --git a/src/main/java/com/sparrowwallet/drongo/crypto/ECKey.java b/src/main/java/com/sparrowwallet/drongo/crypto/ECKey.java index d182079..d26c0de 100644 --- a/src/main/java/com/sparrowwallet/drongo/crypto/ECKey.java +++ b/src/main/java/com/sparrowwallet/drongo/crypto/ECKey.java @@ -699,6 +699,12 @@ public class ECKey implements EncryptableItem { return Utils.bigIntegerToBytes(getPrivKey(), 32); } + public void clear() { + for(int i = 0; i < priv.bitLength(); i++) { + priv.clearBit(i); + } + } + /** * Returns the creation time of this key or zero if the key was deserialized from a version that did not store * that data. diff --git a/src/main/java/com/sparrowwallet/drongo/crypto/Key.java b/src/main/java/com/sparrowwallet/drongo/crypto/Key.java index c240c90..520f459 100644 --- a/src/main/java/com/sparrowwallet/drongo/crypto/Key.java +++ b/src/main/java/com/sparrowwallet/drongo/crypto/Key.java @@ -27,6 +27,5 @@ public class Key { public void clear() { Arrays.fill(keyBytes, (byte)0); - Arrays.fill(salt, (byte)0); } } diff --git a/src/main/java/com/sparrowwallet/drongo/wallet/Keystore.java b/src/main/java/com/sparrowwallet/drongo/wallet/Keystore.java index 7beb7f3..bdb347d 100644 --- a/src/main/java/com/sparrowwallet/drongo/wallet/Keystore.java +++ b/src/main/java/com/sparrowwallet/drongo/wallet/Keystore.java @@ -202,4 +202,10 @@ public class Keystore { seed = seed.decrypt(key); } } + + public void clearPrivate() { + if(hasSeed()) { + seed.clear(); + } + } } diff --git a/src/main/java/com/sparrowwallet/drongo/wallet/Wallet.java b/src/main/java/com/sparrowwallet/drongo/wallet/Wallet.java index f226bd0..ca7a6d7 100644 --- a/src/main/java/com/sparrowwallet/drongo/wallet/Wallet.java +++ b/src/main/java/com/sparrowwallet/drongo/wallet/Wallet.java @@ -198,4 +198,10 @@ public class Wallet { keystore.decrypt(key); } } + + public void clearPrivate() { + for(Keystore keystore : keystores) { + keystore.clearPrivate(); + } + } }