sparrowwallet/drongo
1
0
Fork 0
mirror of https://github.com/sparrowwallet/drongo.git synced 2024-11-04 11:06:44 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

more clearing private bits

Browse source
This commit is contained in:
Craig Raw 2020-05-19 16:41:37 +02:00
parent d2bd335e76
commit 06de1d7e14
6 changed files with 20 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/main/java/com/sparrowwallet/drongo/Utils.java
View file

@ -111,6 +111,7 @@ public class Utils {
int srcPos = isFirstByteOnlyForSign ? 1 : 0; int srcPos = isFirstByteOnlyForSign ? 1 : 0;
int destPos = numBytes - length; int destPos = numBytes - length;
System.arraycopy(src, srcPos, dest, destPos, length); System.arraycopy(src, srcPos, dest, destPos, length);
Arrays.fill(src, (byte)0);
return dest; return dest;
} }

2
src/main/java/com/sparrowwallet/drongo/crypto/ECIESKeyCrypter.java
View file

@ -45,7 +45,7 @@ public class ECIESKeyCrypter implements AsymmetricKeyCrypter {
byte[] hmacInput = Arrays.copyOfRange(decoded, 0, decoded.length - 32); byte[] hmacInput = Arrays.copyOfRange(decoded, 0, decoded.length - 32);
if(!Arrays.equals(mac, hmac256(key_m, hmacInput))) { if(!Arrays.equals(mac, hmac256(key_m, hmacInput))) {
throw new InvalidPasswordException(); throw new InvalidPasswordException("The password was invalid");
} }
return aesKeyCrypter.decrypt(new EncryptedData(iv, ciphertext, null, null), new Key(key_e, null, null)); return aesKeyCrypter.decrypt(new EncryptedData(iv, ciphertext, null, null), new Key(key_e, null, null));

6
src/main/java/com/sparrowwallet/drongo/crypto/ECKey.java
View file

@ -699,6 +699,12 @@ public class ECKey implements EncryptableItem {
return Utils.bigIntegerToBytes(getPrivKey(), 32); return Utils.bigIntegerToBytes(getPrivKey(), 32);
} }
public void clear() {
for(int i = 0; i < priv.bitLength(); i++) {
priv.clearBit(i);
}
}
/** /**
* Returns the creation time of this key or zero if the key was deserialized from a version that did not store * Returns the creation time of this key or zero if the key was deserialized from a version that did not store
* that data. * that data.

1
src/main/java/com/sparrowwallet/drongo/crypto/Key.java
View file

@ -27,6 +27,5 @@ public class Key {
public void clear() { public void clear() {
Arrays.fill(keyBytes, (byte)0); Arrays.fill(keyBytes, (byte)0);
Arrays.fill(salt, (byte)0);
} }
} }

6
src/main/java/com/sparrowwallet/drongo/wallet/Keystore.java
View file

@ -202,4 +202,10 @@ public class Keystore {
seed = seed.decrypt(key); seed = seed.decrypt(key);
} }
} }
public void clearPrivate() {
if(hasSeed()) {
seed.clear();
}
}
} }

6
src/main/java/com/sparrowwallet/drongo/wallet/Wallet.java
View file

@ -198,4 +198,10 @@ public class Wallet {
keystore.decrypt(key); keystore.decrypt(key);
} }
} }
public void clearPrivate() {
for(Keystore keystore : keystores) {
keystore.clearPrivate();
}
}
} }