Add util/mem to zero out memory on drop. (#8356)

* Add `util/mem` to zero out memory on drop. * Remove nonsense. * Remove `Into` impls for `Memzero`. * Update ethereum-types and remove H256Mut.
2018-04-11 13:57:12 +02:00
parent dd2c27958c
commit 2b05eb43a9
20 changed files with 190 additions and 95 deletions
--- a/ethkey/src/extended.rs
+++ b/ethkey/src/extended.rs
@@ -99,7 +99,7 @@ impl ExtendedSecret {
 	pub fn derive<T>(&self, index: Derivation<T>) -> ExtendedSecret where T: Label {
 		let (derived_key, next_chain_code) = derivation::private(*self.secret, self.chain_code, index);

-		let derived_secret = Secret::from_slice(&*derived_key);
+		let derived_secret = Secret::from(derived_key.0);

 		ExtendedSecret::with_code(derived_secret, next_chain_code)
 	}
@@ -399,7 +399,7 @@ mod tests {

 	fn test_extended<F>(f: F, test_private: H256) where F: Fn(ExtendedSecret) -> ExtendedSecret {
 		let (private_seed, chain_code) = master_chain_basic();
-		let extended_secret = ExtendedSecret::with_code(Secret::from_slice(&*private_seed), chain_code);
+		let extended_secret = ExtendedSecret::with_code(Secret::from(private_seed.0), chain_code);
 		let derived = f(extended_secret);
 		assert_eq!(**derived.as_raw(), test_private);
 	}
--- a/ethkey/src/lib.rs
+++ b/ethkey/src/lib.rs
@@ -20,6 +20,7 @@ extern crate byteorder;
 extern crate crypto as rcrypto;
 extern crate edit_distance;
 extern crate ethereum_types;
+extern crate mem;
 extern crate parity_wordlist;
 extern crate rand;
 extern crate rustc_hex;
--- a/ethkey/src/secret.rs
+++ b/ethkey/src/secret.rs
@@ -18,18 +18,20 @@ use std::fmt;
 use std::ops::Deref;
 use std::str::FromStr;
 use rustc_hex::ToHex;
+use secp256k1::constants::{SECRET_KEY_SIZE as SECP256K1_SECRET_KEY_SIZE};
 use secp256k1::key;
 use ethereum_types::H256;
+use mem::Memzero;
 use {Error, SECP256K1};

 #[derive(Clone, PartialEq, Eq)]
 pub struct Secret {
-	inner: H256,
+	inner: Memzero<H256>,
 }

 impl ToHex for Secret {
 	fn to_hex(&self) -> String {
-		format!("{:x}", self.inner)
+		format!("{:x}", *self.inner)
 	}
 }

@@ -52,17 +54,19 @@ impl fmt::Display for Secret {
 }

 impl Secret {
-	pub fn from_slice(key: &[u8]) -> Self {
-		assert_eq!(32, key.len(), "Caller should provide 32-byte length slice");
-
+	/// Creates a `Secret` from the given slice, returning `None` if the slice length != 32.
+	pub fn from_slice(key: &[u8]) -> Option<Self> {
+		if key.len() != 32 {
+			return None
+		}
 		let mut h = H256::default();
 		h.copy_from_slice(&key[0..32]);
-		Secret { inner: h }
+		Some(Secret { inner: Memzero::from(h) })
 	}

 	/// Creates zero key, which is invalid for crypto operations, but valid for math operation.
 	pub fn zero() -> Self {
-		Secret { inner: Default::default() }
+		Secret { inner: Memzero::from(H256::default()) }
 	}

 	/// Imports and validates the key.
@@ -208,9 +212,15 @@ impl FromStr for Secret {
 	}
 }

+impl From<[u8; 32]> for Secret {
+	fn from(k: [u8; 32]) -> Self {
+		Secret { inner: Memzero::from(H256(k)) }
+	}
+}
+
 impl From<H256> for Secret {
 	fn from(s: H256) -> Self {
-		Secret::from_slice(&s)
+		s.0.into()
 	}
 }

@@ -222,7 +232,9 @@ impl From<&'static str> for Secret {

 impl From<key::SecretKey> for Secret {
 	fn from(key: key::SecretKey) -> Self {
-		Self::from_slice(&key[0..32])
+		let mut a = [0; SECP256K1_SECRET_KEY_SIZE];
+		a.copy_from_slice(&key[0 .. SECP256K1_SECRET_KEY_SIZE]);
+		a.into()
 	}
 }