Browse Source

Don't rely on file for nonce data.

cl-refactor
Gav Wood 10 years ago
parent
commit
8cc8b8009c
  1. 19
      libdevcrypto/Common.cpp
  2. 6
      libdevcrypto/Common.h

19
libdevcrypto/Common.cpp

@ -308,33 +308,14 @@ h256 crypto::kdf(Secret const& _priv, h256 const& _hash)
return s; return s;
} }
string const& Nonce::seedFilePath(string const& _filePath)
{
static mutex x_seedFile;
static string s_seedFile;
Guard l(x_seedFile);
if (s_seedFile.empty())
s_seedFile = _filePath.empty() ? getDataDir() + "/seed" : _filePath;
return s_seedFile;
}
Secret Nonce::next() Secret Nonce::next()
{ {
Guard l(x_value); Guard l(x_value);
if (!m_value) if (!m_value)
{ {
bytesSec b = contentsSec(seedFilePath());
if (b.size() == 32)
b.ref().populate(m_value.writable().ref());
else
m_value = Secret::random(); m_value = Secret::random();
if (!m_value) if (!m_value)
BOOST_THROW_EXCEPTION(InvalidState()); BOOST_THROW_EXCEPTION(InvalidState());
// prevent seed reuse if process terminates abnormally
// this might throw
writeFile(seedFilePath(), bytes());
} }
m_value = sha3Secure(m_value.ref()); m_value = sha3Secure(m_value.ref());
return sha3(~m_value); return sha3(~m_value);

6
libdevcrypto/Common.h

@ -203,15 +203,9 @@ public:
/// Returns the next nonce (might be read from a file). /// Returns the next nonce (might be read from a file).
static Secret get() { static Nonce s; return s.next(); } static Secret get() { static Nonce s; return s.next(); }
/// @returns path of the seed file. FOR TESTS ONLY: optionally set path to @_filePath.
static std::string const& seedFilePath(std::string const& _filePath = std::string());
private: private:
Nonce() = default; Nonce() = default;
/// Destructor. IO operation may throw.
~Nonce() { if (m_value && next()) dev::writeFile(seedFilePath(), m_value.ref()); }
/// @returns the next nonce. /// @returns the next nonce.
Secret next(); Secret next();

Loading…
Cancel
Save