Use ZeroingString for password and passpharse in wallet (mimblewimble…

…#2285)
MicrohexHQ · Jan 10, 2019 · 5cf4d7a · 5cf4d7a
1 parent 950fa0e
commit 5cf4d7a
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 20 deletions.
diff --git a/src/bin/cmd/wallet_args.rs b/src/bin/cmd/wallet_args.rs
@@ -14,7 +14,7 @@
 
 use crate::api::TLSConfig;
 use crate::util::file::get_first_line;
-use crate::util::Mutex;
+use crate::util::{Mutex, ZeroingString};
 /// Argument parsing and error handling for wallet commands
 use clap::ArgMatches;
 use failure::Fail;
@@ -57,19 +57,23 @@ impl From<std::io::Error> for ParseError {
 	}
 }
 
-pub fn prompt_password(password: &Option<String>) -> String {
+fn prompt_password_stdout(prompt: &str) -> ZeroingString {
+	ZeroingString::from(rpassword::prompt_password_stdout(prompt).unwrap())
+}
+
+pub fn prompt_password(password: &Option<ZeroingString>) -> ZeroingString {
 	match password {
-		None => rpassword::prompt_password_stdout("Password: ").unwrap(),
-		Some(p) => p.to_owned(),
+		None => prompt_password_stdout("Password: "),
+		Some(p) => p.clone(),
 	}
 }
 
-fn prompt_password_confirm() -> String {
-	let mut first = String::from("first");
-	let mut second = String::from("second");
+fn prompt_password_confirm() -> ZeroingString {
+	let mut first = ZeroingString::from("first");
+	let mut second = ZeroingString::from("second");
 	while first != second {
-		first = rpassword::prompt_password_stdout("Password: ").unwrap();
-		second = rpassword::prompt_password_stdout("Confirm Password: ").unwrap();
+		first = prompt_password_stdout("Password: ");
+		second = prompt_password_stdout("Confirm Password: ");
 	}
 	first
 }
@@ -101,9 +105,9 @@ fn prompt_replace_seed() -> Result<bool, ParseError> {
 	}
 }
 
-fn prompt_recovery_phrase() -> Result<String, ParseError> {
+fn prompt_recovery_phrase() -> Result<ZeroingString, ParseError> {
 	let interface = Arc::new(Interface::new("recover")?);
-	let mut phrase = String::new();
+	let mut phrase = ZeroingString::from("");
 	interface.set_report_signal(Signal::Interrupt, true);
 	interface.set_prompt("phrase> ")?;
 	loop {
@@ -119,7 +123,7 @@ fn prompt_recovery_phrase() -> Result<String, ParseError> {
 			}
 			ReadResult::Input(line) => {
 				if WalletSeed::from_mnemonic(&line).is_ok() {
-					phrase = line;
+					phrase = ZeroingString::from(line);
 					break;
 				} else {
 					println!();
@@ -194,7 +198,7 @@ pub fn parse_global_args(
 	let node_api_secret = get_first_line(config.node_api_secret_path.clone());
 	let password = match args.value_of("pass") {
 		None => None,
-		Some(p) => Some(p.to_owned()),
+		Some(p) => Some(ZeroingString::from(p)),
 	};
 
 	let tls_conf = match config.tls_certificate_file.clone() {

diff --git a/util/src/types.rs b/util/src/types.rs
@@ -68,6 +68,7 @@ impl Default for LoggingConfig {
 use std::ops::Deref;
 use zeroize::Zeroize;
 /// Zeroing string, mainly useful for password
+#[derive(Clone, PartialEq, PartialOrd)]
 pub struct ZeroingString(String);
 
 impl Drop for ZeroingString {
@@ -82,6 +83,12 @@ impl From<&str> for ZeroingString {
 	}
 }
 
+impl From<String> for ZeroingString {
+	fn from(s: String) -> Self {
+		ZeroingString(s)
+	}
+}
+
 impl Deref for ZeroingString {
 	type Target = str;
 

diff --git a/wallet/src/command.rs b/wallet/src/command.rs
@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-use crate::util::Mutex;
+use crate::util::{Mutex, ZeroingString};
 use std::collections::HashMap;
 /// Grin wallet command-line function implementations
 use std::fs::File;
@@ -41,17 +41,17 @@ pub struct GlobalArgs {
 	pub account: String,
 	pub node_api_secret: Option<String>,
 	pub show_spent: bool,
-	pub password: Option<String>,
+	pub password: Option<ZeroingString>,
 	pub tls_conf: Option<TLSConfig>,
 }
 
 /// Arguments for init command
 pub struct InitArgs {
 	/// BIP39 recovery phrase length
 	pub list_length: usize,
-	pub password: String,
+	pub password: ZeroingString,
 	pub config: WalletConfig,
-	pub recovery_phrase: Option<String>,
+	pub recovery_phrase: Option<ZeroingString>,
 	pub restore: bool,
 }
 
@@ -75,8 +75,8 @@ pub fn init(g_args: &GlobalArgs, args: InitArgs) -> Result<(), Error> {
 
 /// Argument for recover
 pub struct RecoverArgs {
-	pub recovery_phrase: Option<String>,
-	pub passphrase: String,
+	pub recovery_phrase: Option<ZeroingString>,
+	pub passphrase: ZeroingString,
 }
 
 /// Check whether seed file exists

diff --git a/wallet/src/types.rs b/wallet/src/types.rs
@@ -216,7 +216,7 @@ impl WalletSeed {
 	pub fn init_file(
 		wallet_config: &WalletConfig,
 		seed_length: usize,
-		recovery_phrase: Option<String>,
+		recovery_phrase: Option<util::ZeroingString>,
 		password: &str,
 	) -> Result<WalletSeed, Error> {
 		// create directory if it doesn't exist