[Sec]: Zeroize mnemonic (#3520)

trustwallet · Oct 30, 2023 · b391586 · b391586
1 parent 0ce124e
commit b391586
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 9 deletions.
diff --git a/rust/coverage.stats b/rust/coverage.stats
@@ -1 +1 @@
-92.0
+91.0
diff --git a/src/HDWallet.cpp b/src/HDWallet.cpp
@@ -99,9 +99,9 @@ HDWallet<seedSize>::HDWallet(const Data& entropy, const std::string& passphrase)
 
 template <std::size_t seedSize>
 HDWallet<seedSize>::~HDWallet() {
-    std::fill(seed.begin(), seed.end(), 0);
-    std::fill(mnemonic.begin(), mnemonic.end(), 0);
-    std::fill(passphrase.begin(), passphrase.end(), 0);
+    memzero(seed.data(), seed.size());
+    memzero(mnemonic.data(), mnemonic.size());
+    memzero(passphrase.data(), passphrase.size());
 }
 
 template <size_t seedSize>

diff --git a/src/Keystore/StoredKey.cpp b/src/Keystore/StoredKey.cpp
@@ -17,6 +17,7 @@
 #include <boost/uuid/uuid_generators.hpp>
 #include <boost/uuid/uuid_io.hpp>
 #include <nlohmann/json.hpp>
+#include <TrezorCrypto/memzero.h>
 
 #include <cassert>
 #include <fstream>
@@ -32,15 +33,19 @@ StoredKey StoredKey::createWithMnemonic(const std::string& name, const Data& pas
     }
 
     Data mnemonicData = TW::Data(mnemonic.begin(), mnemonic.end());
-    return StoredKey(StoredKeyType::mnemonicPhrase, name, password, mnemonicData, encryptionLevel, encryption);
+    StoredKey key(StoredKeyType::mnemonicPhrase, name, password, mnemonicData, encryptionLevel, encryption);
+    memzero(mnemonicData.data(), mnemonic.size());
+    return key;
 }
 
 StoredKey StoredKey::createWithMnemonicRandom(const std::string& name, const Data& password, TWStoredKeyEncryptionLevel encryptionLevel, TWStoredKeyEncryption encryption) {
     const auto wallet = TW::HDWallet<>(128, "");
     const auto& mnemonic = wallet.getMnemonic();
     assert(Mnemonic::isValid(mnemonic));
     Data mnemonicData = TW::Data(mnemonic.begin(), mnemonic.end());
-    return StoredKey(StoredKeyType::mnemonicPhrase, name, password, mnemonicData, encryptionLevel, encryption);
+    StoredKey key(StoredKeyType::mnemonicPhrase, name, password, mnemonicData, encryptionLevel, encryption);
+    memzero(mnemonicData.data(), mnemonic.size());
+    return key;
 }
 
 StoredKey StoredKey::createWithMnemonicAddDefaultAddress(const std::string& name, const Data& password, const std::string& mnemonic, TWCoinType coin, TWStoredKeyEncryption encryption) {

diff --git a/src/interface/TWString.cpp b/src/interface/TWString.cpp
@@ -6,6 +6,7 @@
 
 
 #include <TrustWalletCore/TWString.h>
+#include <TrezorCrypto/memzero.h>
 #include <string>
 
 TWString *_Nonnull TWStringCreateWithUTF8Bytes(const char *_Nonnull bytes) {
@@ -34,8 +35,12 @@ const char *_Nonnull TWStringUTF8Bytes(TWString *_Nonnull string) {
 }
 
 void TWStringDelete(TWString *_Nonnull string) {
-    auto* s = reinterpret_cast<const std::string*>(string);
-    delete s;
+    auto *sConst = reinterpret_cast<const std::string*>(string);
+    // `const_cast` is safe here despite that the pointer to the string is const
+    // but `std::string` is not a constant value.
+    auto *s = const_cast<std::string*>(sConst);
+    memzero(s->data(), s->size());
+    delete sConst;
 }
 
 bool TWStringEqual(TWString *_Nonnull lhs, TWString *_Nonnull rhs) {

diff --git a/tests/chains/Bitcoin/TWSegwitAddressTests.cpp b/tests/chains/Bitcoin/TWSegwitAddressTests.cpp
@@ -60,7 +60,7 @@ TEST(TWSegwitAddress, InitWithAddress) {
 
     ASSERT_EQ(TWHRPBitcoin, TWSegwitAddressHRP(address.get()));
 
-    auto witness = WRAPS(TWSegwitAddressWitnessProgram(address.get()));
+    auto witness = WRAPD(TWSegwitAddressWitnessProgram(address.get()));
     ASSERT_EQ(TW::hex(TW::data(TWDataBytes(witness.get()), TWDataSize(witness.get()))), "751e76e8199196d454941c45d1b3a323f1433bd6");
 }