mirror of
https://github.com/bitcoin/bitcoin.git
synced 2026-04-06 13:47:56 +02:00
abaadc3d5b
af0da2fce2crypto: Use `secure_allocator` for `AES256CBC*::iv` (David Gumberg)d53852be31crypto: Use `secure_allocator` for `AES256_ctx` (David Gumberg)8c6fedaa81build: `lockedpool.cpp` kernel -> crypto (David Gumberg)51ac1abf6fbench: Add wallet encryption benchmark (David Gumberg)9a15872516wallet: Make encryption derivation clock mockable (David Gumberg)ae5485fa0drefactor: Generalize derivation target calculation (David Gumberg) Pull request description: Fixes #31744 Reuse `secure_allocator` for `AES256_ctx` in the aes 256 encrypters and decrypters and the `iv` of `AES256CBC` encrypters and decrypters. These classes are relevant to `CCrypter`, used for encrypting wallets, and my understanding is that if an attacker knows some or all of the contents of these data structures (`AES256_ctx` & `iv`) they might be able to decrypt a user's wallet. Presently the `secure_allocator` tries to protect sensitive data with `mlock()` on POSIX systems and `VirtualLock()` on Windows to prevent memory being paged to disk, and by zero'ing out memory contents on deallocation with `memory_cleanse()` which is similar to `OPENSSL_cleanse()` by scaring compilers away from optimizing `memset` calls on non-Windows systems, and using `SecureZeroMemory()` on Windows. ACKs for top commit: achow101: ACKaf0da2fce2furszy: utACKaf0da2fce2theStack: re-ACKaf0da2fce2Tree-SHA512: 49067934fd2f2b285fc7b1a7c853fd2d4475431b3a811ae511f61074dc71a99a0826c3ab40ab4a5dfc84b2b9914a90c920d2484b38ac19502e3bd6170ad27622