Is there an existing issue for this?
- I have searched the existing issues
Current behaviour
In AES256Encrypt::~AES256Encrypt()
:
https://github.com/bitcoin/bitcoin/blob/master/src/crypto/aes.cpp#L20
and AES256Decrypt::~AES256Decrypt()
:
https://github.com/bitcoin/bitcoin/blob/master/src/crypto/aes.cpp#L35
memset
is used to reset the ctx
and key
, this is not secure and can be optimized out by the compiler:
https://www.cryptologie.net/article/419/zeroing-memory-compiler-optimizations-and-memset_s/
Instead use secure erase primitives such as OPENSSL_cleanse
:
https://github.com/openssl/openssl/blob/master/crypto/mem_clr.c
Expected behaviour
memset
should be avoided to reset the ctx
and key
,
Steps to reproduce
NA
Relevant log output
No response
How did you obtain Bitcoin Core
Compiled from source
What version of Bitcoin Core are you using?
master
Operating system and version
Linux
Machine specifications
No response