Issue Details
- Number
- 31744
- Title
- crypto: secure erase memory
- Description
- ### Is there an existing issue for this?
- [x] I have searched the existing issues
### Current behaviour
In `AES256Encrypt::~AES256Encrypt()`:
https://github.com/bitcoin/bitcoin/blob/master/src/crypto/aes.cpp#L20
and `AES256Decrypt::~AES256Decrypt()`:
https://github.com/bitcoin/bitcoin/blob/master/src/crypto/aes.cpp#L35
`memset` is used to reset the `ctx` and `key`, this is not secure and can be optimized out by the compiler:
https://www.cryptologie.net/article/419/zeroing-memory-compiler-optimizations-and-memset_s/
Instead use secure erase primitives such as `OPENSSL_cleanse`:
https://github.com/openssl/openssl/blob/master/crypto/mem_clr.c
### Expected behaviour
`memset` should be avoided to reset the `ctx` and `key`,
### Steps to reproduce
NA
### Relevant log output
_No response_
### How did you obtain Bitcoin Core
Compiled from source
### What version of Bitcoin Core are you using?
master
### Operating system and version
Linux
### Machine specifications
_No response_
- URL
-
https://github.com/bitcoin/bitcoin/issue/31744
- Closed by
-
Back to List