cryptogera/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2026-03-17 17:02:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
bitcoin/src
History
Ava Chow abaadc3d5b
Merge bitcoin/bitcoin#31774: crypto: Use secure_allocator for AES256_ctx 
af0da2fce2146a005f54b900a1fd545a6278173a crypto: Use `secure_allocator` for `AES256CBC*::iv` (David Gumberg)
d53852be316dd2322a7e621a81ee33e1b234c530 crypto: Use `secure_allocator` for `AES256_ctx` (David Gumberg)
8c6fedaa81882be1e2db4a9a2291205d774fa4c6 build: `lockedpool.cpp` kernel -> crypto (David Gumberg)
51ac1abf6fdb6340110397a959681d52e29f73f7 bench: Add wallet encryption benchmark (David Gumberg)
9a158725161f726eb6747811e9e9335eef83f616 wallet: Make encryption derivation clock mockable (David Gumberg)
ae5485fa0d258f060a22c399a4e257eaf96e67b5 refactor: Generalize derivation target calculation (David Gumberg)

Pull request description:

  Fixes #31744

  Reuse `secure_allocator` for `AES256_ctx` in the aes 256 encrypters and decrypters and the `iv` of `AES256CBC` encrypters and decrypters. These classes are relevant to `CCrypter`, used for encrypting wallets, and my understanding is that if an attacker knows some or all of the contents of these data structures (`AES256_ctx` & `iv`) they might be able to decrypt a user's wallet.

   Presently the `secure_allocator` tries to protect sensitive data with `mlock()` on POSIX systems and `VirtualLock()` on Windows to prevent memory being paged to disk, and by zero'ing out memory contents on deallocation with `memory_cleanse()` which is similar to `OPENSSL_cleanse()` by scaring compilers away from optimizing `memset` calls on non-Windows systems, and using `SecureZeroMemory()` on Windows.

ACKs for top commit:
  achow101:
    ACK af0da2fce2146a005f54b900a1fd545a6278173a
  furszy:
    utACK af0da2fce2146a005f54b900a1fd545a6278173a
  theStack:
    re-ACK af0da2fce2146a005f54b900a1fd545a6278173a

Tree-SHA512: 49067934fd2f2b285fc7b1a7c853fd2d4475431b3a811ae511f61074dc71a99a0826c3ab40ab4a5dfc84b2b9914a90c920d2484b38ac19502e3bd6170ad27622
2026-03-13 13:34:35 -07:00
..
bench
Merge bitcoin/bitcoin#31774: crypto: Use secure_allocator for AES256_ctx
2026-03-13 13:34:35 -07:00
common
Merge bitcoin/bitcoin#34745: refactor: replace ArgsManager::cs_args RecursiveMutex with Mutex
2026-03-13 09:22:05 +01:00
compat
refactor: Use static_cast<decltype(...)> to suppress integer sanitizer warning
2026-02-18 21:29:07 +01:00
consensus
consensus/doc: explain GetValueOut() precondition
2026-02-02 19:32:14 +01:00
crc32c
crypto
crypto: Use secure_allocator for AES256CBC*::iv
2026-03-10 19:09:21 -07:00
index
index: document TxoSpenderIndex::FindSpender
2026-03-06 01:05:52 +01:00
init
log: Print warning about privacy-sensitive log info unconditionally
2026-01-27 13:08:50 +01:00
interfaces
Merge bitcoin/bitcoin#34642: wallet: call SyncWithValidationInterfaceQueue after disconnecting chain notifications
2026-03-02 22:00:53 +01:00
ipc
Merge bitcoin/bitcoin#34422: Update libmultiprocess subtree to be more stable with rust IPC client
2026-03-03 17:03:56 +00:00
kernel
Merge bitcoin/bitcoin#31774: crypto: Use secure_allocator for AES256_ctx
2026-03-13 13:34:35 -07:00
leveldb
Bump leveldb subtree
2026-02-03 11:19:01 +01:00
logging
logging: use util/log.h where possible
2026-02-02 17:22:31 +00:00
minisketch
Update minisketch subtree to latest upstream
2025-10-13 12:33:23 +01:00
node
Merge bitcoin/bitcoin#34696: Update embedded asmap to 1772726400 for v31
2026-03-10 15:55:36 -07:00
policy
Merge bitcoin/bitcoin#33616: policy: don't CheckEphemeralSpends on reorg
2026-02-25 17:38:13 +01:00
primitives
txgraph: pass fallback_order to TxGraph (preparation)
2026-02-09 15:55:58 -05:00
qt
Merge bitcoin/bitcoin#34718: Release: 31.0 translations update
2026-03-10 10:59:09 +00:00
rpc
Merge bitcoin/bitcoin#34749: rpc: Refactor gettxspendingprevout to be easier to parse
2026-03-12 13:44:43 +01:00
script
Merge bitcoin/bitcoin#34700: script: Fix undefined behavior in Clone() -- std::transform writes past end of empty vector
2026-03-08 14:23:49 +00:00
secp256k1
Update secp256k1 subtree to latest master
2026-02-02 15:21:14 +00:00
support
Merge bitcoin/bitcoin#34436: refactor: add overflow-safe CeilDiv helper and use it in unsigned callsites
2026-03-11 11:30:42 +01:00
test
Merge bitcoin/bitcoin#34745: refactor: replace ArgsManager::cs_args RecursiveMutex with Mutex
2026-03-13 09:22:05 +01:00
univalue
ci, iwyu: Fix warnings in src/univalue and treat them as errors
2026-01-31 10:41:50 +00:00
util
Merge bitcoin/bitcoin#31774: crypto: Use secure_allocator for AES256_ctx
2026-03-13 13:34:35 -07:00
wallet
Merge bitcoin/bitcoin#31774: crypto: Use secure_allocator for AES256_ctx
2026-03-13 13:34:35 -07:00
zmq
ci, iwyu: Fix warnings in src/zmq and treat them as errors
2026-01-29 14:38:35 +00:00
.clang-format
ci, iwyu: Fix warnings in src/zmq and treat them as errors
2026-01-29 14:38:35 +00:00
.clang-tidy
doc: Clarify why performance-move-const-arg.CheckTriviallyCopyableMove=false
2026-02-06 08:37:19 +01:00
addrdb.cpp
log: fix minor formatting in debug logs
2026-02-15 22:54:45 +01:00
addrdb.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
addresstype.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
addresstype.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
addrman_impl.h
refactor: Enforce readability-avoid-const-params-in-decls
2026-01-14 23:04:12 +01:00
addrman.cpp
log: show placeholders for missing peer fields
2026-02-15 22:54:45 +01:00
addrman.h
refactor: Enforce readability-avoid-const-params-in-decls
2026-01-14 23:04:12 +01:00
arith_uint256.cpp
refactor: add overflow-safe CeilDiv helper
2026-02-11 18:18:21 +01:00
arith_uint256.h
refactor(headerssync): Extract test constants ahead of breakup into functions
2025-09-12 22:28:41 +02:00
attributes.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
banman.cpp
log: fix minor formatting in debug logs
2026-02-15 22:54:45 +01:00
banman.h
base58.cpp
base58.h
bech32.cpp
bech32.h
bip324.cpp
bip324.h
bitcoin-chainstate.cpp
kernel: Add Handle/View pattern for BlockValidationState
2026-01-21 19:40:25 +05:30
bitcoin-cli-res.rc
bitcoin-cli.cpp
Merge bitcoin/bitcoin#26988: cli: rework -addrinfo cli to use addresses which aren’t filtered for quality/recency
2026-03-11 09:12:13 +01:00
bitcoin-res.rc
bitcoin-tx-res.rc
bitcoin-tx.cpp
Merge bitcoin/bitcoin#34084: scripted-diff: [doc] Unify stale copyright headers
2025-12-19 16:56:02 +00:00
bitcoin-util-res.rc
bitcoin-util.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
bitcoin-wallet-res.rc
bitcoin-wallet.cpp
Remove no longer necessary WinCmdLineArgs class
2025-10-06 19:41:35 +01:00
bitcoin.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
bitcoind-res.rc
bitcoind.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
blockencodings.cpp
log,blocks: avoid ComputeTotalSize and GetHash work when logging is disabled
2026-01-19 20:20:13 +01:00
blockencodings.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
blockfilter.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
blockfilter.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
chain.cpp
Merge bitcoin/bitcoin#32740: refactor: Header sync optimisations & simplifications
2026-01-14 11:38:07 -08:00
chain.h
validation: remove BLOCK_FAILED_MASK
2026-02-17 21:40:46 +05:30
chainparams.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
chainparams.h
refactor: Enforce readability-avoid-const-params-in-decls
2026-01-14 23:04:12 +01:00
chainparamsbase.cpp
chainparamsbase.h
refactor: Enforce readability-avoid-const-params-in-decls
2026-01-14 23:04:12 +01:00
chainparamsseeds.h
contrib: Update fixed feeds
2026-02-25 14:36:19 -08:00
checkqueue.h
logging: use util/log.h where possible
2026-02-02 17:22:31 +00:00
clientversion.cpp
refactor: Avoid -W*-whitespace in git archive
2025-11-13 09:33:36 +01:00
clientversion.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
cluster_linearize.h
clusterlin: update SFL comments for deterministic order
2026-03-10 14:09:27 -04:00
CMakeLists.txt
Merge bitcoin/bitcoin#24539: Add a "tx output spender" index
2026-02-20 09:27:17 +01:00
coins.cpp
util: introduce TrySub to prevent unsigned underflow
2026-02-23 15:56:25 +01:00
coins.h
util: introduce TrySub to prevent unsigned underflow
2026-02-23 15:56:25 +01:00
compressor.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
compressor.h
core_io.cpp
Merge bitcoin/bitcoin#34524: refactor: [rpc] Remove confusing and brittle integral casts (take 2)
2026-02-09 13:32:28 +00:00
core_io.h
refactor: [move-only] Merge core_io module
2026-01-19 12:57:16 +01:00
core_memusage.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
cuckoocache.h
refactor: add overflow-safe CeilDiv helper
2026-02-11 18:18:21 +01:00
dbwrapper.cpp
logging: use util/log.h where possible
2026-02-02 17:22:31 +00:00
dbwrapper.h
refactor: Use SpanReader over DataStream
2026-02-02 18:42:44 +01:00
deploymentinfo.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
deploymentinfo.h
refactor: Enforce readability-avoid-const-params-in-decls
2026-01-14 23:04:12 +01:00
deploymentstatus.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
deploymentstatus.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
dummywallet.cpp
wallet, rpc:remove settxfee and paytxfee
2026-02-13 10:52:25 +01:00
external_signer.cpp
util: Remove brittle and confusing sp::Popen(std::string)
2026-02-17 12:55:26 +01:00
external_signer.h
util: Remove brittle and confusing sp::Popen(std::string)
2026-02-17 12:55:26 +01:00
flatfile.cpp
refactor: add overflow-safe CeilDiv helper
2026-02-11 18:18:21 +01:00
flatfile.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
hash.cpp
hash.h
headerssync.cpp
refactor: Use reference for chain_start in HeadersSyncState
2025-11-20 11:34:21 +09:00
headerssync.h
refactor: Use reference for chain_start in HeadersSyncState
2025-11-20 11:34:21 +09:00
httprpc.cpp
Merge bitcoin/bitcoin#34084: scripted-diff: [doc] Unify stale copyright headers
2025-12-19 16:56:02 +00:00
httprpc.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
httpserver.cpp
Merge bitcoin/bitcoin#34577: http: fix submission during shutdown race
2026-02-19 12:41:12 -08:00
httpserver.h
http: replace WorkQueue and threads handling for ThreadPool
2026-01-30 16:17:12 -05:00
i2p.cpp
log: Remove brittle and confusing LogPrintLevel
2025-12-13 13:43:24 +01:00
i2p.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
indirectmap.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
init.cpp
Merge bitcoin/bitcoin#34692: Bump dbcache to 1 GiB
2026-03-06 12:07:41 -08:00
init.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
key_io.cpp
refactor: add overflow-safe CeilDiv helper
2026-02-11 18:18:21 +01:00
key_io.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
key.cpp
Merge bitcoin/bitcoin#29675: wallet: Be able to receive and spend inputs involving MuSig2 aggregate keys
2025-10-14 16:25:52 -04:00
key.h
sign: Add CreateMuSig2PartialSig
2025-09-30 11:06:43 -07:00
logging.cpp
logging: Move message formatting to util/log.h
2026-02-02 17:22:31 +00:00
logging.h
logging: Move message formatting to util/log.h
2026-02-02 17:22:31 +00:00
mapport.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
mapport.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
memusage.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
merkleblock.cpp
refactor: add overflow-safe CeilDiv helper
2026-02-11 18:18:21 +01:00
merkleblock.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
musig.cpp
musig: Move MUSIG_CHAINCODE to musig.cpp
2025-11-24 18:48:43 +01:00
musig.h
musig: Move MUSIG_CHAINCODE to musig.cpp
2025-11-24 18:48:43 +01:00
net_permissions.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
net_permissions.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
net_processing.cpp
p2p: remove m_starting_height field from node state (only show once in debug log)
2026-03-11 16:11:45 +01:00
net_processing.h
p2p: remove m_starting_height field from node state (only show once in debug log)
2026-03-11 16:11:45 +01:00
net_types.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
net_types.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
net.cpp
Merge bitcoin/bitcoin#34389: net/log: standardize peer+addr log formatting via LogPeer
2026-03-11 14:34:42 +01:00
net.h
p2p: remove m_starting_height field from node state (only show once in debug log)
2026-03-11 16:11:45 +01:00
netaddress.cpp
refactor: increase string_view usage
2025-10-02 12:53:55 +01:00
netaddress.h
refactor: Enforce readability-avoid-const-params-in-decls
2026-01-14 23:04:12 +01:00
netbase.cpp
Modernize GetBindAddress()
2026-01-22 10:35:14 -05:00
netbase.h
Merge bitcoin/bitcoin#34242: Prepare string and net utils for future HTTP operations
2026-01-23 13:25:42 +01:00
netgroup.cpp
refactor: Use span instead of vector for data in util/asmap
2026-01-20 23:59:41 +01:00
netgroup.h
refactor: Use span instead of vector for data in util/asmap
2026-01-20 23:59:41 +01:00
netmessagemaker.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
noui.cpp
noui: Remove always empty caption while formatting
2026-01-14 19:39:01 +01:00
noui.h
refactor: Remove empty caption from ThreadSafeMessageBox
2026-01-14 19:36:14 +01:00
outputtype.cpp
refactor: increase string_view usage
2025-10-02 12:53:55 +01:00
outputtype.h
refactor: increase string_view usage
2025-10-02 12:53:55 +01:00
pow.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
pow.h
refactor: Enforce readability-avoid-const-params-in-decls
2026-01-14 23:04:12 +01:00
prevector.h
prevector: simplify operator==
2026-03-04 15:06:34 +01:00
private_broadcast.cpp
net: Add PrivateBroadcast::GetBroadcastInfo
2026-02-11 19:46:12 -05:00
private_broadcast.h
net: Add PrivateBroadcast::GetBroadcastInfo
2026-02-11 19:46:12 -05:00
protocol.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
protocol.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
psbt.cpp
refactor: Use SpanReader over DataStream
2026-02-06 07:56:57 +01:00
psbt.h
Merge bitcoin/bitcoin#34219: psbt: validate pubkeys in MuSig2 pubnonce/partial sig deserialization
2026-03-04 15:17:02 +00:00
pubkey.cpp
pubkey: Return tweaks from BIP32 derivation
2025-09-30 11:06:09 -07:00
pubkey.h
refactor: Remove all operator!= definitions
2025-11-03 14:39:48 +01:00
random.cpp
logging: use util/log.h where possible
2026-02-02 17:22:31 +00:00
random.h
refactor: Enforce readability-avoid-const-params-in-decls
2026-01-14 23:04:12 +01:00
randomenv.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
randomenv.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
rest.cpp
refactor: add overflow-safe CeilDiv helper
2026-02-11 18:18:21 +01:00
rest.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
scheduler.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
scheduler.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
semaphore_grant.h
serialize.h
refactor: add overflow-safe CeilDiv helper
2026-02-11 18:18:21 +01:00
signet.cpp
logging: use util/log.h where possible
2026-02-02 17:22:31 +00:00
signet.h
kernel: Remove some unnecessary non-kernel includes
2025-12-21 10:24:09 +01:00
span.h
streams.cpp
refactor: Add AutoFile::size
2025-11-14 01:17:38 +02:00
streams.h
Merge bitcoin/bitcoin#34465: refactor: separate log generation from log handling
2026-02-07 23:01:17 +01:00
sync.cpp
logging: use util/log.h where possible
2026-02-02 17:22:31 +00:00
sync.h
logging: use util/log.h where possible
2026-02-02 17:22:31 +00:00
threadsafety.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
tinyformat.h
torcontrol.cpp
refactor: Use std::bind_front over std::bind
2026-01-20 15:30:46 +01:00
torcontrol.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
txdb.cpp
validation: Use dirty entry count in flush warnings and disk space checks
2026-02-08 08:23:37 +01:00
txdb.h
Merge bitcoin/bitcoin#33866: refactor: Let CCoinsViewCache::BatchWrite return void
2026-01-02 16:49:23 -08:00
txgraph.cpp
clusterlin: use 'cost' terminology instead of 'iters' (refactor)
2026-02-24 10:08:47 -05:00
txgraph.h
clusterlin: use 'cost' terminology instead of 'iters' (refactor)
2026-02-24 10:08:47 -05:00
txmempool.cpp
Merge bitcoin/bitcoin#34389: net/log: standardize peer+addr log formatting via LogPeer
2026-03-11 14:34:42 +01:00
txmempool.h
qa: Add lock order annotation for TxMempool::cs
2026-03-11 18:49:42 -07:00
txrequest.cpp
Fix compilation for old Boost versions
2025-12-18 22:38:02 +01:00
txrequest.h
doc: fix double-word typos in comments
2025-12-30 12:12:26 -08:00
uint256.cpp
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
uint256.h
refactor: Remove all operator!= definitions
2025-11-03 14:39:48 +01:00
undo.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
validation.cpp
Merge bitcoin/bitcoin#34708: validation: refactor: remove ConnectTrace
2026-03-12 10:08:53 +00:00
validation.h
Merge bitcoin/bitcoin#34708: validation: refactor: remove ConnectTrace
2026-03-12 10:08:53 +00:00
validationinterface.cpp
logging: use util/log.h where possible
2026-02-02 17:22:31 +00:00
validationinterface.h
refactor: Convert ChainstateRole enum to struct
2025-12-12 06:49:59 -04:00
versionbits_impl.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
versionbits.cpp
Merge bitcoin/bitcoin#34084: scripted-diff: [doc] Unify stale copyright headers
2025-12-19 16:56:02 +00:00
versionbits.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00
walletinitinterface.h
scripted-diff: [doc] Unify stale copyright headers
2025-12-16 22:21:15 +01:00