Replace OpenSSL AES with ctaes-based version #1486
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fuzzbawls
added this to In Progress
in perpetual updating PIVX Core to BTC Core
via automation
|
Been testing encryption/decryption for passphrases, keys, bip38, before/after this PR. All good so far. just rebase this PR on latest master (it's a simple rebase without conflicts) as the block index serialization is changed. |
git-subtree-dir: src/crypto/ctaes git-subtree-split: cd3c3ac31fac41cc253bf5780b55ecd8d7368545
The output should always match openssl's, even for failed operations. Even for a decrypt with broken padding, the output is always deterministic (and attemtps to be constant-time).
AES IV's are 16bytes, not 32. This was harmless but confusing. Add WALLET_CRYPTO_IV_SIZE to make its usage explicit. Coming from upstream 1c391a5
Coming from upstream 9049cde
BytesToKeySHA512AES should be functionally identical to EVP_BytesToKey, but drops the dependency on openssl. Coming from upstream 976f9ec
Verify that results correct (match known values), consistent (encrypt->decrypt matches the original), and compatible with the previous openssl implementation. Also check that failed encrypts/decrypts fail the exact same way as openssl.
This makes CCrypter easier to pass aroundf for tests coming from fb96831
furszy
force-pushed
the
2020_openss_replace
branch
from
0eabf5c
to
8adbaab
Compare
|
Just rebased the PR to make the review process easier. |
random-zebra
previously approved these changes
May 14, 2020
Fuzzbawls
reviewed
May 15, 2020
There was a problem hiding this comment.
So far, so good.
Minor note about un-necessary header includes in the crypto unit tests. They are from the original upstream PR, but just aren't needed and were later removed upstream (bitcoin#15919)
src/test/crypto_tests.cpp
Outdated
| @@ -19,6 +20,8 @@ | |||
|
|
|||
| #include <boost/assign/list_of.hpp> | |||
| #include <boost/test/unit_test.hpp> | |||
| #include <openssl/aes.h> | |||
| #include <openssl/evp.h> | |||
There was a problem hiding this comment.
No need to add openssl header includes here
… used Coming from btc@a34081b7c398847c37a587029c7ad7f3a3396c8e
|
Updated as per @Fuzzbawls suggestion. |
Fuzzbawls
approved these changes
May 16, 2020
perpetual updating PIVX Core to BTC Core
automation
moved this from In Progress
to Ready
May 16, 2020
random-zebra
added a commit
that referenced
this pull request
May 17, 2020
f8fd095 Add missing lock in crypter GetKeys. (furszy) 366bc8b Get rid of LockObject and UnlockObject unused methods. (furszy) 121e5c0 [Wallet] Change CCrypter to use vectors with secure allocator (furszy) Pull request description: Built on top of #1486. Commits starting in `d058064` . This PR back port, partially, [upstream@8753](bitcoin#8753) . -- The last three commits left to back port in a future PR -- Containing the following changes: 1) Changing CCrypter to use vectors with secure allocator instead of have to lock stack memory pages to prevent the memory from being swapped to disk. 2) Removing the unused LockObject and UnlockObject methods. 3) Adding a missing lock in the `CCryptoKeyStore::GetKeys` method. ACKs for top commit: Fuzzbawls: utACK f8fd095 random-zebra: utACK f8fd095 and merging... Tree-SHA512: c1b760d37da93623ade0fb2565e8f060a4b7f5a109633cbe885732a16ed32614ba1f07d351fadcd57a19edf1343bdee1a81ee27898b4f124b6ddb15cc226d0d2
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Coming from upstream 7689