From 15d8500f99012422be495b8e85e4e25e6a4419d8 Mon Sep 17 00:00:00 2001
From: David Gumberg <davidzgumberg@gmail.com>
Date: Fri, 31 Jan 2025 11:49:53 -0800
Subject: [PATCH] crypto: Use `secure_allocator` for `AES256CBC*::iv`

---
 src/crypto/aes.cpp | 6 ++++--
 src/crypto/aes.h   | 6 ++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/crypto/aes.cpp b/src/crypto/aes.cpp
index 473115a25d5..0237eb094a1 100644
--- a/src/crypto/aes.cpp
+++ b/src/crypto/aes.cpp
@@ -123,6 +123,7 @@ static int CBCDecrypt(const T& dec, const unsigned char iv[AES_BLOCKSIZE], const
 AES256CBCEncrypt::AES256CBCEncrypt(const unsigned char key[AES256_KEYSIZE], const unsigned char ivIn[AES_BLOCKSIZE], bool padIn)
     : enc(key), pad(padIn)
 {
+    iv = allocator.allocate(AES_BLOCKSIZE);
     memcpy(iv, ivIn, AES_BLOCKSIZE);
 }
 
@@ -133,12 +134,13 @@ int AES256CBCEncrypt::Encrypt(const unsigned char* data, int size, unsigned char
 
 AES256CBCEncrypt::~AES256CBCEncrypt()
 {
-    memset(iv, 0, sizeof(iv));
+    allocator.deallocate(iv, AES_BLOCKSIZE);
 }
 
 AES256CBCDecrypt::AES256CBCDecrypt(const unsigned char key[AES256_KEYSIZE], const unsigned char ivIn[AES_BLOCKSIZE], bool padIn)
     : dec(key), pad(padIn)
 {
+    iv = allocator.allocate(AES_BLOCKSIZE);
     memcpy(iv, ivIn, AES_BLOCKSIZE);
 }
 
@@ -150,5 +152,5 @@ int AES256CBCDecrypt::Decrypt(const unsigned char* data, int size, unsigned char
 
 AES256CBCDecrypt::~AES256CBCDecrypt()
 {
-    memset(iv, 0, sizeof(iv));
+    allocator.deallocate(iv, AES_BLOCKSIZE);
 }
diff --git a/src/crypto/aes.h b/src/crypto/aes.h
index a8c637de647..cce4684cbd0 100644
--- a/src/crypto/aes.h
+++ b/src/crypto/aes.h
@@ -49,9 +49,10 @@ public:
     int Encrypt(const unsigned char* data, int size, unsigned char* out) const;
 
 private:
+    secure_allocator<unsigned char> allocator;
     const AES256Encrypt enc;
     const bool pad;
-    unsigned char iv[AES_BLOCKSIZE];
+    unsigned char *iv;
 };
 
 class AES256CBCDecrypt
@@ -62,9 +63,10 @@ public:
     int Decrypt(const unsigned char* data, int size, unsigned char* out) const;
 
 private:
+    secure_allocator<unsigned char> allocator;
     const AES256Decrypt dec;
     const bool pad;
-    unsigned char iv[AES_BLOCKSIZE];
+    unsigned char *iv;
 };
 
 #endif // BITCOIN_CRYPTO_AES_H