fix(aes): Ensure memory zeroing for sensitive data in EncryptedPayload destructor and decryption process

sergei-boiko-trustwallet · sergei-boiko-trustwallet · commit 65a127632410 · 2026-03-25T14:05:22.000+01:00
diff --git a/src/Keystore/EncryptionParameters.cpp b/src/Keystore/EncryptionParameters.cpp
@@ -108,12 +108,13 @@ EncryptedPayload::EncryptedPayload(const Data& password, const Data& data, const
         _mac = computeMAC(derivedKey.end() - params.getKeyBytesSize(), derivedKey.end(), encrypted);
     }
 
+    memzero(&ctx, sizeof(ctx));
     memzero(derivedKey.data(), derivedKey.size());
 }
 
 EncryptedPayload::~EncryptedPayload() {
-    std::fill(encrypted.begin(), encrypted.end(), 0);
-    std::fill(_mac.begin(), _mac.end(), 0);
+    memzero(encrypted.data(), encrypted.size());
+    memzero(_mac.data(), _mac.size());
 }
 
 Data EncryptedPayload::decrypt(const Data& password) const {
@@ -160,6 +161,7 @@ Data EncryptedPayload::decrypt(const Data& password) const {
 
         aes_ctr_decrypt(encrypted.data(), decrypted.data(), static_cast<int>(encrypted.size()), iv.data(),
                         aes_ctr_cbuf_inc, &ctx);
+        memzero(&ctx, sizeof(ctx));
         memzero(derivedKey.data(), derivedKey.size());
     } else {
         memzero(derivedKey.data(), derivedKey.size());

Original file line number	Diff line number	Diff line change
`@@ -108,12 +108,13 @@ EncryptedPayload::EncryptedPayload(const Data& password, const Data& data, const`
`108`	`108`	`_mac = computeMAC(derivedKey.end() - params.getKeyBytesSize(), derivedKey.end(), encrypted);`
`109`	`109`	`}`
`110`	`110`
	`111`	`+ memzero(&ctx, sizeof(ctx));`
`111`	`112`	`memzero(derivedKey.data(), derivedKey.size());`
`112`	`113`	`}`
`113`	`114`
`114`	`115`	`EncryptedPayload::~EncryptedPayload() {`
`115`		`- std::fill(encrypted.begin(), encrypted.end(), 0);`
`116`		`- std::fill(_mac.begin(), _mac.end(), 0);`
	`116`	`+ memzero(encrypted.data(), encrypted.size());`
	`117`	`+ memzero(_mac.data(), _mac.size());`
`117`	`118`	`}`
`118`	`119`
`119`	`120`	`Data EncryptedPayload::decrypt(const Data& password) const {`
`@@ -160,6 +161,7 @@ Data EncryptedPayload::decrypt(const Data& password) const {`
`160`	`161`
`161`	`162`	`aes_ctr_decrypt(encrypted.data(), decrypted.data(), static_cast<int>(encrypted.size()), iv.data(),`
`162`	`163`	`aes_ctr_cbuf_inc, &ctx);`
	`164`	`+ memzero(&ctx, sizeof(ctx));`
`163`	`165`	`memzero(derivedKey.data(), derivedKey.size());`
`164`	`166`	`} else {`
`165`	`167`	`memzero(derivedKey.data(), derivedKey.size());`