Commit c4ac53a
committed
Merge #6945: fix: improve wallet encryption robustness
116fca6 refactor: drop redundant `!hdchain.IsNull()` checks (UdjinM6)
24670c7 fix: return encryption failure when database rewrite fails (UdjinM6)
98d7a6b fix: improve wallet encryption robustness (UdjinM6)
Pull request description:
## Issue being fixed or feature implemented
Add defensive checks to prevent double-encryption of HD chains and improve wallet encryption robustness:
- Check IsCrypted() status to prevent re-encryption attempts
- Add TOCTOU protection by re-checking IsCrypted() under lock
- Validate decryption keys before TopUp operations
- Only decrypt HD chains when actually encrypted
- Remove irrelevant HasEncryptionKeys() checks (keys passed as parameters)
- Fail and log an error when db rewrite fails after encryption
## What was done?
## How Has This Been Tested?
run tests
## Breaking Changes
n/a
## Checklist:
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [ ] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
PastaPastaPasta:
utACK 116fca6
Tree-SHA512: 5659b133ac46d425b1018d8a5e585a1702aeb452f9cb145f3659bdfbf57021b90bc9d52aabcac0dc2406598ee5afa1fee1c2ab29201e49e2c7412321b25aa22c2 files changed
+45
-25
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
244 | 244 | | |
245 | 245 | | |
246 | 246 | | |
247 | | - | |
248 | 247 | | |
249 | 248 | | |
250 | 249 | | |
| 250 | + | |
| 251 | + | |
| 252 | + | |
| 253 | + | |
| 254 | + | |
251 | 255 | | |
252 | 256 | | |
253 | 257 | | |
| |||
340 | 344 | | |
341 | 345 | | |
342 | 346 | | |
343 | | - | |
344 | | - | |
345 | | - | |
346 | | - | |
| 347 | + | |
| 348 | + | |
| 349 | + | |
| 350 | + | |
| 351 | + | |
| 352 | + | |
| 353 | + | |
347 | 354 | | |
348 | 355 | | |
349 | 356 | | |
| |||
475 | 482 | | |
476 | 483 | | |
477 | 484 | | |
478 | | - | |
479 | | - | |
480 | | - | |
481 | | - | |
| 485 | + | |
| 486 | + | |
| 487 | + | |
| 488 | + | |
| 489 | + | |
| 490 | + | |
482 | 491 | | |
483 | 492 | | |
484 | 493 | | |
| |||
493 | 502 | | |
494 | 503 | | |
495 | 504 | | |
496 | | - | |
497 | | - | |
498 | | - | |
499 | 505 | | |
500 | 506 | | |
501 | | - | |
| 507 | + | |
502 | 508 | | |
503 | 509 | | |
504 | 510 | | |
| |||
541 | 547 | | |
542 | 548 | | |
543 | 549 | | |
544 | | - | |
545 | | - | |
546 | 550 | | |
547 | 551 | | |
548 | 552 | | |
| |||
1188 | 1192 | | |
1189 | 1193 | | |
1190 | 1194 | | |
1191 | | - | |
1192 | | - | |
1193 | | - | |
1194 | | - | |
| 1195 | + | |
| 1196 | + | |
| 1197 | + | |
| 1198 | + | |
| 1199 | + | |
| 1200 | + | |
1195 | 1201 | | |
1196 | 1202 | | |
1197 | 1203 | | |
| |||
1303 | 1309 | | |
1304 | 1310 | | |
1305 | 1311 | | |
1306 | | - | |
1307 | | - | |
1308 | | - | |
1309 | | - | |
| 1312 | + | |
| 1313 | + | |
| 1314 | + | |
| 1315 | + | |
| 1316 | + | |
| 1317 | + | |
1310 | 1318 | | |
1311 | 1319 | | |
1312 | 1320 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
737 | 737 | | |
738 | 738 | | |
739 | 739 | | |
| 740 | + | |
| 741 | + | |
| 742 | + | |
| 743 | + | |
| 744 | + | |
| 745 | + | |
740 | 746 | | |
741 | 747 | | |
742 | 748 | | |
| |||
783 | 789 | | |
784 | 790 | | |
785 | 791 | | |
| 792 | + | |
| 793 | + | |
| 794 | + | |
| 795 | + | |
786 | 796 | | |
787 | 797 | | |
788 | 798 | | |
| |||
796 | 806 | | |
797 | 807 | | |
798 | 808 | | |
799 | | - | |
800 | | - | |
| 809 | + | |
| 810 | + | |
| 811 | + | |
| 812 | + | |
801 | 813 | | |
802 | 814 | | |
803 | 815 | | |
| |||
0 commit comments