Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replaced clear-on-drop with 'std::ptr::write_volatile'. #126

Merged
merged 1 commit into from
Jul 15, 2018
Merged

Replaced clear-on-drop with 'std::ptr::write_volatile'. #126

merged 1 commit into from
Jul 15, 2018

Conversation

DrPeterVanNostrand
Copy link
Contributor

@DrPeterVanNostrand DrPeterVanNostrand commented Jul 12, 2018
edited
Loading

  • Removes the need to wrap SecretKeys in ClearOnDrop<Box<...>>.
  • Allows for stack allocated SecretKeys.
  • Zeros out the memory occupied by each SecretKey on drop.
  • Ensures that the clearing of SecretKeys is not elided.
  • Works on stable.

Closes Issues #89 and #90

@DrPeterVanNostrand DrPeterVanNostrand changed the title Replaced clear-on-drop with volatile_set_memory for SecretKeys. Replace clear-on-drop with 'std::ptr::write_volatile'. Jul 12, 2018
@DrPeterVanNostrand DrPeterVanNostrand changed the title Replace clear-on-drop with 'std::ptr::write_volatile'. Replaced clear-on-drop with 'std::ptr::write_volatile'. Jul 12, 2018
@DrPeterVanNostrand DrPeterVanNostrand force-pushed the remove-clear-on-drop branch 2 times, most recently from 6eff695 to efb131d Compare July 12, 2018 16:24
afck
afck approved these changes Jul 13, 2018
View reviewed changes
Copy link
Collaborator

@afck afck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perfect, that looks much cleaner and safer than having to remember using ClearOnDrop everywhere! 👍

@DrPeterVanNostrand DrPeterVanNostrand force-pushed the remove-clear-on-drop branch 2 times, most recently from f3383f3 to 53a8913 Compare July 14, 2018 00:58
@c0gent c0gent requested review from c0gent and removed request for c0gent July 14, 2018 13:53
@c0gent
Copy link
Contributor

c0gent commented Jul 14, 2018

This looks good and zeros properly in my tests. It may be better in the future, however, to use a more thorough memory security library such as memsec/seckey. They will use a special allocator (like sodium) and do a few other things to make sure secure memory isn't swapped to disk, etc.

For now though this is a definite usability improvement over ClearOnDrop. Please merge or give me the ok to do so :)

@afck afck merged commit 70e8fed into master Jul 15, 2018
@afck afck deleted the remove-clear-on-drop branch August 1, 2018 19:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@afck afck afck approved these changes

@vkomenda vkomenda Awaiting requested review from vkomenda

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@DrPeterVanNostrand @c0gent @afck