You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We want to avoid Golang from interfering with buffers handling keys, and more notably the passphrase and derived master key.
1- ensure that such keys (passphrase queried during opening of an encrypted repository) are zeroed on exit
2- ensure the zeroing doesn't get optimized out
3- ensure that memory buffers holding keys are not swapped out
The obvious solution is to mmap and mlock, overwriting the keys with random data on wipe... but the mmap and mlock is system-dependent so it's going to be possibly painful to make portable.
We want to avoid Golang from interfering with buffers handling keys, and more notably the passphrase and derived master key.
1- ensure that such keys (passphrase queried during opening of an encrypted repository) are zeroed on exit
2- ensure the zeroing doesn't get optimized out
3- ensure that memory buffers holding keys are not swapped out
The obvious solution is to mmap and mlock, overwriting the keys with random data on wipe... but the mmap and mlock is system-dependent so it's going to be possibly painful to make portable.
Investigate https://github.com/awnumar/memguard or equivalent.
If nothing fits our needs, we'll have to implement such code.
The text was updated successfully, but these errors were encountered: