plakar icon indicating copy to clipboard operation
plakar copied to clipboard
verified publisher icon poolpOrg

memory locking for secret key handling

Open poolpOrg opened this issue 10 months ago • 0 comments

We want to avoid Golang from interfering with buffers handling keys, and more notably the passphrase and derived master key.

1- ensure that such keys (passphrase queried during opening of an encrypted repository) are zeroed on exit 2- ensure the zeroing doesn't get optimized out 3- ensure that memory buffers holding keys are not swapped out

The obvious solution is to mmap and mlock, overwriting the keys with random data on wipe... but the mmap and mlock is system-dependent so it's going to be possibly painful to make portable.

Investigate https://github.com/awnumar/memguard or equivalent.

If nothing fits our needs, we'll have to implement such code.

poolpOrg avatar Feb 07 '25 20:02 poolpOrg