diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2019-06-27 14:03:04 +0200 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2019-06-27 15:18:37 +0200 |
| commit | 863bf64b237fd5a2c2b5a367a122e16689f68f0e (patch) | |
| tree | c09460c98aa5c608c7af979955417cff8fd671e1 | |
| parent | 2cabbfa80fc8bd7814b76a66ae916cba0b30c711 (diff) | |
openpgp: Pin secrets.
- Pinning secrets guarantees us that the secrets will not be copied
around, and that our Drop implementation is called once the object
goes out of scope.
- Fixes #181.
| -rw-r--r-- | openpgp/src/crypto/mem.rs | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/openpgp/src/crypto/mem.rs b/openpgp/src/crypto/mem.rs index 77469209..f08b9f68 100644 --- a/openpgp/src/crypto/mem.rs +++ b/openpgp/src/crypto/mem.rs @@ -3,6 +3,7 @@ use std::cmp::{min, Ordering}; use std::fmt; use std::ops::{Deref, DerefMut}; +use std::pin::Pin; use memsec; @@ -10,7 +11,7 @@ use memsec; /// /// The session key is cleared when dropped. #[derive(Clone, Eq)] -pub struct Protected(Box<[u8]>); +pub struct Protected(Pin<Box<[u8]>>); impl PartialEq for Protected { fn eq(&self, other: &Self) -> bool { @@ -20,8 +21,8 @@ impl PartialEq for Protected { impl Protected { /// Converts to a buffer for modification. - pub unsafe fn into_vec(mut self) -> Vec<u8> { - std::mem::replace(&mut self.0, vec![].into()).into() + pub unsafe fn into_vec(self) -> Vec<u8> { + self.iter().cloned().collect() } } @@ -47,13 +48,13 @@ impl DerefMut for Protected { impl From<Vec<u8>> for Protected { fn from(v: Vec<u8>) -> Self { - Protected(v.into_boxed_slice()) + Protected(Pin::new(v.into_boxed_slice())) } } impl From<Box<[u8]>> for Protected { fn from(v: Box<[u8]>) -> Self { - Protected(v) + Protected(Pin::new(v)) } } |