diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2023-02-22 14:13:57 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2023-02-23 14:53:33 +0100 |
commit | 41fb8f92076845ff1dd6ebdc9af75c9a9451c306 (patch) | |
tree | 3728dcc9e904a98ea69886743ecdafbc40e127c2 | |
parent | 653bfec6435ddbd43e221813fa91e274c60fc7c4 (diff) |
openpgp: Add compile-time switch to disable memory encryption.
- This is useful for debugging, fuzzing, andn benchmarking.
-rw-r--r-- | openpgp/src/crypto/mem.rs | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/openpgp/src/crypto/mem.rs b/openpgp/src/crypto/mem.rs index daba4595..972e9a70 100644 --- a/openpgp/src/crypto/mem.rs +++ b/openpgp/src/crypto/mem.rs @@ -232,6 +232,9 @@ impl Hash for Encrypted { } } +/// Opt out of memory encryption. +const DANGER_DISABLE_ENCRYPTED_MEMORY: bool = false; + /// The number of pages containing random bytes to derive the prekey /// from. const ENCRYPTED_MEMORY_PREKEY_PAGES: usize = 4; @@ -285,6 +288,13 @@ mod has_access_to_prekey { /// Encrypts the given chunk of memory. pub fn new(p: Protected) -> Self { + if DANGER_DISABLE_ENCRYPTED_MEMORY { + return Encrypted { + ciphertext: p, + salt: Default::default(), + }; + } + let mut salt = [0; 32]; crate::crypto::random(&mut salt); let mut ciphertext = Vec::new(); @@ -312,6 +322,10 @@ mod has_access_to_prekey { pub fn map<F, T>(&self, mut fun: F) -> T where F: FnMut(&Protected) -> T { + if DANGER_DISABLE_ENCRYPTED_MEMORY { + return fun(&self.ciphertext); + } + let ciphertext = Memory::with_cookie(&self.ciphertext, Default::default()); let mut plaintext = Vec::new(); |