diff options
author | Mark Haines <mark.haines@matrix.org> | 2015-02-27 16:11:30 +0000 |
---|---|---|
committer | Mark Haines <mark.haines@matrix.org> | 2015-02-27 16:11:30 +0000 |
commit | c7419e7cdffc8c8d54dd918b03ed2c497fe7ca42 (patch) | |
tree | 6fd1bf8666863e36ab4729ec0f1ca8438e88e745 /include/axolotl | |
parent | b3496b0aa16b8c4f9974ed54fca59ef631f83705 (diff) |
Try to ensure the compiler cannot optimise away attempts to erase secrets from memory
Diffstat (limited to 'include/axolotl')
-rw-r--r-- | include/axolotl/crypto.hh | 2 | ||||
-rw-r--r-- | include/axolotl/memory.hh | 17 |
2 files changed, 19 insertions, 0 deletions
diff --git a/include/axolotl/crypto.hh b/include/axolotl/crypto.hh index 09e5b8e..162099f 100644 --- a/include/axolotl/crypto.hh +++ b/include/axolotl/crypto.hh @@ -28,6 +28,7 @@ struct Curve25519KeyPair : public Curve25519PublicKey { std::uint8_t private_key[32]; }; + /** Generate a curve25519 key pair from 32 random bytes. */ void generate_key( std::uint8_t const * random_32_bytes, @@ -37,6 +38,7 @@ void generate_key( const std::size_t CURVE25519_SHARED_SECRET_LENGTH = 32; + /** Create a shared secret using our private key and their public key. * The output buffer must be at least 32 bytes long. */ void curve25519_shared_secret( diff --git a/include/axolotl/memory.hh b/include/axolotl/memory.hh new file mode 100644 index 0000000..7749c54 --- /dev/null +++ b/include/axolotl/memory.hh @@ -0,0 +1,17 @@ +#include <cstddef> + +namespace axolotl { + +/** Clear the memory held in the buffer */ +void unset( + volatile void * buffer, std::size_t buffer_length +); + +/** Clear the memory backing an object */ +template<typename T> +void unset(T & value) { + unset(reinterpret_cast<volatile void *>(&value), sizeof(T)); +} + + +} // namespace axolotl |