diff options
Diffstat (limited to 'internal/cryptocore')
-rw-r--r-- | internal/cryptocore/cryptocore.go | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go index 9e25bfa..a355342 100644 --- a/internal/cryptocore/cryptocore.go +++ b/internal/cryptocore/cryptocore.go @@ -8,11 +8,13 @@ import ( "crypto/sha512" "fmt" "log" + "runtime" "github.com/rfjakob/eme" "github.com/rfjakob/gocryptfs/internal/siv_aead" "github.com/rfjakob/gocryptfs/internal/stupidgcm" + "github.com/rfjakob/gocryptfs/internal/tlog" ) // AEADTypeEnum indicates the type of AEAD backend in use. @@ -129,3 +131,25 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec IVLen: IVLen, } } + +// Wipe tries to wipe secret keys from memory by overwriting them with zeros +// and/or setting references to nil. +// +// This is not bulletproof due to possible GC copies, but +// still raises to bar for extracting the key. +func (c *CryptoCore) Wipe() { + if c.AEADBackend == BackendOpenSSL { + tlog.Debug.Print("CryptoCore.Wipe: Wiping stupidgcm key") + // We don't use "x, ok :=" because we *want* to crash loudly if the + // type assertion fails (it should never fail). + sgcm := c.AEADCipher.(*stupidgcm.StupidGCM) + sgcm.Wipe() + } else { + tlog.Debug.Print("CryptoCore.Wipe: niling stdlib refs") + } + // We have no access to the keys (or key-equivalents) stored inside the + // Go stdlib. Best we can is to nil the references and force a GC. + c.AEADCipher = nil + c.EMECipher = nil + runtime.GC() +} |