Implement secure wipe

This commit is contained in:
Didactic Drunk 2021-06-14 01:32:27 -07:00
parent f13bd8de9c
commit 3ddc481422

View File

@ -1,5 +1,16 @@
require "crypto/subtle"
lib LibC
fun explicit_bzero(Void*, LibC::SizeT) : Int
end
struct Slice(T)
def wipe
r = LibC.explicit_bzero slice.to_unsafe, slice.bytesize
raise RunTimeError.from_errno("explicit_bzero") if r != 0
end
end
# Interface to hold sensitive information (often cryptographic keys)
#
# **Only for direct use by cryptographic library authors**
@ -54,7 +65,9 @@ module Crypto::Secret
end
def wipe
# Todo: implement wiping. Needs crystal support
readwrite do |slice|
slice.wipe
end
end
# Secret is wiped after exiting the block