-
Notifications
You must be signed in to change notification settings - Fork 14
/
memory_lock.go
66 lines (56 loc) · 1.07 KB
/
memory_lock.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
package otr3
import (
"fmt"
"math/big"
"sync"
"unsafe"
"github.com/awnumar/memcall"
)
var notifiedLockFailure sync.Once
func tryLock(buf []byte) {
e := memcall.Lock(buf)
if e != nil {
notifiedLockFailure.Do(func() {
fmt.Printf("Warning: couldn't lock memory pages containing sensitive material: %v\n", e)
})
}
}
func tryUnlock(buf []byte) {
_ = memcall.Unlock(buf)
}
func tryLockBigInt(x *big.Int) {
if x == nil {
return
}
bb := x.Bits()
/* #nosec G103 */
b2 := *(*[]byte)(unsafe.Pointer(&bb))
tryLock(b2)
}
func (s *sessionKeys) lock() {
tryLock(s.sendingAESKey)
tryLock(s.receivingAESKey)
tryLock(s.sendingMACKey)
tryLock(s.receivingMACKey)
tryLock(s.extraKey)
}
func (s *sessionKeys) unlock() {
tryUnlock(s.sendingAESKey)
tryUnlock(s.receivingAESKey)
tryUnlock(s.sendingMACKey)
tryUnlock(s.receivingMACKey)
tryUnlock(s.extraKey)
}
func (a *akeKeys) lock() {
tryLock(a.c)
tryLock(a.m1)
tryLock(a.m2)
}
func (a *akeKeys) unlock() {
tryUnlock(a.c)
tryUnlock(a.m1)
tryUnlock(a.m2)
}
func (priv *DSAPrivateKey) lock() {
tryLockBigInt(priv.X)
}