Trait hard::BufferNoAccess

pub trait BufferNoAccess: Buffer where
    Self: Sized, {
    type ReadWrite: BufferMut;
    type ReadOnly: BufferReadOnly;
    fn into_mut(self) -> Result<Self::ReadWrite, HardError>;
    fn into_readonly(self) -> Result<Self::ReadOnly, HardError>;
}

Trait implemented by any buffer type whose memory is marked no-access.

Associated Types

type ReadWrite: BufferMut

The mutable variant of this buffer.

type ReadOnly: BufferReadOnly

The variant of this buffer that is locked such that its contents cannot be mutated, although they can be read.

Required methods

fn into_mut(self) -> Result<Self::ReadWrite, HardError>

Remove protections for this buffer that marked it as noaccess, so it can be read and modified.

This basically just marks the memory underlying this buffer as the same as any normal memory, so it can be read or modified again, although sodium’s hardening measures (guard pages, canaries, mlock, etc.) remain in place.

If there is no mprotect (or equivalent) syscall on this platform, this function will return an error.

fn into_readonly(self) -> Result<Self::ReadOnly, HardError>

mprotect the region of memory pointed to by this buffer, so that it cannot be mutated, although it can still be read.

This function uses the operating system’s memory protection tools to mark the region of memory backing this buffer as read-only. This is used as a hardening measure, to protect the region of memory so that it can’t be altered by anything. This would be well suited to, for example, secure a key after key generation, since there is no need to modify a key once we’ve generated it in most cases.

If there is no mprotect (or equivalent) syscall on this platform, this function will return an error.

Implementors