secmem-alloc
secmem-alloc
is a crate designed allocate private/secret memory. It is
intended to be used for storing cryptographic secrets in memory. This crate
provides custom allocators using various techniques to improve secrecy of
the memory, most notably zeroization on deallocation.
Examples
For example, we read in a secret password from standard-in, which we want to zeroize on drop (deallocation). Note that this code does leave the password visible on the prompt; it is only to give an idea of how to use this crate.
// requires `nightly_allocator_api` crate feature to be enabled and a nightly compiler
use ;
use ZeroizeAlloc;
As a second example assume you have a cryptographic secret key of 256 bytes, which should be zeroized on drop. In addition, we don’t want the key to be written to swap.
// requires no crate features and works on stable
// if you enable the `nightly_allocator_api` crate feature, the following line is necessary
use ;
use SecStackSinglePageAlloc;
Cargo features
std
(default): Enable functionality that requiresstd
. Currently only required forError
implements and required for tests. This feature is enabled by default.nightly_allocator_api
(requires nightly): Use the nightly allocator api from the standard library (actually thecore
crate), gated behind the nightly-only featureallocator_api
. When disabled, a copy of the allocator api included in this crate, available throughsecmem_alloc::allocator_api
, will be used. This feature requires a nightly compiler.nightly_core_intrinsics
(requires nightly): Use the intrinsics from the standard library (actually thecore
crate), gated behind the nightly-only featurecore_intrinsics
. This allows for a slightly fasterzeroize_mem
implementation, and various other small optimisations. This feature requires a nightly compiler.nightly_strict_provenance
(requires nightly): Enable strict provenance lints and (mostly) use strict provenance API provided by the standard library instead of the one fromsptr
. (Will still depend on and in a few places even usesptr
.)nightly
(requires nightly): Enable all nightly-only features (i.e. the above two). Enabling this feature is highly recommended when a nightly compiler is available. This feature requires a nightly compiler.dev
(requires nightly): This feature enables all features required to run the test-suite, and should only be enabled for that purpose. This feature currently requires a nightly compiler.