Crates.io | soteria-rs |
lib.rs | soteria-rs |
version | 0.3.1 |
source | src |
created_at | 2023-08-28 20:14:02.3147 |
updated_at | 2023-08-29 19:59:28.776319 |
description | Wrapper around a secret that is stored in memory with the goal to protect against side-channel and speculative attacks. |
homepage | https://github.com/mikelodder7/soteria-rs |
repository | https://github.com/mikelodder7/soteria-rs |
max_upload_size | |
id | 957328 |
size | 47,344 |
This crate implements a wrapper around a secret that is stored in memory.
The library aims to be simple to use (misuse resistant) and easy to understand.
Thus only one struct is provided Protected
. The struct wraps the secret so it is encrypted
in memory and can be decrypted by the same application that put it there.
Protected
allows a program to store a encrypted secret in memory. The secret
is encrypted using XChaCha20Poly1305. The encryption keys are large enough to mitigate
memory side channel attacks like Spectre, Meltdown, Rowhammer, and RamBleed.
There is a pre_key and a nonce each large enough to limit these attacks. The pre_key and nonce are feed into a merlin transcript to mix with other data and derive the actual encryption key. This value is wiped from memory when the dropped or decrypted.
Secrets can be made using the Protected
struct
use soteria_rs::*;
let mut protected = Protected::new(b"top secret");
assert_ne!(p.value, password);
assert_eq!(p.value.len(), password.len() + 16);
assert_ne!(p.pre_key, [0u8; DEFAULT_BUF_SIZE]);
assert_ne!(p.nonce, [0u8; DEFAULT_BUF_SIZE]);
let password2 = p.unprotect();
assert!(password2.is_some());
assert_eq!(password2.unwrap().as_ref(), password.as_slice());
let str_pass = password2.str();
assert_eq!("top secret", str_pass);
Protected
provides convenience methods to wrap many types of secrets from strings, byte slices, and serializable types.
Use the serde
feature to enable serialization to and from a protected type.
Licensed under either of
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.