Comments (8)
There's a bit of benefit here in that we don't have to provide any libsodium bindings, but I'm a bit on the fence as to whether or not that warrants switching to a dependency that I have audit every time there's an update. I'll give it some consideration.
from secrets.
I'm definitely interested, but it's not something I'd want to pull the trigger on without some consideration. I can't imagine it doesn't include unsafe code (e.g., to call things like mprotect
), so I'd have to weigh the pros/cons of switching to a library that's newer, less battle-tested, and maintained by someone whose track record in security-sensitive systems I'm unaware of.
from secrets.
Yes it uses unsafe. In fact they are just unsafe functions without any extra abstraction. The good part is that the code is not that big, so you can evaluate it.
from secrets.
There is one more option now in region.rs. No more unsafe (as any manual twiddling of virtual memory APIs will be), but also more active and more readable: https://github.com/darfink/region-rs
from secrets.
This doesn't really remove unsafe
, it just kicks the can to the region-rs
crate which itself uses unsafe
to call operating system APIs like mprotect
.
from secrets.
This doesn't really remove
unsafe
, it just kicks the can to theregion-rs
crate which itself usesunsafe
to call operating system APIs likemprotect
.
Err, I meant unsafe in general, not specifically the Rust keyword. "No additional unsafe" might have been better phrasing.
from secrets.
memsec
can be a good consideration as right now secrets
does not have a #![no_std]
implementation which is quite sad as I am looking at interoperating with my sosecrets-rs
crate.
from secrets.
from secrets.
Related Issues (14)
- `bool` and `char`'s `Bytes` implementations cause undefined behavior.
- How do I create a SecretVec which length is unknown? HOT 1
- Why do you assert! if the thread is panicking in your `Drop` implementation?
- Keep sensitive data in binary
- Relicense under dual MIT/Apache-2.0 HOT 4
- SIGSEGV on SecretVec::zero() HOT 4
- is there protection agains gcode HOT 7
- Any plans to add protection against Specte? HOT 1
- Trouble compiling on OpenBSD HOT 5
- any updates on using libsodium mshild HOT 3
- Question about linkage HOT 1
- Support linking with vcpkg on Windows
- How do I handle Strings combined with Secret(Box)? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
š Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ššš
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ā¤ļø Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from secrets.