Rust library implementing data structure containers with protected memory.
At a low level this project implements a memory allocator mainly inspired by OpenBSD's malloc. This allocator is used to allocate heap memory and provide memory protections.
Two data containers are currently implemented on top of this allocator. They follow two common use cases where the first container ProtBuf a fixed-length array can be used as buffer to handle data used in sensitive operations like for instance internal buffers in crypto operations. The second container ProtKey extending ProtBuf is more adapted for storing and handling more persistent data like secret keys or more generally all types of data requiring more fine-grained access control. When used with its default allocator ProtBuf is particularly well suited for handling small data buffers by possibly grouping them together on a same memory page for more space efficiency and by caching empty pages when all its slots are deallocated for more performances.
- It's not currently possible to be sure if the compiler/LLVM won't do something unexpected such as optimizing-out instructions, or generate intermediate variables with copy of protected data on the stack. There's actually a lot of moving parts: language, compiler, code generation, target architectures.
- Experimental code, interfaces may change.
- Only tested on OS X and Linux (
x86,x86_64,arm). Not compatible with Windows. - Slow allocations compared to general purpose allocators albeit in some cases more optimized than just plain
mmappages allocations.
- This code is expected to target and compile with the current master branch of
rustc. - The generated documentation is available here.
- Talk given on TARS at Bay Area Rust Meetup held by Mozilla SF on 2014/12/18.
- Take a look at Curve41417.rs for an example of how this library can be used.
This code is distributed under the terms of both the MIT license and the Apache License (Version 2.0).