Basically, my question is: is secretmangle/src/arbitrary.rs at master · ProgramCrafter/secretmangle · GitHub sound with the current Rust rules?

This module does not do much from Rust perspective, since it is intended to mangle stored values so that they are not easily seen in debugger, memory dump (such as swap file) or leak. However, it intends to work on any type which is provided to it.

The key design principles:

1. The T value is stored in a separate allocation, using a data: Box<MaybeUninit<T>>.
2. The XOR key is stored in the struct itself, and is a sequence of random bits. As I only care that it is sized the same as T - it even is permitted to have padding at the same place as T - the ideal buffer seems to be key: MaybeUninit<T> as well.
3. Accesses are done using a closure. Between any two accesses an even number of XORs had been performed on the memory, so the exact value of every non-padding bit is preserved (and, from concrete machine perspective, every single bit is same).

3 posts - 2 participants

Read full topic