1. Advisor
  2. sodium-native
  3. functions
  4. sodium-native.sodium_mprotect_noaccess
View all sodium-native analysis

How to use the sodium-native.sodium_mprotect_noaccess function in sodium-native

To help you get started, we’ve selected a few sodium-native examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github holochain / n3h / packages / mosodium2 / lib / secbuf.js View on Github external
async init (size) {
    await super.init(size)

    this._alignSize = Math.ceil(size / 8) * 8
    this._b = sodium.sodium_malloc(this._alignSize)
    sodium.sodium_mprotect_noaccess(this._b)

    this.$pushDestructor(() => {
      // normally sodium free would clear the buffer...
      // but since we're waiting for js gc, let's clear it now
      sodium.sodium_mprotect_readwrite(this._b)
      this._b.fill(0)
      sodium.sodium_mprotect_noaccess(this._b)
      this._b = null
    })
  }
github holochain / n3h / lib / mosodium / secbuf.js View on Github external
async init (size) {
    await super.init(size)

    // Create sodium buffer
    this._alignSize = Math.ceil(size / 8) * 8
    this._b = sodium.sodium_malloc(this._alignSize)
    // lock it
    sodium.sodium_mprotect_noaccess(this._b)

    // Destructor: Clear buffer memory
    this.$pushDestructor(() => {
      // normally sodium free would clear the buffer...
      // but since we're waiting for js gc, let's clear it now
      sodium.sodium_mprotect_readwrite(this._b)
      this._b.fill(0)
      sodium.sodium_mprotect_noaccess(this._b)
      this._b = null
    })
  }
github holochain / n3h / packages / mosodium2 / lib / secbuf.js View on Github external
this.$pushDestructor(() => {
      // normally sodium free would clear the buffer...
      // but since we're waiting for js gc, let's clear it now
      sodium.sodium_mprotect_readwrite(this._b)
      this._b.fill(0)
      sodium.sodium_mprotect_noaccess(this._b)
      this._b = null
    })
  }
github holochain / n3h / lib / mosodium / secbuf.js View on Github external
this.$pushDestructor(() => {
      // normally sodium free would clear the buffer...
      // but since we're waiting for js gc, let's clear it now
      sodium.sodium_mprotect_readwrite(this._b)
      this._b.fill(0)
      sodium.sodium_mprotect_noaccess(this._b)
      this._b = null
    })
  }
github chm-diederichs / minisign / minisign.js View on Github external
function extractSecretKey (pwd, parsedSK) {
  var kdfOutput = Buffer.alloc(104)
  var keynumInfo
  var sumCheck = Buffer.alloc(sodium.crypto_generichash_BYTES)
  var opsLimit = parsedSK.kdfOpsLimit
  var memLimit = parsedSK.kdfMemLimit
  var salt = parsedSK.kdfSalt

  sodium.sodium_mprotect_readwrite(pwd)
  sodium.crypto_pwhash_scryptsalsa208sha256(kdfOutput, pwd, salt, opsLimit, memLimit)
  sodium.sodium_memzero(pwd)
  sodium.sodium_mprotect_noaccess(pwd)

  const secretKey = sodium.sodium_malloc(sodium.crypto_sign_SECRETKEYBYTES)
  keynumInfo = xor(kdfOutput, parsedSK.keynumSK)
  const keyID = keynumInfo.subarray(0, 8)
  secretKey.fill(keynumInfo.subarray(8, 72))
  const checkSum = keynumInfo.subarray(72)
  const signatureAlgorithm = parsedSK.signatureAlgorithm.toString()

  var sumCheckData = Buffer.concat([parsedSK.signatureAlgorithm, keyID, secretKey])
  sodium.sodium_mprotect_noaccess(secretKey)

  sodium.crypto_generichash(sumCheck, sumCheckData)
  assert(sumCheck.equals(checkSum), 'invalid check sum')

  return {
    keyID,
github chm-diederichs / minisign / minisign.js View on Github external
var salt = parsedSK.kdfSalt

  sodium.sodium_mprotect_readwrite(pwd)
  sodium.crypto_pwhash_scryptsalsa208sha256(kdfOutput, pwd, salt, opsLimit, memLimit)
  sodium.sodium_memzero(pwd)
  sodium.sodium_mprotect_noaccess(pwd)

  const secretKey = sodium.sodium_malloc(sodium.crypto_sign_SECRETKEYBYTES)
  keynumInfo = xor(kdfOutput, parsedSK.keynumSK)
  const keyID = keynumInfo.subarray(0, 8)
  secretKey.fill(keynumInfo.subarray(8, 72))
  const checkSum = keynumInfo.subarray(72)
  const signatureAlgorithm = parsedSK.signatureAlgorithm.toString()

  var sumCheckData = Buffer.concat([parsedSK.signatureAlgorithm, keyID, secretKey])
  sodium.sodium_mprotect_noaccess(secretKey)

  sodium.crypto_generichash(sumCheck, sumCheckData)
  assert(sumCheck.equals(checkSum), 'invalid check sum')

  return {
    keyID,
    secretKey,
    sumCheck,
    checkSum,
    signatureAlgorithm
  }
}
github chm-diederichs / minisign / minisign.js View on Github external
sodium.crypto_sign_keypair(publicKey, secretKey)

  const kdfOpsLimit = sodium.crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE
  const kdfMemLimit = sodium.crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE
  var kdfLimits = Buffer.alloc(16)
  kdfLimits.writeUInt32LE(kdfOpsLimit, 0)
  kdfLimits.writeUInt32LE(kdfMemLimit, 8)

  var checkSumData = Buffer.concat([sigAlgorithm, keyID, secretKey])
  sodium.crypto_generichash(checkSum, checkSumData)

  var keynumData = Buffer.concat([keyID, secretKey, checkSum])
  sodium.sodium_mprotect_readwrite(pwd)
  sodium.crypto_pwhash_scryptsalsa208sha256(kdfOutput, pwd, kdfSalt, kdfOpsLimit, kdfMemLimit)
  sodium.sodium_memzero(pwd)
  sodium.sodium_mprotect_noaccess(pwd)
  var keynumSK = xor(kdfOutput, keynumData)

  return {
    publicKey,
    sigAlgorithm,
    keyID,
    kdfAlgorithm,
    cksumAlgorithm,
    kdfSalt,
    kdfLimits,
    keynumSK,
    SKcomment,
    PKcomment
  }
}
github chm-diederichs / minisign / minisign.js View on Github external
var signature = Buffer.alloc(sodium.crypto_sign_BYTES)
  var globalSignature = Buffer.alloc(sodium.crypto_sign_BYTES)

  sodium.sodium_mprotect_readwrite(SKdetails.secretKey)
  sodium.crypto_sign_detached(signature, contentToSign, SKdetails.secretKey)

  var signatureInfo = Buffer.concat([signatureAlgorithm, SKdetails.keyID, signature])
  var untrustedComment = Buffer.from('untrusted comment: ' + comment + '\n')
  var trustedComment = Buffer.from('\ntrusted comment: ' + tComment + '\n')
  var sigInfoBase64 = Buffer.from(signatureInfo.toString('base64'))

  var forGlobalSig = Buffer.concat([signature, Buffer.from(tComment)])
  sodium.crypto_sign_detached(globalSignature, forGlobalSig, SKdetails.secretKey)
  sodium.sodium_memzero(SKdetails.secretKey)
  sodium.sodium_mprotect_noaccess(SKdetails.secretKey)

  var globalSigBase64 = Buffer.from(globalSignature.toString('base64') + '\n')

  var outputBuf = Buffer.concat([untrustedComment, sigInfoBase64, trustedComment, globalSigBase64])

  return {
    outputBuf,
    untrustedComment,
    sigInfoBase64,
    trustComment,
    globalSigBase64
  }
}
github holochain / n3h / lib / mosodium / secbuf.js View on Github external
async writable (fn) {
    try {
      sodium.sodium_mprotect_readwrite(this._b)
      return await fn(this._b.slice(0, this._size))
    } finally {
      sodium.sodium_mprotect_noaccess(this._b)
    }
  }
}
github holochain / n3h / packages / mosodium2 / lib / secbuf.js View on Github external
async writable (fn) {
    try {
      sodium.sodium_mprotect_readwrite(this._b)
      return await fn(this._b.slice(0, this._size))
    } finally {
      sodium.sodium_mprotect_noaccess(this._b)
    }
  }
}

sodium-native

Low level bindings for libsodium

GitHub
MIT
Latest version published 2 months ago

Package Health Score

89 / 100
Full package analysis

Popular sodium-native functions

Similar packages