cc/util/secret_data_internal.h - third_party/tink - Git at Google

 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ///////////////////////////////////////////////////////////////////////////////

 #ifndef TINK_UTIL_SECRET_DATA_INTERNAL_H_
 #define TINK_UTIL_SECRET_DATA_INTERNAL_H_

 #include <memory>
 #include <type_traits>

 #include "absl/base/attributes.h"

 namespace crypto {
 namespace tink {
 namespace util {
 namespace internal {

 // Functions to track sensitive memory locations.
 // Used to sanitize the memory whenever needed.
 // Tracking is not currently implemented for open-source Tink.
 void TrackSensitiveMemory(void* ptr, std::size_t size);
 void UntrackAndSanitizeSensitiveMemory(void* ptr, std::size_t size);

 template <typename T>
 struct SanitizingAllocator {
   typedef T value_type;

   SanitizingAllocator() = default;
   template <class U>
   explicit constexpr SanitizingAllocator(
       const SanitizingAllocator<U>&) noexcept {}

   ABSL_MUST_USE_RESULT T* allocate(std::size_t n) {
     T* ptr = std::allocator<T>().allocate(n);
     TrackSensitiveMemory(ptr, n * sizeof(T));
     return ptr;
   }

   void deallocate(T* ptr, std::size_t n) noexcept {
     UntrackAndSanitizeSensitiveMemory(ptr, n * sizeof(T));
     std::allocator<T>().deallocate(ptr, n);
   }

   // Allocator requirements mandate definition of eq and neq operators
   bool operator==(const SanitizingAllocator&) { return true; }
   bool operator!=(const SanitizingAllocator&) { return false; }
 };

 template <typename T>
 struct SanitizingDeleter {
   void operator()(T* ptr) {
     ptr->~T();  // Invoke destructor. Must do this before sanitize.
     SanitizingAllocator<T>().deallocate(ptr, 1);
   }
 };

 inline void SafeZeroMemory(volatile char* ptr, std::size_t size) {
   while (size--) {
     *ptr++ = 0;
   }
 }

 }  // namespace internal
 }  // namespace util
 }  // namespace tink
 }  // namespace crypto

 #endif  // TINK_UTIL_SECRET_DATA_INTERNAL_H_
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	///////////////////////////////////////////////////////////////////////////////

	#ifndef TINK_UTIL_SECRET_DATA_INTERNAL_H_
	#define TINK_UTIL_SECRET_DATA_INTERNAL_H_

	#include <memory>
	#include <type_traits>

	#include "absl/base/attributes.h"

	namespace crypto {
	namespace tink {
	namespace util {
	namespace internal {

	// Functions to track sensitive memory locations.
	// Used to sanitize the memory whenever needed.
	// Tracking is not currently implemented for open-source Tink.
	void TrackSensitiveMemory(void* ptr, std::size_t size);
	void UntrackAndSanitizeSensitiveMemory(void* ptr, std::size_t size);

	template <typename T>
	struct SanitizingAllocator {
	typedef T value_type;

	SanitizingAllocator() = default;
	template <class U>
	explicit constexpr SanitizingAllocator(
	const SanitizingAllocator<U>&) noexcept {}

	ABSL_MUST_USE_RESULT T* allocate(std::size_t n) {
	T* ptr = std::allocator<T>().allocate(n);
	TrackSensitiveMemory(ptr, n * sizeof(T));
	return ptr;
	}

	void deallocate(T* ptr, std::size_t n) noexcept {
	UntrackAndSanitizeSensitiveMemory(ptr, n * sizeof(T));
	std::allocator<T>().deallocate(ptr, n);
	}

	// Allocator requirements mandate definition of eq and neq operators
	bool operator==(const SanitizingAllocator&) { return true; }
	bool operator!=(const SanitizingAllocator&) { return false; }
	};

	template <typename T>
	struct SanitizingDeleter {
	void operator()(T* ptr) {
	ptr->~T(); // Invoke destructor. Must do this before sanitize.
	SanitizingAllocator<T>().deallocate(ptr, 1);
	}
	};

	inline void SafeZeroMemory(volatile char* ptr, std::size_t size) {
	while (size--) {
	*ptr++ = 0;
	}
	}

	} // namespace internal
	} // namespace util
	} // namespace tink
	} // namespace crypto

	#endif // TINK_UTIL_SECRET_DATA_INTERNAL_H_