Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide guaranteed secret-safe base64 implementation #261

Open
mogery opened this issue Mar 11, 2024 · 1 comment
Open

Provide guaranteed secret-safe base64 implementation #261

mogery opened this issue Mar 11, 2024 · 1 comment
Assignees
@prabhpreet
Labels
client-security Security of the Rust Rosenpass implementation enhancement New feature or request

Comments

@mogery
Copy link
Contributor

mogery commented Mar 11, 2024

The base64 crate needs to be audited to make sure it doesn't make unprotected copies of the serialised secret on the heap, or provide an alternative known-good base64 implementation. The crate is used for encoding/decoding secrets in rp (1, 2, 3, 4), and in rosenpass as well.
mogery referenced this issue Mar 11, 2024
@mogery
fix(rp): don't use wireguard-keys crate
ca8a587
@mogery mogery mentioned this issue Mar 12, 2024
Merged
@prabhpreet prabhpreet added the client-security Security of the Rust Rosenpass implementation label Apr 30, 2024
@prabhpreet
Copy link
Contributor

I'll look into this today

@prabhpreet prabhpreet self-assigned this Apr 30, 2024
@prabhpreet prabhpreet mentioned this issue Apr 30, 2024
Merged
@prabhpreet prabhpreet added the enhancement New feature or request label May 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@prabhpreet prabhpreet

Labels
client-security Security of the Rust Rosenpass implementation enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@prabhpreet @mogery