diff options
| author |   Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2019-08-31 15:03:14 +0200 |
|---|---|---|
| committer | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2019-08-31 15:03:14 +0200 |
| commit | 51179f5433fbc1617d59e25493a22072c0987726 (patch) | |
| tree | 3034f4ca9d35da77c55750e5c0c058bafeea22ff /src/types | |
| parent | Move to RustCrypto AEAD crate for handshake (diff) | |
| download | wireguard-rs-51179f5433fbc1617d59e25493a22072c0987726.tar.xz wireguard-rs-51179f5433fbc1617d59e25493a22072c0987726.zip | |
Better management of key material
Diffstat (limited to 'src/types')
| -rw-r--r-- | src/types/endpoint.rs | 7 | ||||
| -rw-r--r-- | src/types/keys.rs | 12 | ||||
| -rw-r--r-- | src/types/tun.rs | 6 |
3 files changed, 15 insertions, 10 deletions
diff --git a/src/types/endpoint.rs b/src/types/endpoint.rs index aa4dfd7..6bc99b9 100644 --- a/src/types/endpoint.rs +++ b/src/types/endpoint.rs @@ -1,8 +1,5 @@ use std::net::SocketAddr; -/* The generic implementation (not supporting "sticky-sockets"), - * is to simply use SocketAddr directly as the endpoint. - */ -pub trait Endpoint: Into<SocketAddr> {} +pub trait Endpoint: Into<SocketAddr> + From<SocketAddr> {} -impl<T> Endpoint for T where T: Into<SocketAddr> {} +impl<T> Endpoint for T where T: Into<SocketAddr> + From<SocketAddr> {} diff --git a/src/types/keys.rs b/src/types/keys.rs index c39816c..d2c4139 100644 --- a/src/types/keys.rs +++ b/src/types/keys.rs @@ -1,15 +1,23 @@ +use clear_on_drop::clear::Clear; use std::time::Instant; /* This file holds types passed between components. * Whenever a type cannot be held local to a single module. */ -#[derive(Debug, Clone, Copy)] +#[derive(Debug, Clone)] pub struct Key { pub key: [u8; 32], pub id: u32, } +// zero key on drop +impl Drop for Key { + fn drop(&mut self) { + self.key.clear() + } +} + #[cfg(test)] impl PartialEq for Key { fn eq(&self, other: &Self) -> bool { @@ -17,7 +25,7 @@ impl PartialEq for Key { } } -#[derive(Debug, Clone, Copy)] +#[derive(Debug, Clone)] pub struct KeyPair { pub birth: Instant, // when was the key-pair created pub initiator: bool, // has the key-pair been confirmed? diff --git a/src/types/tun.rs b/src/types/tun.rs index 72caa71..b36089e 100644 --- a/src/types/tun.rs +++ b/src/types/tun.rs @@ -1,6 +1,6 @@ use std::error; -pub trait Tun: Send + Sync { +pub trait Tun: Send + Sync + 'static { type Error: error::Error; /// Returns the MTU of the device @@ -22,13 +22,13 @@ pub trait Tun: Send + Sync { /// /// # Arguments /// - /// - dst: Destination buffer (enough space for MTU bytes + header) + /// - buf: Destination buffer (enough space for MTU bytes + header) /// - offset: Offset for the beginning of the IP packet /// /// # Returns /// /// The size of the IP packet (ignoring the header) or an std::error::Error instance: - fn read(&self, dst: &mut [u8], offset: usize) -> Result<usize, Self::Error>; + fn read(&self, buf: &mut [u8], offset: usize) -> Result<usize, Self::Error>; /// Writes an IP packet to the tunnel device /// |