Memory Protection
Bindings for the secure memory API. See the libsodium "Securing memory allocations" docs for more information.
sodium_memzero
sodium.sodium_memzero(buf)
Zeros out the data in buf
.
sodium_mlock
sodium.sodium_mlock(buf)
Locks the memory contained in buf
.
sodium_munlock
sodium.sodium_munlock(buf)
Unlocks previously sodium_mlock
'ed memory contained in buf
. This will also sodium_memzero
of buf
.
sodium_malloc
var buffer = sodium.sodium_malloc(size)
Allocates a buffer
of size
which is memory protected. See libsodium docs for details. Be aware that many buffer
-methods may break the security guarantees of sodium_malloc
'ed memory. To check if a buffer
is a "secure" buffer
, you can call access the getter buffer.secure
which will be true
.
sodium_mprotect_noaccess
sodium.sodium_mprotect_noaccess(buf)
Makes buf
which was allocated using sodium_malloc
inaccessible, crashing the process if any access is attempted. Note that this will have no effect for normal buffer
's.
sodium_mprotect_readonly
sodium.sodium_mprotect_readonly(buf)
Makes buf
which was allocated using sodium_malloc
read-only, crashing the process if any writing is attempted. Note that this will have no effect for normal buffer
's.
sodium_mprotect_readwrite
sodium.sodium_mprotect_readwrite(buf)
Makes buf
which was allocated using sodium_malloc
read-write, undoing sodium_mprotect_noaccess
or sodium_mprotect_readonly
. Note that this will have no effect for normal buffer
's.