28c4d04304
Go's GC semantics might not always guarantee the safety of this, and the race detector gets upset too, so instead we wrap this all in atomic accessors. Reported-by: David Anderson <danderson@tailscale.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
62 lines
1.3 KiB
Go
62 lines
1.3 KiB
Go
/* SPDX-License-Identifier: MIT
|
|
*
|
|
* Copyright (C) 2017-2019 WireGuard LLC. All Rights Reserved.
|
|
*/
|
|
|
|
package device
|
|
|
|
import (
|
|
"crypto/cipher"
|
|
"sync"
|
|
"sync/atomic"
|
|
"time"
|
|
"unsafe"
|
|
|
|
"golang.zx2c4.com/wireguard/replay"
|
|
)
|
|
|
|
/* Due to limitations in Go and /x/crypto there is currently
|
|
* no way to ensure that key material is securely ereased in memory.
|
|
*
|
|
* Since this may harm the forward secrecy property,
|
|
* we plan to resolve this issue; whenever Go allows us to do so.
|
|
*/
|
|
|
|
type Keypair struct {
|
|
sendNonce uint64
|
|
send cipher.AEAD
|
|
receive cipher.AEAD
|
|
replayFilter replay.ReplayFilter
|
|
isInitiator bool
|
|
created time.Time
|
|
localIndex uint32
|
|
remoteIndex uint32
|
|
}
|
|
|
|
type Keypairs struct {
|
|
sync.RWMutex
|
|
current *Keypair
|
|
previous *Keypair
|
|
next *Keypair
|
|
}
|
|
|
|
func (kp *Keypairs) storeNext(next *Keypair) {
|
|
atomic.StorePointer((*unsafe.Pointer)((unsafe.Pointer)(&kp.next)), (unsafe.Pointer)(next))
|
|
}
|
|
|
|
func (kp *Keypairs) loadNext() *Keypair {
|
|
return (*Keypair)(atomic.LoadPointer((*unsafe.Pointer)((unsafe.Pointer)(&kp.next))))
|
|
}
|
|
|
|
func (kp *Keypairs) Current() *Keypair {
|
|
kp.RLock()
|
|
defer kp.RUnlock()
|
|
return kp.current
|
|
}
|
|
|
|
func (device *Device) DeleteKeypair(key *Keypair) {
|
|
if key != nil {
|
|
device.indexTable.Delete(key.localIndex)
|
|
}
|
|
}
|