wireguard-go/device/keypair.go
Jason A. Donenfeld 28c4d04304 device: use atomic access for unlocked keypair.next
Go's GC semantics might not always guarantee the safety of this, and the
race detector gets upset too, so instead we wrap this all in atomic
accessors.

Reported-by: David Anderson <danderson@tailscale.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-05-02 01:56:48 -06:00

62 lines
1.3 KiB
Go

/* SPDX-License-Identifier: MIT
*
* Copyright (C) 2017-2019 WireGuard LLC. All Rights Reserved.
*/
package device
import (
"crypto/cipher"
"sync"
"sync/atomic"
"time"
"unsafe"
"golang.zx2c4.com/wireguard/replay"
)
/* Due to limitations in Go and /x/crypto there is currently
* no way to ensure that key material is securely ereased in memory.
*
* Since this may harm the forward secrecy property,
* we plan to resolve this issue; whenever Go allows us to do so.
*/
type Keypair struct {
sendNonce uint64
send cipher.AEAD
receive cipher.AEAD
replayFilter replay.ReplayFilter
isInitiator bool
created time.Time
localIndex uint32
remoteIndex uint32
}
type Keypairs struct {
sync.RWMutex
current *Keypair
previous *Keypair
next *Keypair
}
func (kp *Keypairs) storeNext(next *Keypair) {
atomic.StorePointer((*unsafe.Pointer)((unsafe.Pointer)(&kp.next)), (unsafe.Pointer)(next))
}
func (kp *Keypairs) loadNext() *Keypair {
return (*Keypair)(atomic.LoadPointer((*unsafe.Pointer)((unsafe.Pointer)(&kp.next))))
}
func (kp *Keypairs) Current() *Keypair {
kp.RLock()
defer kp.RUnlock()
return kp.current
}
func (device *Device) DeleteKeypair(key *Keypair) {
if key != nil {
device.indexTable.Delete(key.localIndex)
}
}