A pure Go library that handles sensitive values in memory.
This is a thread-safe package, designed to allow you to easily handle sensitive values in memory. It supports all major operating systems and is written in pure Go.
- Memory is allocated using system calls, thereby bypassing the Go runtime and preventing the GC from messing with it.
- To prevent buffer overflows and underflows, the secure buffer is sandwiched between two protected guard pages. If these pages are accessed, a SIGSEGV violation is triggered.
- The secure buffer is prepended with a random canary. If this value changes, the process will panic. This is designed to prevent buffer underflows.
- All pages between the two guards are locked to stop them from being swapped to disk.
- The secure buffer can be made read-only so that any other action triggers a SIGSEGV violation.
- When freeing, all secure memory is wiped.
- The API also includes functions for time-constant copying and comparison, disabling system core dumps, and catching signals.
Some of these features were inspired by libsodium, so credits to them.
Full documentation and a complete overview of the API can be found here.
Although we do recommend using a release, the simplest way to install the library is to go get it:
$ go get github.com/awnumar/memguard
If you would prefer a signed release that you can verify and manually compile yourself, download and extract the latest release. Then go ahead and run:
$ go install -v ./
The releases are cryptographically signed with my PGP key, which can be found on keybase. To import it directly into GPG, run:
$ curl https://keybase.io/awn/pgp_keys.asc | gpg --import
