Open luke-jr opened 10 years ago
Hello,
zmq_z85_{encode,decode}
are, in my opinion, general purpose encoding and decoding function. I don't think they should take special care about how they manipulate data. Maybe a secure version of those functions could be provided if there is need for it.
I think preventing critical data from being swapped to disk is not the library role, and swap should be encrypted if writing data to it can be problematic.
libsodium has cross platform support for guarded heap allocations, since zeromq uses it all that would be necessary would be to use sodium_malloc and sodium_free instead of the normal malloc and free. For extra security those pages could be locked while they are not needed aka sodium_mprotect_noaccess and sodium_mprotect_readonly.
To avoid risk of private keys being swapped to disk, the memory storing them should be memlock'd.
zmqz85{decode,encode} should probably insist on using registers for sensitive key data as well.