Introduce shred!

JuliaLang · Dec 6, 2017 · eb79d97 · eb79d97
1 parent 83ecdff
commit eb79d97
Show file tree

Hide file tree

Showing 8 changed files with 34 additions and 33 deletions.
diff --git a/base/exports.jl b/base/exports.jl
@@ -783,6 +783,7 @@ export
     show,
     showcompact,
     showerror,
+    shred!,
     split,
     sprint,
     string,

diff --git a/base/libgit2/callbacks.jl b/base/libgit2/callbacks.jl
@@ -190,7 +190,7 @@ function authenticate_userpass(libgit2credptr::Ptr{Ptr{Void}}, p::CredentialPayl
         # Use `deepcopy` to ensure zeroing the `git_cred` doesn't also zero the `cred`s copy
         cred.user = deepcopy(Base.get(git_cred.username, ""))
         cred.pass = deepcopy(Base.get(git_cred.password, ""))
-        securezero!(git_cred)
+        shred!(git_cred)
         revised = true
 
         p.use_git_helpers = false

diff --git a/base/libgit2/gitcredential.jl b/base/libgit2/gitcredential.jl
@@ -47,12 +47,12 @@ function GitCredential(cred::UserPasswordCredentials, url::AbstractString)
     return git_cred
 end
 
-function securezero!(cred::GitCredential)
-    !isnull(cred.protocol) && securezero!(unsafe_get(cred.protocol))
-    !isnull(cred.host) && securezero!(unsafe_get(cred.host))
-    !isnull(cred.path) && securezero!(unsafe_get(cred.path))
-    !isnull(cred.username) && securezero!(unsafe_get(cred.username))
-    !isnull(cred.password) && securezero!(unsafe_get(cred.password))
+function shred!(cred::GitCredential)
+    !isnull(cred.protocol) && shred!(unsafe_get(cred.protocol))
+    !isnull(cred.host) && shred!(unsafe_get(cred.host))
+    !isnull(cred.path) && shred!(unsafe_get(cred.path))
+    !isnull(cred.username) && shred!(unsafe_get(cred.username))
+    !isnull(cred.password) && shred!(unsafe_get(cred.password))
     return cred
 end
 
@@ -293,7 +293,7 @@ function approve(cfg::GitConfig, cred::UserPasswordCredentials, url::AbstractStr
         approve(helper, git_cred)
     end
 
-    securezero!(git_cred)
+    shred!(git_cred)
     nothing
 end
 
@@ -305,6 +305,6 @@ function reject(cfg::GitConfig, cred::UserPasswordCredentials, url::AbstractStri
         reject(helper, git_cred)
     end
 
-    securezero!(git_cred)
+    shred!(git_cred)
     nothing
 end
diff --git a/base/libgit2/types.jl b/base/libgit2/types.jl
@@ -1126,7 +1126,7 @@ function objtype(obj_type::Consts.OBJECT)
     end
 end
 
-import Base.securezero!
+import Base.shred!
 
 "Abstract credentials payload"
 abstract type AbstractCredentials end
@@ -1157,9 +1157,9 @@ mutable struct UserPasswordCredentials <: AbstractCredentials
     UserPasswordCredentials(prompt_if_incorrect::Bool) = UserPasswordCredentials("","",prompt_if_incorrect)
 end
 
-function securezero!(cred::UserPasswordCredentials)
-    securezero!(cred.user)
-    securezero!(cred.pass)
+function shred!(cred::UserPasswordCredentials)
+    shred!(cred.user)
+    shred!(cred.pass)
     return cred
 end
 
@@ -1194,11 +1194,11 @@ mutable struct SSHCredentials <: AbstractCredentials
     SSHCredentials(prompt_if_incorrect::Bool) = SSHCredentials("","","","",prompt_if_incorrect)
 end
 
-function securezero!(cred::SSHCredentials)
-    securezero!(cred.user)
-    securezero!(cred.pass)
-    securezero!(cred.prvkey)
-    securezero!(cred.pubkey)
+function shred!(cred::SSHCredentials)
+    shred!(cred.user)
+    shred!(cred.pass)
+    shred!(cred.prvkey)
+    shred!(cred.pubkey)
     return cred
 end
 
@@ -1221,8 +1221,8 @@ Base.haskey(cache::CachedCredentials, cred_id) = Base.haskey(cache.cred, cred_id
 Base.getindex(cache::CachedCredentials, cred_id) = Base.getindex(cache.cred, cred_id)
 Base.get!(cache::CachedCredentials, cred_id, default) = Base.get!(cache.cred, cred_id, default)
 
-function securezero!(p::CachedCredentials)
-    foreach(securezero!, values(p.cred))
+function shred!(p::CachedCredentials)
+    foreach(shred!, values(p.cred))
     return p
 end
 
@@ -1333,7 +1333,7 @@ function approve(p::CredentialPayload; shred::Bool=true)
         approve(p.config, cred, p.url)
     end
 
-    shred && securezero!(cred)
+    shred && shred!(cred)
     nothing
 end
 
@@ -1358,6 +1358,6 @@ function reject(p::CredentialPayload; shred::Bool=true)
         reject(p.config, cred, p.url)
     end
 
-    shred && securezero!(cred)
+    shred && shred!(cred)
     nothing
 end
diff --git a/base/pkg/entry.jl b/base/pkg/entry.jl
@@ -453,7 +453,7 @@ function update(branch::AbstractString, upkgs::Set{String})
             end
         end
     finally
-        Base.securezero!(creds)
+        shred!(creds)
     end
     info("Computing changes...")
     resolve(reqs, avail, instd, fixed, free, upkgs)

diff --git a/base/strings/string.jl b/base/strings/string.jl
@@ -25,9 +25,9 @@ end
     SecureString(string::AbstractString)
 
 A string where the contents will be securely wiped when garbage collected. However, it is
-considered best practise to wipe the string using `securezero!(::SecureString)` as soon as
-the secure data is no longer required. Note that when the `string` parameter is of type
-`String` then the memory of the original string will also be securely wiped.
+considered best practise to wipe the string using `shred!(::SecureString)` as soon as the
+secure data is no longer required. Note that when the `string` parameter is of type `String`
+then the memory of the original string will also be securely wiped.
 
 # Examples
 ```jldoctest
@@ -37,7 +37,7 @@ julia> str = "abc"::String
 julia> s = SecureString(str)
 "abc"
 
-julia> Base.securezero!(s)
+julia> shred!(s)
 "\0\0\0"
 
 julia> str
@@ -49,12 +49,12 @@ mutable struct SecureString <: AbstractString
 
     function SecureString(str::AbstractString)
         s = new(Vector{UInt8}(str))
-        finalizer(securezero!, s)
+        finalizer(shred!, s)
         return s
     end
 end
 
-function securezero!(s::SecureString)
+function shred!(s::SecureString)
     securezero!(s.data)
     return s
 end

diff --git a/test/misc.jl b/test/misc.jl
@@ -555,7 +555,7 @@ let optstring = repr(Base.JLOptions())
 end
 
 # Base.securezero! functions (#17579)
-import Base: securezero!, unsafe_securezero!
+import Base: securezero!, unsafe_securezero!, shred!
 let a = [1,2,3]
     @test securezero!(a) === a == [0,0,0]
     a[:] = 1:3
@@ -567,7 +567,7 @@ let a = [1,2,3]
 end
 let cache = Base.LibGit2.CachedCredentials()
     get!(cache, "foo", LibGit2.SSHCredentials("", "bar"))
-    securezero!(cache)
+    shred!(cache)
     @test cache["foo"].pass == "\0\0\0"
 end
 

diff --git a/test/strings/types.jl b/test/strings/types.jl
@@ -271,7 +271,7 @@ end
         @test str == secure
 
         # Securely wiping the SecureString will also wipe out the original source
-        Base.securezero!(secure) === secure
+        shred!(secure) === secure
         @test secure != "foobar"
         @test str != "foobar"
     end
@@ -295,7 +295,7 @@ end
     @testset "deepcopy" begin
         secure_a = SecureString("foo")
         secure_b = deepcopy(secure_a)
-        Base.securezero!(secure_a)
+        shred!(secure_a)
 
         @test secure_a != "foo"
         @test secure_b == "foo"
-Original file line number
+Diff line change
@@ Expand Up / @@ -783,6 +783,7 @@ export @@
         show,
         showcompact,
         showerror,
+        shred!,
         split,
         sprint,
         string,
@@ Expand Down @@