在Go中覆盖私钥

huangapple go评论79阅读模式
英文:

Overwrite private key in Go

问题

在服务器端的Go代码中,我获取私钥并使用它们来签名断言,但我不想让它们留在内存中。以下代码是否合理?

	var private ed25519.PrivateKey

    // 获取并使用私钥

    // 现在我想要覆盖它,以便它不再留在内存中
  	privKeyBytes := []byte(private)
	_, _ = rand.Read(privKeyBytes)

以下是翻译好的内容:

在服务器端的Go代码中,我获取私钥并使用它们来签名断言,但我不想让它们留在内存中。以下代码是否合理?

	var private ed25519.PrivateKey

    // 获取并使用私钥

    // 现在我想要覆盖它,以便它不再留在内存中
  	privKeyBytes := []byte(private)
	_, _ = rand.Read(privKeyBytes)
英文:

In server-side Go code I acquire private keys and use them to sign assertions, but I don't want to leave them lying around in memory. Is the following sane?

	var private ed25519.PrivateKey

    // acquire and use the private key

    // now I want to overwrite it so it's not lurking in memory
  	privKeyBytes := []byte(private)
	_, _ = rand.Read(privKeyBytes)

答案1

得分: 2

是的,在大多数情况下,覆盖密钥字节应该可以解决问题。

请注意,目前 Go CMS 垃圾收集器是一种非移动的分代 GC,这意味着如果不复制对象,GC 也不会复制。这是实现细节,可能会在将来发生变化。

另外,根据// acquire and use the private key部分的具体操作,可能会将密钥泄漏到堆上。例如,以 PEM 格式读取文件可能会泄漏 PEM 编码的字符串。

要确切知道,请在覆盖密钥后立即在gdb中断点,并将整个堆转储到文件中。然后在文件中搜索密钥字节。

$ go build -gcflags "-N -l"
$ gdb ./test
(gdb) source /usr/go/src/runtime/runtime-gdb.py
加载 Go 运行时支持。
(gdb) b test.go:16
(gdb) r
线程 1“test”命中断点 1,位于 test/test.go:16
(gdb) info i
  Num  Description       Executable
* 1    process 14176     test/test
(gdb) (Ctrl-Z)
[1]+  Stopped                 gdb ./test
$ cat /proc/14176/maps|grep '[heap]'|(read a; x=(${a//-/ }); dd if=/proc/14176/mem bs=4096 iflag=skip_bytes,count_bytes skip=$((0x${x[0]})) count=$((0x${x[1]}-0x${x[0]})) of=heap.bin)
$ grep -obUaP "\x01\x02\x03..." heap.bin
$ fg
(gdb) q
英文:

Yes, overwriting the key bytes should do it in most cases.

Note that currently the Go CMS garbage collector is a non-moving generational GC, meaning that if you don't make a copy of an object, then GC won't make copies either. This is implementation detail and may change in the future though.

Also, the // acquire and use the private key part, depending on what it does, may also leak the key onto the heap. For example, reading a file in PEM format would probably leak the PEM-encoded string.

To really know for sure, break in gdb immediately after overwriting the key and dump the entire heap to a file. Then search in it for the key bytes.

$ go build -gcflags "-N -l"
$ gdb ./test
(gdb) source /usr/go/src/runtime/runtime-gdb.py
Loading Go Runtime support.
(gdb) b test.go:16
(gdb) r
Thread 1 "test" hit Breakpoint 1, main.main () at test/test.go:16
(gdb) info i
  Num  Description       Executable
* 1    process 14176     test/test
(gdb) (Ctrl-Z)
[1]+  Stopped                 gdb ./test
$ cat /proc/14176/maps|grep '\[heap\]'|(read a; x=(${a//-/ }); dd if=/proc/14176/mem bs=4096 iflag=skip_bytes,count_bytes skip=$((0x${x[0]})) count=$((0x${x[1]}-0x${x[0]})) of=heap.bin)
$ grep -obUaP "\x01\x02\x03..." heap.bin
$ fg
(gdb) q

huangapple
  • 本文由 发表于 2021年9月20日 05:58:28
  • 转载请务必保留本文链接:https://go.coder-hub.com/69247365.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定