hare

[hare] The Hare programming language
git clone https://git.torresjrjr.com/hare.git
Log | Files | Refs | README | LICENSE

impl+linux.ha (864B)

      1 // SPDX-License-Identifier: MPL-2.0
      2 // (c) Hare authors <https://harelang.org>
      3 
      4 use errors;
      5 use linux::keyctl;
      6 
      7 export type key = keyctl::serial;
      8 
      9 // Creates a new secure key. The caller should clear the secret buffer with
     10 // [[bytes::zero]] after initialization.
     11 export fn newkey(buf: []u8, name: str) (key | errors::error) = {
     12 	match (keyctl::add_key("user", name, buf, keyctl::PROCESS_KEYRING)) {
     13 	case keyctl::nokey => abort();
     14 	case let err: errors::error =>
     15 		return err;
     16 	case let key: keyctl::serial =>
     17 		return key;
     18 	};
     19 };
     20 
     21 // Destroys a secure key.
     22 export fn destroy(key: key) void = {
     23 	keyctl::revoke(key)!;
     24 };
     25 
     26 // Reads secret data from a secure key. When the caller is done using the secret
     27 // buffer, they should use [[bytes::zero]] to securely wipe the buffer memory.
     28 export fn read(key: key, buf: []u8) size = {
     29 	return keyctl::read(key, buf)!;
     30 };