github.com/sagernet/wireguard-go@v0.0.0-20231215174105-89dec3b2f3e8/device/keypair.go (about)

     1  /* SPDX-License-Identifier: MIT
     2   *
     3   * Copyright (C) 2017-2023 WireGuard LLC. All Rights Reserved.
     4   */
     5  
     6  package device
     7  
     8  import (
     9  	"crypto/cipher"
    10  	"sync"
    11  	"time"
    12  
    13  	"github.com/sagernet/sing/common/atomic"
    14  	"github.com/sagernet/wireguard-go/replay"
    15  )
    16  
    17  /* Due to limitations in Go and /x/crypto there is currently
    18   * no way to ensure that key material is securely ereased in memory.
    19   *
    20   * Since this may harm the forward secrecy property,
    21   * we plan to resolve this issue; whenever Go allows us to do so.
    22   */
    23  
    24  type Keypair struct {
    25  	sendNonce    atomic.Uint64
    26  	send         cipher.AEAD
    27  	receive      cipher.AEAD
    28  	replayFilter replay.Filter
    29  	isInitiator  bool
    30  	created      time.Time
    31  	localIndex   uint32
    32  	remoteIndex  uint32
    33  }
    34  
    35  type Keypairs struct {
    36  	sync.RWMutex
    37  	current  *Keypair
    38  	previous *Keypair
    39  	next     atomic.Pointer[Keypair]
    40  }
    41  
    42  func (kp *Keypairs) Current() *Keypair {
    43  	kp.RLock()
    44  	defer kp.RUnlock()
    45  	return kp.current
    46  }
    47  
    48  func (device *Device) DeleteKeypair(key *Keypair) {
    49  	if key != nil {
    50  		device.indexTable.Delete(key.localIndex)
    51  	}
    52  }