Classes for safely handling secrets
Project description
Omniblack Secret
Classes for safer handling of secrets. We use libsodium to store secrets in memory that is protected by guard pages, a canary, and is set to readonly when the library is not reading from it. These protections should help mitigate exploits in other parts of the program allow for arbitrary reads of memory, and should reduce the risk of buffer overflows and similar memory writing bugs from corrupting the secret.
Further more Secret instance's repr will not reveal the secret
so if a secret object is accidentally logged the secret value
will not be exposed, and the value is stored in a C slot not
in a python dict or slot so introspection tools like rich.inspect
will not reveal the secret.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file omniblack_secret-0.0.13.tar.gz.
File metadata
- Download URL: omniblack_secret-0.0.13.tar.gz
- Upload date:
- Size: 3.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d6c864a1c05b00a32addbe35262a56f02ca9a6244fb9f4736283cc65cabae1e4
|
|
| MD5 |
a290105fd85717de3a3732d1273930e7
|
|
| BLAKE2b-256 |
a2af1ddda39886e7fb0675a8eaf833cb5bf6993c3bb87dfe29d81a69923424d5
|
