Extract Sodium::Buffer into a separate gem?

[tarcieri]

Sodium::Buffer is generally useful anywhere we have buffers that contain secrets we don't want to get swapped. I just had a coworker the other day asking about how to do that sort of thing ;)

It would be really great if it could be extracted into a separate gem. Maybe we could get @luislavena to help figure out the Windows story, considering it presently depends on FFI::Library::LIBC

[luislavena]

@tarcieri can you point me to which functions it depends from libc?

[tarcieri]

@luislavena it uses the mlock function, which indicates to the OS that the given region of memory should not be swapped out:

https://www.gnu.org/software/libc/manual/html_node/Page-Lock-Functions.html

The use case here is because it contains cryptographic keys or plaintexts that we'd like to keep confidential.

It looks like the Windows equivalent is VirtualLock:

http://msdn.microsoft.com/en-us/library/windows/desktop/aa366895(v=vs.85).aspx

[stouset]

I'm open to this. It totally didn't cross my mind that Windows doesn't have mlock.

Any suggestions for a name?

[tarcieri]

Well, "mlock" is available if you don't mind being boring ;)

[stouset]

BUT IT'S SO MUCH MORE.

[stouset]

What name did I throw out at beers ephemeral? What about transient?

[stouset]

Both names taken. Gem names are the new DNS.

[stouset]

string-ephemeral and String::Ephemeral seems not unreasonable to me.

[tarcieri]

How about "poof"? ;)

[stouset]

I haven't done this yet, have I?

I'll do this.

[tarcieri]

you haven't done it to my knowledge ;)

[tarcieri]

securebuffer is another boring name ;)