tests and exmaples

radumarias · Jun 4, 2024 · fe33565 · fe33565
1 parent 84ad3d4
commit fe33565
Show file tree

Hide file tree

Showing 6 changed files with 10 additions and 16 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "zeroize"
-version = "0.1.8"
+version = "0.1.9"
 edition = "2021"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

diff --git a/README.md b/README.md
@@ -12,7 +12,7 @@ It can work with `bytearray` and `numpy array`.
 
 > [!WARNING]
 > **In the case of [Copy-on-write fork](https://en.wikipedia.org/wiki/Copy-on-write) you need to zeroize the memory before forking the child process, see example below.  
-> Also by itself it doesn't work if memory is moved or moved to swap. You can use `crypes` with `libc.mlock()` to lock the memory, see example below.**
+> Also by itself it doesn't work if memory is moved or moved to swap. You can use `crypes` with `libc.mlock()` to lock the memory, max size you can lock is 4MB, at least on Linux, see example below.**
 
 # Examples
 

diff --git a/examples/lock_and_zeroize.py b/examples/lock_and_zeroize.py
@@ -35,9 +35,11 @@ def unlock_memory(buffer):
         print("allocate memory")
 
         # regular array
+        # max size you can lock is 4MB, at least on Linux
         arr = bytearray(b"1234567890")
 
         # numpy array
+        # max size you can lock is 4MB, at least on Linux
         arr_np = np.array([0] * 10, dtype=np.uint8)
         arr_np[:] = arr
         assert arr_np.tobytes() == b"1234567890"

diff --git a/examples/zeroize_before_fork.py b/examples/zeroize_before_fork.py
@@ -33,6 +33,7 @@ def unlock_memory(buffer):
 
 if __name__ == "__main__":
     try:
+        # max size you can lock is 4MB, at least on Linux
         sensitive_data = bytearray(b"Sensitive Information")
         lock_memory(sensitive_data)
 

diff --git a/tests/test_zeroize.py b/tests/test_zeroize.py
@@ -1,8 +1,6 @@
 import unittest
 import zeroize
 import numpy as np
-
-
 import ctypes
 
 
@@ -41,16 +39,6 @@ def unlock_memory(buffer):
     1,
     2,
     4,
-    8,
-    16,
-    32,
-    64,
-    128,
-    256,
-    512,
-    1024,
-    2 * 1024,
-    4 * 1024,
 ]
 
 
@@ -71,6 +59,7 @@ def test_zeroize1(self):
     def test_zeroize_np(self):
         try:
             arr = np.array([0] * 10, dtype=np.uint8)
+            lock_memory(arr)
             arr[:] = bytes(b"1234567890")
             zeroize.zeroize_np(arr)
             self.assertEqual(True, all(arr == 0))
@@ -82,17 +71,19 @@ def test_zeroize1_sizes(self):
         for size in SIZES_MB:
             try:
                 arr = bytearray(int(size * 1024 * 1024))
+                lock_memory(arr)
                 zeroize.zeroize1(arr)
                 self.assertEqual(arr, bytearray(int(size * 1024 * 1024)))
 
             finally:
                 unlock_memory(arr)
 
     def test_zeroize_np_sizes(self):
-        for size in [size for size in SIZES_MB if size < 4]:
+        for size in SIZES_MB:
             try:
                 array_size = int(size * 1024 * 1024)
                 random_array = np.random.randint(0, 256, array_size, dtype=np.uint8)
+                lock_memory(random_array)
                 zeroize.zeroize_np(random_array)
                 self.assertEqual(True, all(random_array == 0))
             finally: