Secure-ish strings in Go!

secstring aims to provide a basic secure string implementation to go


Build Status Coverage Status GoDoc

Should I use this?

Probably not. I've implemented this mostly as a PoC. I use it somewhat, but I don't recommend other people use it right now.

What makes them secure?

  • strings are unlikely to be written to swap (except during hibernation)
  • strings are immutable - modifying them causes a non-recoverable panic

This doesn't work on Windows/FreeBSD/etc.

Yes. I use syscall heavily, and unfortunately, golang in many BSDs don't have the functions I'm using. I'm going to submit patches, so hopefully they get added soon.

Windows support will never be added. I don't have a test box for it.

Can I get an example?

Damn straight.

import ""
import "fmt"

func main() {
    str := "testing"
    ss, _ := secstring.FromString(&str)
    defer ss.Destroy()

    fmt.Printf("String: %v", ss.String)




This section is empty.


This section is empty.


This section is empty.


type SecString

type SecString struct {
	String []byte // Protected string
	Length int    // Length of the target string

func FromString

func FromString(str *string) (*SecString, error)

    Makes a new SecString from a string reference. Destroys str after creating the secstring

    func NewSecString

    func NewSecString(str []byte) (*SecString, error)

      Takes a []byte and builds a SecString out of it, wiping str in the process.

      A SecString should be destroyed when it's no longer needed to prevent memory leaks. It is probably a good idea to defer SecString.Destroy()

      func (*SecString) Clone

      func (s *SecString) Clone() (*SecString, error)

      func (*SecString) Destroy

      func (s *SecString) Destroy() error

        Destroys the s. *MUST* be called to prevent memory leaks. Probably best to be called in a defer

        Source Files


        Path Synopsis