Disable memsec on windows to fix it

bitwarden · Sep 24, 2024 · c43aa08 · c43aa08
1 parent 32d298f
commit c43aa08
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 6 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -54,7 +54,7 @@ codegen-units = 1
 # This is a workaround until this is fixed: https://github.com/rustls/rustls-platform-verifier/issues/141
 [profile.release-windows]
 inherits = "release"
-lto = "fat"
+lto = "off"
 
 # Stripping the binary reduces the size by ~30%, but the stacktraces won't be usable anymore.
 # This is fine as long as we don't have any unhandled panics, but let's keep it disabled for now

diff --git a/crates/bitwarden-crypto/Cargo.toml b/crates/bitwarden-crypto/Cargo.toml
@@ -17,7 +17,7 @@ keywords.workspace = true
 default = []
 
 uniffi = ["dep:uniffi"]  # Uniffi bindings
-no-memory-hardening = [] # Disable memory hardening features
+no-memory-hardening = ["memsec"] # Disable memory hardening features
 
 [dependencies]
 aes = { version = ">=0.8.2, <0.9", features = ["zeroize"] }
@@ -46,8 +46,8 @@ uniffi = { version = "=0.28.1", optional = true }
 uuid = { version = ">=1.3.3, <2.0", features = ["serde"] }
 zeroize = { version = ">=1.7.0, <2.0", features = ["derive", "aarch64"] }
 
-[target.'cfg(not(target_arch="wasm32"))'.dependencies]
-memsec = { version = "0.7.0", features = ["alloc_ext"] }
+[target.'cfg(all(not(target_arch = "wasm32"), not(windows)))'.dependencies]
+memsec = { version = "0.7.0", features = ["alloc_ext"], optional = true }
 
 [dev-dependencies]
 criterion = { version = "0.5.1", features = ["html_reports"] }

diff --git a/crates/bitwarden-crypto/src/service/key_store/rust_impl.rs b/crates/bitwarden-crypto/src/service/key_store/rust_impl.rs
@@ -15,7 +15,11 @@ pub(crate) struct RustImplKeyData<Key: KeyRef> {
 
 impl<Key: KeyRef> Drop for RustImplKeyData<Key> {
     fn drop(&mut self) {
-        #[cfg(all(not(target_arch = "wasm32"), not(feature = "no-memory-hardening")))]
+        #[cfg(all(
+            not(target_arch = "wasm32"),
+            not(feature = "no-memory-hardening"),
+            not(windows)
+        ))]
         {
             use std::mem::MaybeUninit;
 
@@ -50,7 +54,11 @@ impl<Key: KeyRef> KeyData<Key> for RustImplKeyData<Key> {
         #[allow(unused_mut)]
         let mut data: Box<_> = std::iter::repeat_with(|| None).take(capacity).collect();
 
-        #[cfg(all(not(target_arch = "wasm32"), not(feature = "no-memory-hardening")))]
+        #[cfg(all(
+            not(target_arch = "wasm32"),
+            not(feature = "no-memory-hardening"),
+            not(windows)
+        ))]
         {
             let entry_size = std::mem::size_of::<Option<(Key, Key::KeyValue)>>();
             unsafe {