Add hooks to GMP memory management to zeroize all of its buffers.
Test by looking at the memory content.
Zeroize the heap buffers in bn_to_scalar.
We use the crates unknown_order / rug / GMP. Secrets are ultimately stored in arrays on the heap managed by malloc. GMP is a C library which frequently allocates and copies buffers, and this is not visible to the Rust code. Fortunately, GMP accepts a custom implementation of memory management (alloc / realloc / free). We override these functions to erase all buffers whenever they are released.
bn_to_scalar.We use the crates
unknown_order/rug/GMP. Secrets are ultimately stored in arrays on the heap managed bymalloc. GMP is a C library which frequently allocates and copies buffers, and this is not visible to the Rust code. Fortunately, GMP accepts a custom implementation of memory management (alloc/realloc/free). We override these functions to erase all buffers whenever they are released.