Consider using `zeroize` crate for key materials

briansmith / ring

Safe, fast, small crypto using Rust

Other

3.65k stars 684 forks source link

Consider using `zeroize` crate for key materials #2005

Closed StackOverflowExcept1on closed 1 month ago

StackOverflowExcept1on commented 3 months ago

I'm working on software that uses AES encryption and I see that the rsa crate is actively using the zeroize crate as a dependency that automatically removes private keys from memory.

Also see: https://docs.rs/zeroize/1.7.0/zeroize/struct.Zeroizing.html

briansmith commented 1 month ago

Thanks for the suggestion. There's already an issue for zeroization, issue #15, so I'm going to close this as a duplicate of that.