You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Working with PKey types, it can be of interest to have tools that clear the key buffers on drop, something like the Zeroize crate would do but for OpenSSL types.
I believe the OpenSSL library offers the OPENSSL_cleanse tool that writes zeroes on the buffer pointed to by the first argument.
The text was updated successfully, but these errors were encountered:
EVP_PKEYs are dropped with EVP_PKEY_free which should use the appropriate
cipher-internal freeing function which in turn should cleanse all private
data unless there is a a bug in the underlying OpenSSL library that you're
using.
Auditing this for the key types you care about is going to be a bit of
work but this should not need extra handling by rust-openssl or its
users.
Working with
PKey
types, it can be of interest to have tools that clear the key buffers on drop, something like theZeroize
crate would do but for OpenSSL types.I believe the OpenSSL library offers the OPENSSL_cleanse tool that writes zeroes on the buffer pointed to by the first argument.
The text was updated successfully, but these errors were encountered: