Bug#1023014: ITP: securestring -- Clearing the contents of strings containing cryptographic material
On Sat, 29 Oct 2022 at 10:34:07 +0200, Joost van Baal-Ilić wrote:
> Python wrapper around OPENSSL_cleanse() which fills a pointer with a string
> of 0's, typically used to clear the contents of strings containing
> cryptographic material.
Does this actually need OpenSSL, or would explicit_bzero() be enough on
platforms that have it? (glibc >= 2.25 is an example of a platform that
has it.)
See also the NOTES in explicit_bzero(3), most or all of which probably
apply equally to OPENSSL_cleanse().
smcv
Reply to: