RustCrypto: zeroize_stack
Securely zero the stack (a.k.a. zeroize) while avoiding compiler optimizations.
This crate implements a portable approach to securely zeroing the stack using techniques which guarantee they won't be "optimized away" by the compiler.
Zeroing memory securely is hard - compilers optimize for performance, and in doing so they love to "optimize away" unnecessary zeroing calls, as well as make extra copies of data on the stack that cannot be easily zeroed. That's what this crate is for.
This crate isn't about tricks: it uses psm::on_stack to run a function on
a portable stack, and then uses zeroize to zero that stack. psm implements
all of the assembly for several different architectures, and the zeroize
portion of the task was implemented in pure Rust.
#![no_std]i.e. embedded-friendly! (allocis required)- No functionality besides securely zeroing the a function's stack usage!
Licensed under either of:
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.