-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Zeroize mem / proj status re safe-oqs? #269
Comments
@jac-cbi Hello, sorry forgot to enable the issues. Now it is enabled. |
I should also mention I just completed reading through RustCrypto #1046 regarding redoing the interface for Based on this discussion, it would seem than |
All,
I'm in the early stages of writing my project, which is in Rust, and relies on ML-KEM / Kyber (both, one for FIPS world, the other for non-fips).
safe-oqs
QI originally incorporated a fork of liboqs-rust, safe-oqs because it had updated the submodule of liboqs to include the recently released ML-KEM. However, I now have a few questions, and @Scarjit and @joernheinemann don't have issues open on their fork...
@thomwiggers should liboqs-rust just pull in the relevant changes from safe-oqs? I looked at the diff between main branches, there's not much there. Just updated liboqs commit and exposing ML-KEM / ML-SIG. The rest is mostly renaming their crate
Real Q re
Zeroize
Outside of that, my real question is this: Does liboqs-rust zeroize sensitive buffers on Drop? I see
OQS_MEM_secure_free()
, and a build check to ensure it's used overfree()
, but I don't see theDrop
trait implemented on the Rust side in the macros.Drop
only appears to be implemented forKem
andSig
, which, afaict, are just handles. Additionally, thatDrop
implementation is callingOQS_KEM_free()
, which does not securely zero the memory.Would it make sense to just
#[derive(Zeroize, ZeroizeOnDrop)]
from thezeroize
crate?The text was updated successfully, but these errors were encountered: