> Some hours ago I sent an email to python-crypto asking how to securelyThat might work if you never ever resize a bytearray during its life
> wipe cryptographic secrets from memory:
> http://mail.python.org/pipermail/python-crypto/2013-February/001170.html
>
> Antoine said that cryptographic secret wiping could be achieved if one
> uses bytearrays carefully and then overwrites their contents after use. I
> agree that this sounds reasonable, but I think it would be even better if
> that was a documented property of bytearrays.
cycle. A resize op calls realloc() which may copy the data to a new
memory region. The old region isn't zeroed.
The approach only takes care of the object itself on the heap. Some
function may store data on the stack or make a temporary copy to another
memory location on the heap. You have to compensate for that.
libtomcrypt has a function burn_stack() that allocates and overwrites
memory on the stack with a recursive function call.
Christian
_______________________________________________
Python-ideas mailing list
Python-ideas@python.org
http://mail.python.org/mailman/listinfo/python-ideas