Safe handling of primes/candidates
fjarri opened this issue · 1 comments
fjarri commented
In many applications of this library, like RSA or Paillier encryption, the primes being checked or generated are supposed to be secret. Can we enforce the zeroization of them throughout the library? This will have to be extended into crypto-bigint
as well.
ok-john commented
Do you think it's better to zeroize on drop with macros or manually zeroize?