crypto_wipe —
wipe data from memory
#include
<monocypher.h>
void
crypto_wipe(
void
*secret,
size_t secret_size);
crypto_wipe() securely erases sensitive data in
memory.
Sensitive data (such as cryptographic keys or secret plaintexts) should be
erased from memory as early as possible, to minimise the window in which it
can be leaked. Standard functions like memset and bzero are not safe to use,
as the compiler may decide they have no effect and optimise them out.
The arguments are:
-
-
- secret
- The buffer to erase.
-
-
- secret_size
- The number of bytes to erase from the buffer. Normally this
is the size of the entire buffer.
Monocypher will wipe its context structs when finalizing an operation such as
signing or decrypting. When using direct interfaces like
crypto_lock(3monocypher),
these context structs are invisible to you. They are exposed in incremental
interfaces like
crypto_blake2b_init(3monocypher).
The original key buffer does not get automatically wiped. When using
incremental interfaces, you may want to wipe the original key buffers
immediately after calling the respective init function.
Using
crypto_wipe() alone may not suffice for
security. It is recommended to lock down relevant memory regions as well.
Refer to
intro(3monocypher) for
instructions on how to lock down memory on common operating systems.
This function returns nothing.
intro(3monocypher)
The
crypto_wipe() function first appeared in
Monocypher 1.1.0.