[zeroize].rs 🄌 

Securely zero memory while avoiding compiler optimizations.

This crate implements a portable approach to securely zeroing memory using techniques which guarantee they won't be "optimized away" by the compiler.

The [Zeroize trait] is the crate's primary API.

[Documentation]

About

[Zeroing memory securely is hard] - compilers optimize for performance, and in doing so they love to "optimize away" unnecessary zeroing calls. There are many documented "tricks" to attempt to avoid these optimizations and ensure that a zeroing routine is performed reliably.

This crate isn't about tricks: it uses [core::ptr::write_volatile] and [core::sync::atomic] memory fences to provide easy-to-use, portable zeroing behavior which works on all of Rust's core number types and slices thereof, implemented in pure Rust with no usage of FFI or assembly.

• No insecure fallbacks!
• No dependencies!
• No FFI or inline assembly! WASM friendly (and tested)!
• #![no_std] i.e. embedded-friendly!
• No functionality besides securely zeroing memory!
• (Optional) Custom derive support for zeroing complex structures

Minimum Supported Rust Version

Requires Rust 1.39 or newer.

In the future, we reserve the right to change MSRV (i.e. MSRV is out-of-scope for this crate's SemVer guarantees), however when we do it will be accompanied with a minor version bump.

License

zeroize is distributed under the terms of either the MIT license or the Apache License (Version 2.0), at your option.

See [LICENSE] (Apache License, Version 2.0) file in the iqlusioninc/crates toplevel directory of this repository or [LICENSE-MIT] for details.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be dual licensed as above, without any additional terms or conditions.