From 6229644bcaa9e2b1d2e947a376867e906eba7556 Mon Sep 17 00:00:00 2001 From: Emil Lerch Date: Mon, 31 Jan 2022 09:01:01 -0800 Subject: [PATCH] update zero process to secureZero --- src/aws_signing.zig | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/aws_signing.zig b/src/aws_signing.zig index c660da5..4f9598b 100644 --- a/src/aws_signing.zig +++ b/src/aws_signing.zig @@ -284,7 +284,9 @@ fn getSigningKey(allocator: std.mem.Allocator, signing_date: []const u8, config: , .{ signing_date, config.region, config.service }); var secret = try std.fmt.allocPrint(allocator, "AWS4{s}", .{config.credentials.secret_key}); defer { - for (secret) |_, i| secret[i] = 0; // zero our copy of secret + // secureZero avoids compiler optimizations that may say + // "WTF are you doing this thing? Looks like nothing to me. It's silly and we will remove it" + std.crypto.utils.secureZero(u8, secret); // zero our copy of secret allocator.free(secret); } // log.debug("secret: {s}", .{secret});