From 6229644bcaa9e2b1d2e947a376867e906eba7556 Mon Sep 17 00:00:00 2001
From: Emil Lerch <emil@lerch.org>
Date: Mon, 31 Jan 2022 09:01:01 -0800
Subject: [PATCH] update zero process to secureZero

---
 src/aws_signing.zig | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/aws_signing.zig b/src/aws_signing.zig
index c660da5..4f9598b 100644
--- a/src/aws_signing.zig
+++ b/src/aws_signing.zig
@@ -284,7 +284,9 @@ fn getSigningKey(allocator: std.mem.Allocator, signing_date: []const u8, config:
     , .{ signing_date, config.region, config.service });
     var secret = try std.fmt.allocPrint(allocator, "AWS4{s}", .{config.credentials.secret_key});
     defer {
-        for (secret) |_, i| secret[i] = 0; // zero our copy of secret
+        // secureZero avoids compiler optimizations that may say
+        // "WTF are you doing this thing? Looks like nothing to me. It's silly and we will remove it"
+        std.crypto.utils.secureZero(u8, secret); // zero our copy of secret
         allocator.free(secret);
     }
     // log.debug("secret: {s}", .{secret});