Tony Arcieri
Tony Arcieri
We now have working arithmetic support which will be available in the v0.14 releases
As has already been covered, in `curve25519-dalek` the `alloc` feature and liballoc are optional as this crate supports "heapless" embedded targets which keep everything on the stack. There are a...
An attacker who can read secret keys out of memory is generally outside the threat model of most cryptographic libraries. Note `elliptic_curve::SecretKey` has a drop impl. Your example does not,...
> Here is the updated [one](https://gist.github.com/RajeshRk18/9717b67e53e7771a27c5c9a6ff9e3db3). @RajeshRk18 is there something specific you're trying to illustrate with these examples? This example contains moves, because you are allocating `SigingKey` on the stack...
That message concludes: > Also note that in Rust leaving transient copies of secrets on the stack is very difficult to avoid. Moves can sometimes make memcpy-style copies of `!Copy`...
This should be fixed with explicit APIs for large moduli, not a cargo feature that can cause spooky-action-at-a-distance among other dependencies that aren't expecting it
Are there actually any breaking changes?
I’d definitely like to roll forward rather than backward, but v6.0.0 would be a great time to update the timeout subsystem: #773
#773 is an issue, not a PR. Perhaps we should ping the people mentioned in that issue to see if they can open a PR, though
I made a last call for breaking changes to the timeout subsystem in #773, though perhaps we should merge #754 first as well