libsodium provides a mechanism for secure memory. However, they are expensive. They are much slower than a standard malloc. They also allocate 3-4 pages of memory (12kb-16kb) per call. Plus, most os have a limit on the amount of memory that can be locked.
Since secure memory is so expensive, I don't think we can use it for all allocations. One option is to pass output buffers to the functions:
def crypto_box_keypair(pk_out=None, sk_out=None):
if pk_out is None:
pk_out = bytearray(crypto_box_PUBLICKEYBYTES)
else:
_assert_len('pk_out', pk_out, crypto_box_PUBLICKEYBYTES)
But this would change the current API.
What are your thoughts? Is it worth it?
libsodium provides a mechanism for secure memory. However, they are expensive. They are much slower than a standard malloc. They also allocate 3-4 pages of memory (12kb-16kb) per call. Plus, most os have a limit on the amount of memory that can be locked.
Since secure memory is so expensive, I don't think we can use it for all allocations. One option is to pass output buffers to the functions:
But this would change the current API.
What are your thoughts? Is it worth it?