Open
Description
Since this lib relies on ring for crypto, it may not be possible to zero the memory directly. This should be investigated and possibly updated upstream. Tagging @briansmith since he knows better than I how ring behaves.
At the points where private keys are read, the API could request a &mut [u8] and then zero the bytes after it reads them to ensure they don't float around the caller's program where they could be exploited outside rust-tuf's control. This may be overkill. More research needed.