On Tue, May 13, 2014 at 1:52 AM, Kevin Cantu <[email protected]> wrote:
> IIRC no cryptographer is working full-time to contribute to Rust, so there > are no plans to put more crypto than needed into standard libraries. > It'd be great if Mozilla could loop in their security team on Rust development *wink* *wink* *nudge* *nudge* I look at efforts like PKIX and wonder why they're being done in C++ instead of Rust > But serious libraries are more than welcome, and feedback would be great > as we get ever closer to stabilizing the language. I've found the core > devs are *very* responsive. > The main thing I'd like to see in core Rust is something like a .NET SecureString: http://msdn.microsoft.com/en-us/library/system.security.securestring(v=vs.110).aspx This is predicated on having a wrapping algorithm using a Key Encrypting Key. So yeah, crypto ;) As lower hanging fruit, how about a standard way to MemoryMap an mlocked buffer with guard pages that are PROT_NONE? I've been working on a "SecretBuffer" type for my library ClearCrypt, but I'd really like to see something like that in Rust proper (even if it's just flags for MemoryMap) -- Tony Arcieri
_______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
