11.04.2018 22:42, Rob Austein пишет:
Which of course also raises the question of whether we *should* be preserving key components in the signer cores. Doctrine for the C code has been to wipe any copy of private key components immediately after use; we're not currently doing that for the signer cores (oops) but adding code to do that would be straightforward. Adding code to be more clever about keeping key components in signer cores seems like a fun source of additional complexity; we do have a notion of an "open" key object, so presumably we could somehow hook into that, perhaps with some kind of LRU mechanism for reclaiming cores when there are too many open keys for the number of cores available.
Note, that we can disconnect outputs of the buffers, where signer cores store the private key, making them "write-only memory" :)
-- With best regards, Pavel Shatov _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
