Consider zeroing memory on drop for key

[touilleMan]

Now that all crypto is implemented in Rust, we may be able to use zeroise (but maybe not: RustCrypto/AEADs#65)

I guess we should use zeroize:

• On bytes buffer that receive decrypted data (given decrypted data often contains key in cleartext)
• On structures deserialize the bytes buffer: I guess Zeorizing is transparent from serde/serde_as point of view
• On final Key object (both for sodiumoxide and RustCrypto), this is what we should check first as it is very possible they work as opaque objects where we cannot simply ensure no copy of sensitive data occurs or that zeroing on drop is possible¹

Footnotes

1. My current guess is this is possible given we have wrapped the Sodiumoxide/RustCrypto key structure in our own key structure, so we could do something like struct MyPrivateKey { key: Zeroizing<SodiumOxidePrivateKey> } which should do the trick (well unless the key is actually stored on the head, or is copied during decryption :/) ↩

[FirelightFlagboy]

Currently the codebase seems to partially use Zeroise. what need to add zeroise support:

• rustcrypto::private::PrivateKey
• rustcrypto::secret::SecretKey
• rustcrypto::sequester::SequesterPrivateKeyDer
• rustcrypto::sequester::SequesterSigningKeyDer
• rustcrypto::sign::SigningKey
• sodiumoxide::private::PrivateKey
• sodiumoxide::secret::SecretKey
• sodiumoxide::sequester::SequesterPrivateKeyDer
• sodiumoxide::sequester::SequesterSigningKeyDer
• sodiumoxide::sign::SigningKey

[TimeEngineer]

Some keys have zeroize support already.