CURVE plaintext should be placed in secure memory

[sigiesec]

For additional security, unencrypted plaintext should be placed in secure memory when using CURVE security.

Points to consider:

• Is this effective for the message payload? Can we ensure this is for all copies that are under control of libzmq, and enable the user to ensure this as well?
• We should care to reduce the number of secure memory allocations to a minimum since this is a very costly operation.

[bluca]

I think it's enough to protect the allocation of secrets - if users want to protect their payloads, they can already do so with the message APIs that take a buffer and a callback to free it

[sigiesec]

Ok, please give that a close look once I submit a PR.

But does the message API use secure memory?

[bluca]

With msg_init_data the data buffer is provided by the user, so it's up to them for sending. For receiving, we'd have to allocate the buffer used by the TCP recv syscall with these API, and I don't think it's worth the trouble and performance degradation.
Let's start with the simplest and highest return value change - using it for the private keys plaintext storage

[sigiesec]

Ok, then the number of allocations is not critical since the keys are only exhanged once in a session