No method to securely delete big uint

[Richard-W]

It seems impossible from the public API to overwrite the memory occupied by a BigUint. This is a dealbreaker for cryptographic applications since a BigUint may contain private keys for RSA or DH schemes.

Exposing the trait crate::biguint::IntDigits to the public API would solve that problem.

[cuviper]

See #92 using Zeroize, but I still hesitate to merge that with incomplete coverage.

• It doesn't zero the full capacity. That was added in zeroize Vec's capacity() by extending iqlusioninc/crates#180, but then reverted in zeroize: Relax Zeroize trait bounds for Vec iqlusioninc/crates#276, and AFAICS that still stands.
• It doesn't address realloc at all, which means old values may still be left on the heap.

Exposing the trait crate::biguint::IntDigits to the public API would solve that problem.

That requires exposing the digit size, which I explicitly don't want.

But if you're OK with a manual secure-delete like that, we could add a feature to impl Zeroize for BigUint and you could call that yourself, or you could create a Secret<BigUint> to zero on drop.

[Richard-W]

That requires exposing the digit size, which I explicitly don't want.

I understand. Good call.

Manual delete is completely sufficient.