[java-man]

I am afraid never - security is never a design goal, even when security is the main purpose of the software (OpenSSL/ heartbleed).

[miloignis]

That's why I think formally verified implementations are so critical, and why Project Everest (formally verified TLS) is so cool: https://project-everest.github.io/

[johnisgood]

Also: https://github.com/Componolit/libsparkcrypto

[java-man]

Not an ADA guy, just curious:

1. does this library provide a way to clear secrets from memory?

2. does it provide means to ensure that the secrets will not be swapped to disk on page fault or copied in memory?

3. does it bignum implementation provide a way to clear the internal buffer?

thank you.

[johnisgood]

Hey! I only found https://github.com/Componolit/libsparkcrypto/blob/0a3a3c5ed7.... I hope someone who is more acquainted will help us out.

In any case, you should read:

- https://www.auto.tuwien.ac.at/~blieb/AE2017/presentations/ae...

- https://www.auto.tuwien.ac.at/~blieb/AE2017/presentations/Ha...

- https://dwheeler.com/secure-programs/Secure-Programs-HOWTO/p...

- https://dwheeler.com/lovelace/s17s5.htm