8000 Change PIN Parameter type from string to []byte · Issue #184 · miekg/pkcs11 · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
Change PIN Parameter type from string to []byte #184
New issue
New issue
Open
Open
Change PIN Parameter type from string to []byte#184
@basrach

Description

@basrach
basrach
opened on May 26, 2025

Currently, the PIN is passed as a string, making it impossible to legally overwrite the PIN in memory after use. When sensitive data like a PIN is passed as a string, it may remain in memory longer than necessary and could be exposed in a memory dump.

Proposal:
Change the PIN parameter type from string to []byte. This would allow the caller to manually zero out the PIN after use, improving control over sensitive data and aligning the library with secure coding practices.

Would the maintainers consider this change? I’d be glad to assist with implementation if needed.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0