From b2711924656536765055bddc122e80695ded4988 Mon Sep 17 00:00:00 2001 From: Didactic Drunk <1479616+didactic-drunk@users.noreply.github.com> Date: Fri, 26 Mar 2021 13:56:26 -0700 Subject: [PATCH] Document recommended KDF use --- src/sodium/kdf.cr | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/sodium/kdf.cr b/src/sodium/kdf.cr index 9b71e45..1ed52ec 100644 --- a/src/sodium/kdf.cr +++ b/src/sodium/kdf.cr @@ -15,6 +15,19 @@ module Sodium # Memory for this class is held in a sodium guarded page with noaccess. # Readonly access is temporarily enabled when deriving keys. # Calling #to_slice marks the page readonly permanently. + # + # It's recommended to use a #wipe block to erase the master key when no longer needed + # ``` + # kdf = Kdf.new + # ... + # kdf.wipe do + # ### Warning: abnormal exit may not wipe + # # encrypt/decrypt data + # end # key erased + # # main application logic + # ``` + # + # ``` class Kdf include Wipe