Replace ClearOnDrop with Zeroize

[burdges]

The clear_on_drop crate is no longer maintained and uses fragile techniques. We expected it to break as linker optimizations work their way into rustc, etc. You should expose zeroing with the zeroize and if your dependencies do not yet support zeroing then you can implement the Zeroize trait using a function like

#[inline(always)]
fn zeroize_hack<Z: Default>(z: &mut Z) {
    use core::{ptr, sync::atomic};
    unsafe { ptr::write_volatile(z, Z::default()); }
    atomic::compiler_fence(atomic::Ordering::SeqCst);
}

[lovesh]

@burdges Thanks. Fixed in 9e86347

[burdges]

I think that commit works but actually does not use zeroize. ;)

You could just depend upon Drop of course, but if you impl Zeroize for .. and then call .zeroize() form drop, then anyone downstream with opinions about when to zero can use it. Also it looks like zeroize 0.9.3 fixed zeroize_derive

[lovesh]

Done in 0c78a11