Allow wiping out AES key after usage.

[coolwanglu]

Motivations

Currently the AES module copies the key, and it is not wiped out after usage.

Solution

Use Zeroize on Key to automatically wipe it out on drop. This can be guarded by a feature.

Example:

#[derive(ZeroizeOnDrop)]
struct Key {}

Alternatives

The AES library does not make a copy. Instead it takes only a reference and the caller should wipe it out if necessary.
This changes the API though.

[coolwanglu]

I could send a PR if this sounds good. Not sure how to test it properly though.

[bugadani]

It would probably be best if we didn't copy the key just to then copy it into the hardware. Regardless of that, zeroing it on drop sounds reasonable to me, so maybe we should have both?

[Dominaezzz]

Maybe Key should just go away and process can just take a slice directly instead.

The fact that Mode and Key are specified separately makes the Key enum feel like boilerplate to me.

This way user can zeroize their slices themselves.

[JurajSadel]

I think we can close this one after @bugadani's AES big refactoring?