49 files changed, 270 insertions, 205 deletions
diff --git a/core/crypto/_aes/ct64/api.odin b/core/crypto/_aes/ct64/api.odin
index f57a630b1..08acd37ed 100644
--- a/core/crypto/_aes/ct64/api.odin
+++ b/core/crypto/_aes/ct64/api.odin
@@ -1,7 +1,6 @@
 package aes_ct64
 
-import "base:intrinsics"
-import "core:mem"
+import "core:crypto"
 
 STRIDE :: 4
 
@@ -82,5 +81,5 @@ decrypt_blocks :: proc(ctx: ^Context, dst, src: [][]byte) {
 // reset sanitizes the Context.  The Context must be re-initialized to
 // be used again.
 reset :: proc(ctx: ^Context) {
-	mem.zero_explicit(ctx, size_of(ctx))
-}
+	crypto.zero_explicit(ctx, size_of(ctx))
+}
+\ No newline at end of file
diff --git a/core/crypto/_aes/ct64/ct64_dec.odin b/core/crypto/_aes/ct64/ct64_dec.odin
index 408ee6002..6fca7a5f2 100644
--- a/core/crypto/_aes/ct64/ct64_dec.odin
+++ b/core/crypto/_aes/ct64/ct64_dec.odin
@@ -22,8 +22,6 @@
 
 package aes_ct64
 
-import "base:intrinsics"
-
 inv_sub_bytes :: proc "contextless" (q: ^[8]u64) {
 	// AES S-box is:
 	//   S(x) = A(I(x)) ^ 0x63
diff --git a/core/crypto/_aes/ct64/ct64_keysched.odin b/core/crypto/_aes/ct64/ct64_keysched.odin
index 0f00bba57..d0004dd5a 100644
--- a/core/crypto/_aes/ct64/ct64_keysched.odin
+++ b/core/crypto/_aes/ct64/ct64_keysched.odin
@@ -22,9 +22,9 @@
 
 package aes_ct64
 
+import "core:crypto"
 import "core:crypto/_aes"
 import "core:encoding/endian"
-import "core:mem"
 
 @(private, require_results)
 sub_word :: proc "contextless" (x: u32) -> u32 {
@@ -35,7 +35,7 @@ sub_word :: proc "contextless" (x: u32) -> u32 {
 	orthogonalize(&q)
 	ret := u32(q[0])
 
-	mem.zero_explicit(&q[0], size_of(u64))
+	crypto.zero_explicit(&q[0], size_of(u64))
 
 	return ret
 }
@@ -97,8 +97,8 @@ keysched :: proc "contextless" (comp_skey: []u64, key: []byte) -> int {
 			(q[7] & 0x8888888888888888)
 	}
 
-	mem.zero_explicit(&skey, size_of(skey))
-	mem.zero_explicit(&q, size_of(q))
+	crypto.zero_explicit(&skey, size_of(skey))
+	crypto.zero_explicit(&q, size_of(q))
 
 	return num_rounds
 }
diff --git a/core/crypto/_aes/hw_intel/hw_intel_keysched.odin b/core/crypto/_aes/hw_intel/hw_intel_keysched.odin
index bdf0d3066..96108442d 100644
--- a/core/crypto/_aes/hw_intel/hw_intel_keysched.odin
+++ b/core/crypto/_aes/hw_intel/hw_intel_keysched.odin
@@ -25,7 +25,6 @@ package aes_hw_intel
 
 import "base:intrinsics"
 import "core:crypto/_aes"
-import "core:mem"
 import "core:simd/x86"
 
 // Intel AES-NI based implementation.  Inspiration taken from BearSSL.
@@ -174,5 +173,28 @@ keysched :: proc(ctx: ^Context, key: []byte) {
 
 	ctx._num_rounds = num_rounds
 
-	mem.zero_explicit(&sks, size_of(sks))
+	zero_explicit(&sks, size_of(sks))
 }
+
+/*
+Set each byte of a memory range to zero.
+
+This procedure copies the value `0` into the `len` bytes of a memory range,
+starting at address `data`.
+
+This procedure returns the pointer to `data`.
+
+Unlike the `zero()` procedure, which can be optimized away or reordered by the
+compiler under certain circumstances, `zero_explicit()` procedure can not be
+optimized away or reordered with other memory access operations, and the
+compiler assumes volatile semantics of the memory.
+*/
+zero_explicit :: proc "contextless" (data: rawptr, len: int) -> rawptr {
+	// This routine tries to avoid the compiler optimizing away the call,
+	// so that it is always executed.  It is intended to provide
+	// equivalent semantics to those provided by the C11 Annex K 3.7.4.1
+	// memset_s call.
+	intrinsics.mem_zero_volatile(data, len) // Use the volatile mem_zero
+	intrinsics.atomic_thread_fence(.Seq_Cst) // Prevent reordering
+	return data
+}
+\ No newline at end of file
diff --git a/core/crypto/_blake2/blake2.odin b/core/crypto/_blake2/blake2.odin
index 487e93b83..4e8fd0a6a 100644
--- a/core/crypto/_blake2/blake2.odin
+++ b/core/crypto/_blake2/blake2.odin
@@ -10,8 +10,8 @@ package _blake2
     Implementation of the BLAKE2 hashing algorithm, as defined in <https://datatracker.ietf.org/doc/html/rfc7693> and <https://www.blake2.net/>
 */
 
+import "base:intrinsics"
 import "core:encoding/endian"
-import "core:mem"
 
 BLAKE2S_BLOCK_SIZE :: 64
 BLAKE2S_SIZE :: 32
@@ -145,7 +145,7 @@ init :: proc "contextless" (ctx: ^$T, cfg: ^Blake2_Config) {
 		}
 	}
 
-	mem.zero(&ctx.x, size_of(ctx.x)) // Done with the scratch space, no barrier.
+	intrinsics.mem_zero(&ctx.x, size_of(ctx.x)) // Done with the scratch space, no barrier.
 
 	if cfg.tree != nil && cfg.tree.(Blake2_Tree).is_last_node {
 		ctx.is_last_node = true
@@ -222,7 +222,7 @@ reset :: proc "contextless" (ctx: ^$T) {
 		return
 	}
 
-	mem.zero_explicit(ctx, size_of(ctx^))
+	zero_explicit(ctx, size_of(ctx^))
 }
 
 @(private)
@@ -2877,3 +2877,27 @@ blake2b_blocks :: #force_inline proc "contextless" (ctx: ^Blake2b_Context, p: []
 	ctx.h[0], ctx.h[1], ctx.h[2], ctx.h[3], ctx.h[4], ctx.h[5], ctx.h[6], ctx.h[7] =
 		h0, h1, h2, h3, h4, h5, h6, h7
 }
+
+/*
+Set each byte of a memory range to zero.
+
+This procedure copies the value `0` into the `len` bytes of a memory range,
+starting at address `data`.
+
+This procedure returns the pointer to `data`.
+
+Unlike the `zero()` procedure, which can be optimized away or reordered by the
+compiler under certain circumstances, `zero_explicit()` procedure can not be
+optimized away or reordered with other memory access operations, and the
+compiler assumes volatile semantics of the memory.
+*/
+@(private)
+zero_explicit :: proc "contextless" (data: rawptr, len: int) -> rawptr {
+	// This routine tries to avoid the compiler optimizing away the call,
+	// so that it is always executed.  It is intended to provide
+	// equivalent semantics to those provided by the C11 Annex K 3.7.4.1
+	// memset_s call.
+	intrinsics.mem_zero_volatile(data, len) // Use the volatile mem_zero
+	intrinsics.atomic_thread_fence(.Seq_Cst) // Prevent reordering
+	return data
+}
+\ No newline at end of file
diff --git a/core/crypto/_chacha20/chacha20.odin b/core/crypto/_chacha20/chacha20.odin
index 1a4b5a507..7d94d8a95 100644
--- a/core/crypto/_chacha20/chacha20.odin
+++ b/core/crypto/_chacha20/chacha20.odin
@@ -1,8 +1,8 @@
 package _chacha20
 
+import "core:crypto"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 // KEY_SIZE is the (X)ChaCha20 key size in bytes.
 KEY_SIZE :: 32
@@ -88,8 +88,8 @@ seek :: proc(ctx: ^Context, block_nr: u64) {
 // reset sanitizes the Context.  The Context must be re-initialized to
 // be used again.
 reset :: proc(ctx: ^Context) {
-	mem.zero_explicit(&ctx._s, size_of(ctx._s))
-	mem.zero_explicit(&ctx._buffer, size_of(ctx._buffer))
+	crypto.zero_explicit(&ctx._s, size_of(ctx._s))
+	crypto.zero_explicit(&ctx._buffer, size_of(ctx._buffer))
 
 	ctx._is_initialized = false
 }
@@ -116,4 +116,4 @@ check_counter_limit :: proc(ctx: ^Context, nr_blocks: int) {
 	}
 
 	ensure(ctr_ok, "crypto/chacha20: maximum (X)ChaCha20 keystream per IV reached")
-}
+}
+\ No newline at end of file
diff --git a/core/crypto/_edwards25519/edwards25519.odin b/core/crypto/_edwards25519/edwards25519.odin
index 12192102d..dddfaef02 100644
--- a/core/crypto/_edwards25519/edwards25519.odin
+++ b/core/crypto/_edwards25519/edwards25519.odin
@@ -13,7 +13,8 @@ See:
 
 import "core:crypto"
 import field "core:crypto/_fiat/field_curve25519"
-import "core:mem"
+
+zero_explicit :: crypto.zero_explicit
 
 // Group_Element is an edwards25519 group element, as extended homogenous
 // coordinates, which represents the affine point `(x, y)` as `(X, Y, Z, T)`,
@@ -96,7 +97,7 @@ Group_Element :: struct {
 }
 
 ge_clear :: proc "contextless" (ge: ^Group_Element) {
-	mem.zero_explicit(ge, size_of(Group_Element))
+	zero_explicit(ge, size_of(Group_Element))
 }
 
 ge_set :: proc "contextless" (ge, a: ^Group_Element) {
@@ -159,7 +160,7 @@ ge_set_bytes :: proc "contextless" (ge: ^Group_Element, b: []byte) -> bool {
 
 	ge_cond_assign(ge, &tmp, is_canonical)
 
-	mem.zero_explicit(&buf, size_of(buf))
+	zero_explicit(&buf, size_of(buf))
 
 	return is_canonical == 1
 }
@@ -231,8 +232,8 @@ ge_add :: proc "contextless" (ge, a, b: ^Group_Element) {
 	scratch: Add_Scratch = ---
 	ge_add_addend(ge, a, &b_, &scratch)
 
-	mem.zero_explicit(&b_, size_of(Addend_Group_Element))
-	mem.zero_explicit(&scratch, size_of(Add_Scratch))
+	zero_explicit(&b_, size_of(Addend_Group_Element))
+	zero_explicit(&scratch, size_of(Add_Scratch))
 }
 
 @(private)
@@ -352,7 +353,7 @@ ge_double :: proc "contextless" (ge, a: ^Group_Element, scratch: ^Double_Scratch
 	field.fe_carry_mul(&ge.z, F, G_)
 
 	if sanitize {
-		mem.zero_explicit(scratch, size_of(Double_Scratch))
+		zero_explicit(scratch, size_of(Double_Scratch))
 	}
 }
 
@@ -420,4 +421,4 @@ ge_in_prime_order_subgroup_vartime :: proc "contextless" (ge: ^Group_Element) ->
 	tmp: Group_Element = ---
 	ge_scalarmult_raw(&tmp, ge, &SC_ELL, true)
 	return ge_equal(&tmp, &GE_IDENTITY) == 1
-}
+}
+\ No newline at end of file
diff --git a/core/crypto/_edwards25519/edwards25519_scalar.odin b/core/crypto/_edwards25519/edwards25519_scalar.odin
index 68c79a6e8..5dff03f67 100644
--- a/core/crypto/_edwards25519/edwards25519_scalar.odin
+++ b/core/crypto/_edwards25519/edwards25519_scalar.odin
@@ -1,7 +1,6 @@
 package _edwards25519
 
 import field "core:crypto/_fiat/field_scalar25519"
-import "core:mem"
 
 Scalar :: field.Montgomery_Domain_Field_Element
 
@@ -19,7 +18,7 @@ sc_set_u64 :: proc "contextless" (sc: ^Scalar, i: u64) {
 	tmp := field.Non_Montgomery_Domain_Field_Element{i, 0, 0, 0}
 	field.fe_to_montgomery(sc, &tmp)
 
-	mem.zero_explicit(&tmp, size_of(tmp))
+	zero_explicit(&tmp, size_of(tmp))
 }
 
 @(require_results)
@@ -36,7 +35,7 @@ sc_set_bytes_rfc8032 :: proc "contextless" (sc: ^Scalar, b: []byte) {
 }
 
 sc_clear :: proc "contextless" (sc: ^Scalar) {
-	mem.zero_explicit(sc, size_of(Scalar))
+	zero_explicit(sc, size_of(Scalar))
 }
 
 sc_set :: field.fe_set
diff --git a/core/crypto/_edwards25519/edwards25519_scalar_mul.odin b/core/crypto/_edwards25519/edwards25519_scalar_mul.odin
index d4ffa1075..548062c78 100644
--- a/core/crypto/_edwards25519/edwards25519_scalar_mul.odin
+++ b/core/crypto/_edwards25519/edwards25519_scalar_mul.odin
@@ -3,7 +3,6 @@ package _edwards25519
 import "core:crypto"
 import field "core:crypto/_fiat/field_scalar25519"
 import subtle "core:crypto/_subtle"
-import "core:mem"
 
 ge_scalarmult :: proc "contextless" (ge, p: ^Group_Element, sc: ^Scalar) {
 	tmp: field.Non_Montgomery_Domain_Field_Element
@@ -11,7 +10,7 @@ ge_scalarmult :: proc "contextless" (ge, p: ^Group_Element, sc: ^Scalar) {
 
 	ge_scalarmult_raw(ge, p, &tmp)
 
-	mem.zero_explicit(&tmp, size_of(tmp))
+	zero_explicit(&tmp, size_of(tmp))
 }
 
 ge_scalarmult_vartime :: proc "contextless" (ge, p: ^Group_Element, sc: ^Scalar) {
@@ -134,9 +133,9 @@ ge_scalarmult_raw :: proc "contextless" (
 
 	if !unsafe_is_vartime {
 		ge_clear(&tmp)
-		mem.zero_explicit(&tmp_add, size_of(Add_Scratch))
-		mem.zero_explicit(&tmp_addend, size_of(Addend_Group_Element))
-		mem.zero_explicit(&tmp_dbl, size_of(Double_Scratch))
+		zero_explicit(&tmp_add, size_of(Add_Scratch))
+		zero_explicit(&tmp_addend, size_of(Addend_Group_Element))
+		zero_explicit(&tmp_dbl, size_of(Double_Scratch))
 	}
 }
 
diff --git a/core/crypto/_edwards25519/edwards25519_scalar_mul_base.odin b/core/crypto/_edwards25519/edwards25519_scalar_mul_base.odin
index 6820d618e..51305af2a 100644
--- a/core/crypto/_edwards25519/edwards25519_scalar_mul_base.odin
+++ b/core/crypto/_edwards25519/edwards25519_scalar_mul_base.odin
@@ -4,7 +4,6 @@ import "core:crypto"
 import field "core:crypto/_fiat/field_curve25519"
 import scalar "core:crypto/_fiat/field_scalar25519"
 import subtle "core:crypto/_subtle"
-import "core:mem"
 
 ge_scalarmult_basepoint :: proc "contextless" (ge: ^Group_Element, sc: ^Scalar) {
 	when crypto.COMPACT_IMPLS == true {
@@ -27,9 +26,9 @@ ge_scalarmult_basepoint :: proc "contextless" (ge: ^Group_Element, sc: ^Scalar)
 			mul_bp_tbl_add(ge, &Gen_Multiply_Table_edwards25519_hi[i], hi, &tmp_add, &tmp_addend, false)
 		}
 
-		mem.zero_explicit(&tmp_sc, size_of(tmp_sc))
-		mem.zero_explicit(&tmp_add, size_of(Add_Scratch))
-		mem.zero_explicit(&tmp_addend, size_of(Basepoint_Addend_Group_Element))
+		zero_explicit(&tmp_sc, size_of(tmp_sc))
+		zero_explicit(&tmp_add, size_of(Add_Scratch))
+		zero_explicit(&tmp_addend, size_of(Basepoint_Addend_Group_Element))
 	}
 }
 
diff --git a/core/crypto/_fiat/field_curve25519/field.odin b/core/crypto/_fiat/field_curve25519/field.odin
index 04fc87659..ac6e284b7 100644
--- a/core/crypto/_fiat/field_curve25519/field.odin
+++ b/core/crypto/_fiat/field_curve25519/field.odin
@@ -1,7 +1,8 @@
 package field_curve25519
 
 import "core:crypto"
-import "core:mem"
+
+zero_explicit :: crypto.zero_explicit
 
 fe_relax_cast :: #force_inline proc "contextless" (
 	arg1: ^Tight_Field_Element,
@@ -18,7 +19,7 @@ fe_tighten_cast :: #force_inline proc "contextless" (
 fe_clear :: proc "contextless" (
 	arg1: $T,
 ) where T == ^Tight_Field_Element || T == ^Loose_Field_Element {
-	mem.zero_explicit(arg1, size_of(arg1^))
+	zero_explicit(arg1, size_of(arg1^))
 }
 
 fe_clear_vec :: proc "contextless" (
@@ -38,7 +39,7 @@ fe_from_bytes :: proc "contextless" (out1: ^Tight_Field_Element, arg1: ^[32]byte
 
 	_fe_from_bytes(out1, &tmp1)
 
-	mem.zero_explicit(&tmp1, size_of(tmp1))
+	zero_explicit(&tmp1, size_of(tmp1))
 }
 
 fe_is_negative :: proc "contextless" (arg1: ^Tight_Field_Element) -> int {
@@ -47,7 +48,7 @@ fe_is_negative :: proc "contextless" (arg1: ^Tight_Field_Element) -> int {
 	fe_to_bytes(&tmp1, arg1)
 	ret := tmp1[0] & 1
 
-	mem.zero_explicit(&tmp1, size_of(tmp1))
+	zero_explicit(&tmp1, size_of(tmp1))
 
 	return int(ret)
 }
@@ -59,8 +60,8 @@ fe_equal :: proc "contextless" (arg1, arg2: ^Tight_Field_Element) -> int {
 	fe_to_bytes(&tmp2, arg2)
 	ret := crypto.compare_constant_time(tmp1[:], tmp2[:])
 
-	mem.zero_explicit(&tmp1, size_of(tmp1))
-	mem.zero_explicit(&tmp2, size_of(tmp2))
+	zero_explicit(&tmp1, size_of(tmp1))
+	zero_explicit(&tmp2, size_of(tmp2))
 
 	return ret
 }
@@ -72,7 +73,7 @@ fe_equal_bytes :: proc "contextless" (arg1: ^Tight_Field_Element, arg2: ^[32]byt
 
 	ret := crypto.compare_constant_time(tmp1[:], arg2[:])
 
-	mem.zero_explicit(&tmp1, size_of(tmp1))
+	zero_explicit(&tmp1, size_of(tmp1))
 
 	return ret
 }
@@ -175,7 +176,7 @@ fe_carry_sqrt_ratio_m1 :: proc "contextless" (
 	fe_carry_abs(out1, r)
 
 	fe_clear_vec([]^Tight_Field_Element{&w, &tmp1, &tmp2, &tmp3})
-	mem.zero_explicit(&b, size_of(b))
+	zero_explicit(&b, size_of(b))
 
 	return correct_sign_sqrt | flipped_sign_sqrt
 }
diff --git a/core/crypto/_fiat/field_curve448/field.odin b/core/crypto/_fiat/field_curve448/field.odin
index 540d88f28..bb077cb1e 100644
--- a/core/crypto/_fiat/field_curve448/field.odin
+++ b/core/crypto/_fiat/field_curve448/field.odin
@@ -1,6 +1,6 @@
 package field_curve448
 
-import "core:mem"
+import "core:crypto"
 
 fe_relax_cast :: #force_inline proc "contextless" (
 	arg1: ^Tight_Field_Element,
@@ -17,7 +17,7 @@ fe_tighten_cast :: #force_inline proc "contextless" (
 fe_clear :: proc "contextless" (
 	arg1: $T,
 ) where T == ^Tight_Field_Element || T == ^Loose_Field_Element {
-	mem.zero_explicit(arg1, size_of(arg1^))
+	crypto.zero_explicit(arg1, size_of(arg1^))
 }
 
 fe_clear_vec :: proc "contextless" (
diff --git a/core/crypto/_fiat/field_p256r1/field.odin b/core/crypto/_fiat/field_p256r1/field.odin
index c2e2044aa..f39bee4a9 100644
--- a/core/crypto/_fiat/field_p256r1/field.odin
+++ b/core/crypto/_fiat/field_p256r1/field.odin
@@ -1,12 +1,12 @@
 package field_p256r1
 
+import "core:crypto"
 import subtle "core:crypto/_subtle"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 fe_clear :: proc "contextless" (arg1: ^Montgomery_Domain_Field_Element) {
-	mem.zero_explicit(arg1, size_of(Montgomery_Domain_Field_Element))
+	crypto.zero_explicit(arg1, size_of(Montgomery_Domain_Field_Element))
 }
 
 fe_clear_vec :: proc "contextless" (
@@ -31,7 +31,7 @@ fe_from_bytes :: proc "contextless" (
 		endian.unchecked_get_u64be(arg1[8:]),
 		endian.unchecked_get_u64be(arg1[0:]),
 	}
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	// Check that tmp is in the the range [0, ELL).
 	if !unsafe_assume_canonical {
@@ -61,7 +61,7 @@ fe_to_bytes :: proc "contextless" (out1: []byte, arg1: ^Montgomery_Domain_Field_
 	endian.unchecked_put_u64be(out1[8:], tmp[2])
 	endian.unchecked_put_u64be(out1[0:], tmp[3])
 
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 }
 
 @(require_results)
@@ -81,7 +81,7 @@ fe_equal :: proc "contextless" (arg1, arg2: ^Montgomery_Domain_Field_Element) ->
 @(require_results)
 fe_is_odd :: proc "contextless" (arg1: ^Montgomery_Domain_Field_Element) -> int {
 	tmp: Non_Montgomery_Domain_Field_Element = ---
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	fe_from_montgomery(&tmp, arg1)
 	return int(tmp[0] & 1)
diff --git a/core/crypto/_fiat/field_p384r1/field.odin b/core/crypto/_fiat/field_p384r1/field.odin
index 65affc38c..5cb5cd05e 100644
--- a/core/crypto/_fiat/field_p384r1/field.odin
+++ b/core/crypto/_fiat/field_p384r1/field.odin
@@ -1,12 +1,12 @@
 package field_p384r1
 
+import "core:crypto"
 import subtle "core:crypto/_subtle"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 fe_clear :: proc "contextless" (arg1: ^Montgomery_Domain_Field_Element) {
-	mem.zero_explicit(arg1, size_of(Montgomery_Domain_Field_Element))
+	crypto.zero_explicit(arg1, size_of(Montgomery_Domain_Field_Element))
 }
 
 fe_clear_vec :: proc "contextless" (
@@ -33,7 +33,7 @@ fe_from_bytes :: proc "contextless" (
 		endian.unchecked_get_u64be(arg1[8:]),
 		endian.unchecked_get_u64be(arg1[0:]),
 	}
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	// Check that tmp is in the the range [0, ELL).
 	if !unsafe_assume_canonical {
@@ -67,7 +67,7 @@ fe_to_bytes :: proc "contextless" (out1: []byte, arg1: ^Montgomery_Domain_Field_
 	endian.unchecked_put_u64be(out1[8:], tmp[4])
 	endian.unchecked_put_u64be(out1[0:], tmp[5])
 
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 }
 
 @(require_results)
@@ -87,7 +87,7 @@ fe_equal :: proc "contextless" (arg1, arg2: ^Montgomery_Domain_Field_Element) ->
 @(require_results)
 fe_is_odd :: proc "contextless" (arg1: ^Montgomery_Domain_Field_Element) -> int {
 	tmp: Non_Montgomery_Domain_Field_Element = ---
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	fe_from_montgomery(&tmp, arg1)
 	return int(tmp[0] & 1)
diff --git a/core/crypto/_fiat/field_poly1305/field.odin b/core/crypto/_fiat/field_poly1305/field.odin
index caaece98e..244ddceb8 100644
--- a/core/crypto/_fiat/field_poly1305/field.odin
+++ b/core/crypto/_fiat/field_poly1305/field.odin
@@ -1,7 +1,7 @@
 package field_poly1305
 
+import "core:crypto"
 import "core:encoding/endian"
-import "core:mem"
 
 fe_relax_cast :: #force_inline proc "contextless" (
 	arg1: ^Tight_Field_Element,
@@ -57,7 +57,7 @@ fe_from_u64s :: proc "contextless" (out1: ^Tight_Field_Element, lo, hi: u64) {
 	_fe_from_bytes(out1, &tmp)
 
 	// This routine is only used to deserialize `r` which is confidential.
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 }
 
 fe_zero :: proc "contextless" (out1: ^Tight_Field_Element) {
diff --git a/core/crypto/_fiat/field_scalar25519/field.odin b/core/crypto/_fiat/field_scalar25519/field.odin
index 96b279ce7..181a6ce8d 100644
--- a/core/crypto/_fiat/field_scalar25519/field.odin
+++ b/core/crypto/_fiat/field_scalar25519/field.odin
@@ -1,9 +1,9 @@
 package field_scalar25519
 
+import "core:crypto"
 import subtle "core:crypto/_subtle"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 @(private, rodata)
 _TWO_168 := Montgomery_Domain_Field_Element {
@@ -21,7 +21,7 @@ _TWO_336 := Montgomery_Domain_Field_Element {
 }
 
 fe_clear :: proc "contextless" (arg1: ^Montgomery_Domain_Field_Element) {
-	mem.zero_explicit(arg1, size_of(Montgomery_Domain_Field_Element))
+	crypto.zero_explicit(arg1, size_of(Montgomery_Domain_Field_Element))
 }
 
 fe_from_bytes :: proc "contextless" (
@@ -35,7 +35,7 @@ fe_from_bytes :: proc "contextless" (
 		endian.unchecked_get_u64le(arg1[16:]),
 		endian.unchecked_get_u64le(arg1[24:]),
 	}
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	// Check that tmp is in the the range [0, ELL).
 	if !unsafe_assume_canonical {
@@ -67,7 +67,7 @@ fe_from_bytes_rfc8032 :: proc "contextless" (
 
 	fe_from_bytes_wide(out1, &tmp)
 
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 }
 
 fe_from_bytes_wide :: proc "contextless" (
@@ -101,7 +101,7 @@ _fe_from_bytes_short :: proc "contextless" (out1: ^Montgomery_Domain_Field_Eleme
 	copy(tmp[:], arg1)
 
 	_ = fe_from_bytes(out1, &tmp, true)
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 }
 
 fe_to_bytes :: proc "contextless" (out1: []byte, arg1: ^Montgomery_Domain_Field_Element) {
@@ -115,7 +115,7 @@ fe_to_bytes :: proc "contextless" (out1: []byte, arg1: ^Montgomery_Domain_Field_
 	endian.unchecked_put_u64le(out1[16:], tmp[2])
 	endian.unchecked_put_u64le(out1[24:], tmp[3])
 
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 }
 
 fe_equal :: proc "contextless" (arg1, arg2: ^Montgomery_Domain_Field_Element) -> int {
diff --git a/core/crypto/_fiat/field_scalarp256r1/field.odin b/core/crypto/_fiat/field_scalarp256r1/field.odin
index 0dfedb442..70e55d9e3 100644
--- a/core/crypto/_fiat/field_scalarp256r1/field.odin
+++ b/core/crypto/_fiat/field_scalarp256r1/field.odin
@@ -1,9 +1,9 @@
 package field_scalarp256r1
 
+import "core:crypto"
 import subtle "core:crypto/_subtle"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 @(private, rodata)
 TWO_192 := Montgomery_Domain_Field_Element{
@@ -23,7 +23,7 @@ TWO_384 := Montgomery_Domain_Field_Element{
 // 0x431905529c0166ce652e96b7ccca0a99679b73e19ad16947f01cf013fc632551
 
 fe_clear :: proc "contextless" (arg1: ^Montgomery_Domain_Field_Element) {
-	mem.zero_explicit(arg1, size_of(Montgomery_Domain_Field_Element))
+	crypto.zero_explicit(arg1, size_of(Montgomery_Domain_Field_Element))
 }
 
 fe_clear_vec :: proc "contextless" (
@@ -67,7 +67,7 @@ fe_from_bytes :: proc "contextless" (
 		// Zero extend to 512-bits.
 		src_512: [64]byte
 		copy(src_512[64-s_len:], arg1)
-		defer mem.zero_explicit(&src_512, size_of(src_512))
+		defer crypto.zero_explicit(&src_512, size_of(src_512))
 
 		fe_unchecked_set(out1, src_512[40:]) // a
 		b: Montgomery_Domain_Field_Element
@@ -102,7 +102,7 @@ fe_is_canonical :: proc "contextless" (arg1: []byte) -> bool {
 @(private)
 fe_unchecked_set :: proc "contextless" (out1: ^Montgomery_Domain_Field_Element, arg1: []byte) {
 	arg1_256: [32]byte
-	defer mem.zero_explicit(&arg1_256, size_of(arg1_256))
+	defer crypto.zero_explicit(&arg1_256, size_of(arg1_256))
 	copy(arg1_256[32-len(arg1):], arg1)
 
 	tmp := Non_Montgomery_Domain_Field_Element {
@@ -111,7 +111,7 @@ fe_unchecked_set :: proc "contextless" (out1: ^Montgomery_Domain_Field_Element,
 		endian.unchecked_get_u64be(arg1_256[8:]),
 		endian.unchecked_get_u64be(arg1_256[0:]),
 	}
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	fe_to_montgomery(out1, &tmp)
 }
@@ -128,7 +128,7 @@ fe_to_bytes :: proc "contextless" (out1: []byte, arg1: ^Montgomery_Domain_Field_
 	endian.unchecked_put_u64be(out1[8:], tmp[2])
 	endian.unchecked_put_u64be(out1[0:], tmp[3])
 
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 }
 
 fe_equal :: proc "contextless" (arg1, arg2: ^Montgomery_Domain_Field_Element) -> int {
@@ -144,7 +144,7 @@ fe_equal :: proc "contextless" (arg1, arg2: ^Montgomery_Domain_Field_Element) ->
 
 fe_is_odd :: proc "contextless" (arg1: ^Montgomery_Domain_Field_Element) -> int {
 	tmp: Non_Montgomery_Domain_Field_Element = ---
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	fe_from_montgomery(&tmp, arg1)
 	return int(tmp[0] & 1)
diff --git a/core/crypto/_fiat/field_scalarp384r1/field.odin b/core/crypto/_fiat/field_scalarp384r1/field.odin
index f8af5e0f5..9b9e5d350 100644
--- a/core/crypto/_fiat/field_scalarp384r1/field.odin
+++ b/core/crypto/_fiat/field_scalarp384r1/field.odin
@@ -1,9 +1,9 @@
 package field_scalarp384r1
 
+import "core:crypto"
 import subtle "core:crypto/_subtle"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 @(private, rodata)
 TWO_256 := Montgomery_Domain_Field_Element{
@@ -16,7 +16,7 @@ TWO_256 := Montgomery_Domain_Field_Element{
 }
 
 fe_clear :: proc "contextless" (arg1: ^Montgomery_Domain_Field_Element) {
-	mem.zero_explicit(arg1, size_of(Montgomery_Domain_Field_Element))
+	crypto.zero_explicit(arg1, size_of(Montgomery_Domain_Field_Element))
 }
 
 fe_clear_vec :: proc "contextless" (
@@ -50,8 +50,8 @@ fe_from_bytes :: proc "contextless" (
 		tmp: Non_Montgomery_Domain_Field_Element = ---
 		fe_unchecked_set_saturated(&tmp, arg1)
 		reduced := tmp
-		defer mem.zero_explicit(&tmp, size_of(tmp))
-		defer mem.zero_explicit(&reduced, size_of(reduced))
+		defer crypto.zero_explicit(&tmp, size_of(tmp))
+		defer crypto.zero_explicit(&reduced, size_of(reduced))
 
 		borrow: u64
 		reduced[0], borrow = bits.sub_u64(tmp[0], ELL[0], borrow)
@@ -78,7 +78,7 @@ fe_from_bytes :: proc "contextless" (
 		// Zero extend to 512-bits.
 		src_512: [64]byte
 		copy(src_512[64-s_len:], arg1)
-		defer mem.zero_explicit(&src_512, size_of(src_512))
+		defer crypto.zero_explicit(&src_512, size_of(src_512))
 
 		fe_unchecked_set(out1, src_512[32:]) // a
 		b: Montgomery_Domain_Field_Element
@@ -117,12 +117,12 @@ fe_unchecked_set_saturated :: proc "contextless" (out1: ^Non_Montgomery_Domain_F
 @(private)
 fe_unchecked_set :: proc "contextless" (out1: ^Montgomery_Domain_Field_Element, arg1: []byte) {
 	arg1_384: [48]byte
-	defer mem.zero_explicit(&arg1_384, size_of(arg1_384))
+	defer crypto.zero_explicit(&arg1_384, size_of(arg1_384))
 	copy(arg1_384[48-len(arg1):], arg1)
 
 	tmp: Non_Montgomery_Domain_Field_Element = ---
 	fe_unchecked_set_saturated(&tmp, arg1_384[:])
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	fe_to_montgomery(out1, &tmp)
 }
@@ -141,7 +141,7 @@ fe_to_bytes :: proc "contextless" (out1: []byte, arg1: ^Montgomery_Domain_Field_
 	endian.unchecked_put_u64be(out1[8:], tmp[4])
 	endian.unchecked_put_u64be(out1[0:], tmp[5])
 
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 }
 
 fe_equal :: proc "contextless" (arg1, arg2: ^Montgomery_Domain_Field_Element) -> int {
@@ -157,7 +157,7 @@ fe_equal :: proc "contextless" (arg1, arg2: ^Montgomery_Domain_Field_Element) ->
 
 fe_is_odd :: proc "contextless" (arg1: ^Montgomery_Domain_Field_Element) -> int {
 	tmp: Non_Montgomery_Domain_Field_Element = ---
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	fe_from_montgomery(&tmp, arg1)
 	return int(tmp[0] & 1)
diff --git a/core/crypto/_sha3/sha3.odin b/core/crypto/_sha3/sha3.odin
index 02b0b6578..b2d032b31 100644
--- a/core/crypto/_sha3/sha3.odin
+++ b/core/crypto/_sha3/sha3.odin
@@ -16,7 +16,7 @@ package _sha3
 */
 
 import "core:math/bits"
-import "core:mem"
+import "core:crypto"
 
 ROUNDS :: 24
 
@@ -179,7 +179,7 @@ reset :: proc "contextless" (ctx: ^Context) {
 		return
 	}
 
-	mem.zero_explicit(ctx, size_of(ctx^))
+	crypto.zero_explicit(ctx, size_of(ctx^))
 }
 
 shake_xof :: proc "contextless" (ctx: ^Context) {
diff --git a/core/crypto/_weierstrass/point_s11n_sec.odin b/core/crypto/_weierstrass/point_s11n_sec.odin
index 53dd4002f..56d017e5e 100644
--- a/core/crypto/_weierstrass/point_s11n_sec.odin
+++ b/core/crypto/_weierstrass/point_s11n_sec.odin
@@ -1,6 +1,6 @@
 package _weierstrass
 
-@(require) import "core:mem"
+@(require) import "core:crypto"
 
 @(private)
 SEC_PREFIX_IDENTITY        :: 0x00
@@ -92,7 +92,7 @@ pt_sec_bytes :: proc "contextless" (b: []byte, p: ^$T, compressed: bool) -> bool
 		// 1 redundant rescale call.
 		y_is_odd := byte(y[FE_SZ-1] & 1)
 		b[0] = SEC_PREFIX_COMPRESSED_EVEN + y_is_odd
-		mem.zero_explicit(&y_, size_of(y_))
+		crypto.zero_explicit(&y_, size_of(y_))
 	}
 
 	return true
diff --git a/core/crypto/_weierstrass/scalar_mul.odin b/core/crypto/_weierstrass/scalar_mul.odin
index 108dc5d74..ac0d81a26 100644
--- a/core/crypto/_weierstrass/scalar_mul.odin
+++ b/core/crypto/_weierstrass/scalar_mul.odin
@@ -2,7 +2,6 @@ package _weierstrass
 
 import "core:crypto"
 @(require) import subtle "core:crypto/_subtle"
-@(require) import "core:mem"
 
 pt_scalar_mul :: proc "contextless" (
 	p, a: ^$T,
@@ -23,7 +22,7 @@ pt_scalar_mul :: proc "contextless" (
 	pt_scalar_mul_bytes(p, a, b[:], unsafe_is_vartime)
 
 	if !unsafe_is_vartime {
-		mem.zero_explicit(&b, size_of(b))
+		crypto.zero_explicit(&b, size_of(b))
 	}
 }
 
@@ -69,7 +68,7 @@ pt_scalar_mul_bytes :: proc "contextless" (
 	pt_set(p, &q)
 
 	if !unsafe_is_vartime {
-		mem.zero_explicit(&p_tbl, size_of(p_tbl))
+		crypto.zero_explicit(&p_tbl, size_of(p_tbl))
 		pt_clear_vec([]^T{&q, &tmp})
 	}
 }
@@ -116,7 +115,7 @@ when crypto.COMPACT_IMPLS == true {
 		}
 
 		if !unsafe_is_vartime {
-			mem.zero_explicit(&b, size_of(b))
+			crypto.zero_explicit(&b, size_of(b))
 			pt_clear(&tmp)
 		}
 	}
diff --git a/core/crypto/aegis/aegis.odin b/core/crypto/aegis/aegis.odin
index 41b7ad5be..fbb19f1ae 100644
--- a/core/crypto/aegis/aegis.odin
+++ b/core/crypto/aegis/aegis.odin
@@ -11,7 +11,6 @@ package aegis
 import "core:bytes"
 import "core:crypto"
 import "core:crypto/aes"
-import "core:mem"
 
 // KEY_SIZE_128L is the AEGIS-128L key size in bytes.
 KEY_SIZE_128L :: 16
@@ -197,8 +196,8 @@ open :: proc(ctx: ^Context, dst, iv, aad, ciphertext, tag: []byte) -> bool {
 	}
 
 	if crypto.compare_constant_time(tag, derived_tag) != 1 {
-		mem.zero_explicit(raw_data(derived_tag), len(derived_tag))
-		mem.zero_explicit(raw_data(dst), ct_len)
+		crypto.zero_explicit(raw_data(derived_tag), len(derived_tag))
+		crypto.zero_explicit(raw_data(dst), ct_len)
 		return false
 	}
 
@@ -208,7 +207,7 @@ open :: proc(ctx: ^Context, dst, iv, aad, ciphertext, tag: []byte) -> bool {
 // reset sanitizes the Context.  The Context must be
 // re-initialized to be used again.
 reset :: proc "contextless" (ctx: ^Context) {
-	mem.zero_explicit(&ctx._key, len(ctx._key))
+	crypto.zero_explicit(&ctx._key, len(ctx._key))
 	ctx._key_len = 0
 	ctx._is_initialized = false
-}
+}
+\ No newline at end of file
diff --git a/core/crypto/aegis/aegis_impl_ct64.odin b/core/crypto/aegis/aegis_impl_ct64.odin
index 4813b37ec..15a9b4b3d 100644
--- a/core/crypto/aegis/aegis_impl_ct64.odin
+++ b/core/crypto/aegis/aegis_impl_ct64.odin
@@ -1,8 +1,8 @@
 package aegis
 
+import "core:crypto"
 import aes "core:crypto/_aes/ct64"
 import "core:encoding/endian"
-import "core:mem"
 
 // This uses the bitlsiced 64-bit general purpose register SWAR AES
 // round function.  The intermediate state is stored in interleaved
@@ -324,7 +324,7 @@ dec_sw_256 :: #force_inline proc "contextless" (st: ^State_SW, xi, ci: []byte) #
 @(private = "file")
 dec_partial_sw_128l :: proc "contextless" (st: ^State_SW, xn, cn: []byte) #no_bounds_check {
 	tmp: [_RATE_128L]byte
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	z0_0, z0_1, z1_0, z1_1 := z_sw_128l(st)
 	copy(tmp[:], cn)
@@ -349,7 +349,7 @@ dec_partial_sw_128l :: proc "contextless" (st: ^State_SW, xn, cn: []byte) #no_bo
 @(private = "file")
 dec_partial_sw_256 :: proc "contextless" (st: ^State_SW, xn, cn: []byte) #no_bounds_check {
 	tmp: [_RATE_256]byte
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	z_0, z_1 := z_sw_256(st)
 	copy(tmp[:], cn)
@@ -448,5 +448,5 @@ finalize_sw :: proc "contextless" (st: ^State_SW, tag: []byte, ad_len, msg_len:
 
 @(private)
 reset_state_sw :: proc "contextless" (st: ^State_SW) {
-	mem.zero_explicit(st, size_of(st^))
+	crypto.zero_explicit(st, size_of(st^))
 }
diff --git a/core/crypto/aegis/aegis_impl_hw_intel.odin b/core/crypto/aegis/aegis_impl_hw_intel.odin
index 5334f3258..7673b6b28 100644
--- a/core/crypto/aegis/aegis_impl_hw_intel.odin
+++ b/core/crypto/aegis/aegis_impl_hw_intel.odin
@@ -2,9 +2,9 @@
 package aegis
 
 import "base:intrinsics"
+import "core:crypto"
 import "core:crypto/aes"
 import "core:encoding/endian"
-import "core:mem"
 import "core:simd/x86"
 
 @(private)
@@ -261,7 +261,7 @@ dec_hw_256 :: #force_inline proc "contextless" (st: ^State_HW, xi, ci: []byte) #
 @(private = "file", enable_target_feature = "sse2,aes")
 dec_partial_hw_128l :: #force_inline proc "contextless" (st: ^State_HW, xn, cn: []byte) #no_bounds_check {
 	tmp: [_RATE_128L]byte
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	z0, z1 := z_hw_128l(st)
 	copy(tmp[:], cn)
@@ -286,7 +286,7 @@ dec_partial_hw_128l :: #force_inline proc "contextless" (st: ^State_HW, xn, cn:
 @(private = "file", enable_target_feature = "sse2,aes")
 dec_partial_hw_256 :: #force_inline proc "contextless" (st: ^State_HW, xn, cn: []byte) #no_bounds_check {
 	tmp: [_RATE_256]byte
-	defer mem.zero_explicit(&tmp, size_of(tmp))
+	defer crypto.zero_explicit(&tmp, size_of(tmp))
 
 	z := z_hw_256(st)
 	copy(tmp[:], cn)
@@ -385,5 +385,5 @@ finalize_hw :: proc "contextless" (st: ^State_HW, tag: []byte, ad_len, msg_len:
 
 @(private)
 reset_state_hw :: proc "contextless" (st: ^State_HW) {
-	mem.zero_explicit(st, size_of(st^))
+	crypto.zero_explicit(st, size_of(st^))
 }
diff --git a/core/crypto/aes/aes_ctr.odin b/core/crypto/aes/aes_ctr.odin
index a74133235..9d7a0b80b 100644
--- a/core/crypto/aes/aes_ctr.odin
+++ b/core/crypto/aes/aes_ctr.odin
@@ -4,7 +4,6 @@ import "core:bytes"
 import "core:crypto/_aes/ct64"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 // CTR_IV_SIZE is the size of the CTR mode IV in bytes.
 CTR_IV_SIZE :: 16
@@ -117,7 +116,7 @@ reset_ctr :: proc "contextless" (ctx: ^Context_CTR) {
 	ctx._off = 0
 	ctx._ctr_hi = 0
 	ctx._ctr_lo = 0
-	mem.zero_explicit(&ctx._buffer, size_of(ctx._buffer))
+	zero_explicit(&ctx._buffer, size_of(ctx._buffer))
 	ctx._is_initialized = false
 }
 
@@ -172,7 +171,7 @@ ctr_blocks :: proc(ctx: ^Context_CTR, dst, src: []byte, nr_blocks: int) #no_boun
 	// Write back the counter.
 	ctx._ctr_hi, ctx._ctr_lo = ctr_hi, ctr_lo
 
-	mem.zero_explicit(&tmp, size_of(tmp))
+	zero_explicit(&tmp, size_of(tmp))
 }
 
 @(private)
diff --git a/core/crypto/aes/aes_ctr_hw_intel.odin b/core/crypto/aes/aes_ctr_hw_intel.odin
index 415758b24..f30122c86 100644
--- a/core/crypto/aes/aes_ctr_hw_intel.odin
+++ b/core/crypto/aes/aes_ctr_hw_intel.odin
@@ -4,7 +4,6 @@ package aes
 import "base:intrinsics"
 import "core:crypto/_aes"
 import "core:math/bits"
-import "core:mem"
 import "core:simd/x86"
 
 @(private)
@@ -130,8 +129,8 @@ ctr_blocks_hw :: proc(ctx: ^Context_CTR, dst, src: []byte, nr_blocks: int) #no_b
 	// Write back the counter.
 	ctx._ctr_hi, ctx._ctr_lo = ctr_hi, ctr_lo
 
-	mem.zero_explicit(&blks, size_of(blks))
-	mem.zero_explicit(&sks, size_of(sks))
+	zero_explicit(&blks, size_of(blks))
+	zero_explicit(&sks, size_of(sks))
 }
 
 @(private, enable_target_feature = "sse2")
diff --git a/core/crypto/aes/aes_gcm.odin b/core/crypto/aes/aes_gcm.odin
index d349aa353..bb87788ac 100644
--- a/core/crypto/aes/aes_gcm.odin
+++ b/core/crypto/aes/aes_gcm.odin
@@ -5,7 +5,6 @@ import "core:crypto"
 import "core:crypto/_aes"
 import "core:crypto/_aes/ct64"
 import "core:encoding/endian"
-import "core:mem"
 
 // GCM_IV_SIZE is the default size of the GCM IV in bytes.
 GCM_IV_SIZE :: 12
@@ -59,9 +58,9 @@ seal_gcm :: proc(ctx: ^Context_GCM, dst, tag, iv, aad, plaintext: []byte) {
 	final_ghash_ct64(&s, &h, &j0_enc, len(aad), len(plaintext))
 	copy(tag, s[:])
 
-	mem.zero_explicit(&h, len(h))
-	mem.zero_explicit(&j0, len(j0))
-	mem.zero_explicit(&j0_enc, len(j0_enc))
+	zero_explicit(&h, len(h))
+	zero_explicit(&j0, len(j0))
+	zero_explicit(&j0_enc, len(j0_enc))
 }
 
 // open_gcm authenticates the aad and ciphertext, and decrypts the ciphertext,
@@ -94,13 +93,13 @@ open_gcm :: proc(ctx: ^Context_GCM, dst, iv, aad, ciphertext, tag: []byte) -> bo
 
 	ok := crypto.compare_constant_time(s[:], tag) == 1
 	if !ok {
-		mem.zero_explicit(raw_data(dst), len(dst))
+		zero_explicit(raw_data(dst), len(dst))
 	}
 
-	mem.zero_explicit(&h, len(h))
-	mem.zero_explicit(&j0, len(j0))
-	mem.zero_explicit(&j0_enc, len(j0_enc))
-	mem.zero_explicit(&s, len(s))
+	zero_explicit(&h, len(h))
+	zero_explicit(&j0, len(j0))
+	zero_explicit(&j0_enc, len(j0_enc))
+	zero_explicit(&s, len(s))
 
 	return ok
 }
@@ -249,6 +248,6 @@ gctr_ct64 :: proc(
 		}
 	}
 
-	mem.zero_explicit(&tmp, size_of(tmp))
-	mem.zero_explicit(&tmp2, size_of(tmp2))
+	zero_explicit(&tmp, size_of(tmp))
+	zero_explicit(&tmp2, size_of(tmp2))
 }
diff --git a/core/crypto/aes/aes_gcm_hw_intel.odin b/core/crypto/aes/aes_gcm_hw_intel.odin
index 3982d1452..c6e564773 100644
--- a/core/crypto/aes/aes_gcm_hw_intel.odin
+++ b/core/crypto/aes/aes_gcm_hw_intel.odin
@@ -6,7 +6,6 @@ import "core:crypto"
 import "core:crypto/_aes"
 import "core:crypto/_aes/hw_intel"
 import "core:encoding/endian"
-import "core:mem"
 import "core:simd/x86"
 
 @(private)
@@ -23,9 +22,9 @@ gcm_seal_hw :: proc(ctx: ^Context_Impl_Hardware, dst, tag, iv, aad, plaintext: [
 	final_ghash_hw(&s, &h, &j0_enc, len(aad), len(plaintext))
 	copy(tag, s[:])
 
-	mem.zero_explicit(&h, len(h))
-	mem.zero_explicit(&j0, len(j0))
-	mem.zero_explicit(&j0_enc, len(j0_enc))
+	zero_explicit(&h, len(h))
+	zero_explicit(&j0, len(j0))
+	zero_explicit(&j0_enc, len(j0_enc))
 }
 
 @(private)
@@ -42,13 +41,13 @@ gcm_open_hw :: proc(ctx: ^Context_Impl_Hardware, dst, iv, aad, ciphertext, tag:
 
 	ok := crypto.compare_constant_time(s[:], tag) == 1
 	if !ok {
-		mem.zero_explicit(raw_data(dst), len(dst))
+		zero_explicit(raw_data(dst), len(dst))
 	}
 
-	mem.zero_explicit(&h, len(h))
-	mem.zero_explicit(&j0, len(j0))
-	mem.zero_explicit(&j0_enc, len(j0_enc))
-	mem.zero_explicit(&s, len(s))
+	zero_explicit(&h, len(h))
+	zero_explicit(&j0, len(j0))
+	zero_explicit(&j0_enc, len(j0_enc))
+	zero_explicit(&s, len(s))
 
 	return ok
 }
@@ -228,8 +227,8 @@ gctr_hw :: proc(
 		n -= l
 	}
 
-	mem.zero_explicit(&blks, size_of(blks))
-	mem.zero_explicit(&sks, size_of(sks))
+	zero_explicit(&blks, size_of(blks))
+	zero_explicit(&sks, size_of(sks))
 }
 
 // BUG: Sticking this in gctr_hw (like the other implementations) crashes
diff --git a/core/crypto/aes/aes_impl.odin b/core/crypto/aes/aes_impl.odin
index f26874809..b95abfaf0 100644
--- a/core/crypto/aes/aes_impl.odin
+++ b/core/crypto/aes/aes_impl.odin
@@ -1,9 +1,11 @@
 package aes
 
+import "core:crypto"
 import "core:crypto/_aes/ct64"
-import "core:mem"
 import "core:reflect"
 
+zero_explicit :: crypto.zero_explicit
+
 @(private)
 Context_Impl :: union {
 	ct64.Context,
@@ -41,5 +43,5 @@ init_impl :: proc(ctx: ^Context_Impl, key: []byte, impl: Implementation) {
 
 @(private)
 reset_impl :: proc "contextless" (ctx: ^Context_Impl) {
-	mem.zero_explicit(ctx, size_of(Context_Impl))
-}
+	zero_explicit(ctx, size_of(Context_Impl))
+}
+\ No newline at end of file
diff --git a/core/crypto/chacha20/chacha20.odin b/core/crypto/chacha20/chacha20.odin
index a91c6a24a..91f22f744 100644
--- a/core/crypto/chacha20/chacha20.odin
+++ b/core/crypto/chacha20/chacha20.odin
@@ -8,8 +8,8 @@ See:
 package chacha20
 
 import "core:bytes"
+import "core:crypto"
 import "core:crypto/_chacha20"
-import "core:mem"
 
 // KEY_SIZE is the (X)ChaCha20 key size in bytes.
 KEY_SIZE :: _chacha20.KEY_SIZE
@@ -50,7 +50,7 @@ init :: proc(ctx: ^Context, key, iv: []byte, impl := DEFAULT_IMPLEMENTATION) {
 		// The sub-key is stored in the keystream buffer.  While
 		// this will be overwritten in most circumstances, explicitly
 		// clear it out early.
-		mem.zero_explicit(&ctx._state._buffer, KEY_SIZE)
+		crypto.zero_explicit(&ctx._state._buffer, KEY_SIZE)
 	}
 }
 
diff --git a/core/crypto/chacha20poly1305/chacha20poly1305.odin b/core/crypto/chacha20poly1305/chacha20poly1305.odin
index 9840d357e..0504acab0 100644
--- a/core/crypto/chacha20poly1305/chacha20poly1305.odin
+++ b/core/crypto/chacha20poly1305/chacha20poly1305.odin
@@ -13,7 +13,6 @@ import "core:crypto"
 import "core:crypto/chacha20"
 import "core:crypto/poly1305"
 import "core:encoding/endian"
-import "core:mem"
 
 // KEY_SIZE is the chacha20poly1305 key size in bytes.
 KEY_SIZE :: chacha20.KEY_SIZE
@@ -103,7 +102,7 @@ seal :: proc(ctx: ^Context, dst, tag, iv, aad, plaintext: []byte) {
 	chacha20.keystream_bytes(&stream_ctx, otk[:])
 	mac_ctx: poly1305.Context = ---
 	poly1305.init(&mac_ctx, otk[:])
-	mem.zero_explicit(&otk, size_of(otk))
+	crypto.zero_explicit(&otk, size_of(otk))
 
 	aad_len, ciphertext_len := len(aad), len(ciphertext)
 
@@ -164,7 +163,7 @@ open :: proc(ctx: ^Context, dst, iv, aad, ciphertext, tag: []byte) -> bool {
 
 	mac_ctx: poly1305.Context = ---
 	poly1305.init(&mac_ctx, otk[:])
-	defer mem.zero_explicit(&otk, size_of(otk))
+	defer crypto.zero_explicit(&otk, size_of(otk))
 
 	aad_len, ciphertext_len := len(aad), len(ciphertext)
 
@@ -188,7 +187,7 @@ open :: proc(ctx: ^Context, dst, iv, aad, ciphertext, tag: []byte) -> bool {
 	// Validate the tag in constant time.
 	if crypto.compare_constant_time(tag, derived_tag) != 1 {
 		// Zero out the plaintext, as a defense in depth measure.
-		mem.zero_explicit(raw_data(plaintext), ciphertext_len)
+		crypto.zero_explicit(raw_data(plaintext), ciphertext_len)
 		return false
 	}
 
@@ -202,7 +201,7 @@ open :: proc(ctx: ^Context, dst, iv, aad, ciphertext, tag: []byte) -> bool {
 // reset sanitizes the Context.  The Context must be
 // re-initialized to be used again.
 reset :: proc "contextless" (ctx: ^Context) {
-	mem.zero_explicit(&ctx._key, len(ctx._key))
+	crypto.zero_explicit(&ctx._key, len(ctx._key))
 	ctx._is_xchacha = false
 	ctx._is_initialized = false
 }
diff --git a/core/crypto/crypto.odin b/core/crypto/crypto.odin
index 3fb369a54..b36bc2004 100644
--- a/core/crypto/crypto.odin
+++ b/core/crypto/crypto.odin
@@ -1,9 +1,9 @@
 // A selection of cryptography algorithms and useful helper routines.
 package crypto
 
+import "base:intrinsics"
 import "base:runtime"
 import subtle "core:crypto/_subtle"
-import "core:mem"
 
 // Omit large precomputed tables, trading off performance for size.
 COMPACT_IMPLS: bool : #config(ODIN_CRYPTO_COMPACT, false)
@@ -38,8 +38,8 @@ compare_constant_time :: proc "contextless" (a, b: []byte) -> int {
 // contents of the memory being compared.
 @(optimization_mode="none")
 compare_byte_ptrs_constant_time :: proc "contextless" (a, b: ^byte, n: int) -> int {
-	x := mem.slice_ptr(a, n)
-	y := mem.slice_ptr(b, n)
+	x := ([^]byte)(a)[:n]
+	y := ([^]byte)(b)[:n]
 
 	v: byte
 	for i in 0..<n {
@@ -61,6 +61,41 @@ is_zero_constant_time :: proc "contextless" (b: []byte) -> int {
 	return subtle.byte_eq(0, v)
 }
 
+/*
+Set each byte of a memory range to zero.
+
+This procedure copies the value `0` into the `len` bytes of a memory range,
+starting at address `data`.
+
+This procedure returns the pointer to `data`.
+
+Unlike the `zero()` procedure, which can be optimized away or reordered by the
+compiler under certain circumstances, `zero_explicit()` procedure can not be
+optimized away or reordered with other memory access operations, and the
+compiler assumes volatile semantics of the memory.
+*/
+zero_explicit :: proc "contextless" (data: rawptr, len: int) -> rawptr {
+	// This routine tries to avoid the compiler optimizing away the call,
+	// so that it is always executed.  It is intended to provide
+	// equivalent semantics to those provided by the C11 Annex K 3.7.4.1
+	// memset_s call.
+	intrinsics.mem_zero_volatile(data, len) // Use the volatile mem_zero
+	intrinsics.atomic_thread_fence(.Seq_Cst) // Prevent reordering
+	return data
+}
+
+/*
+Set each byte of a memory range to a specific value.
+
+This procedure copies value specified by the `value` parameter into each of the
+`len` bytes of a memory range, located at address `data`.
+
+This procedure returns the pointer to `data`.
+*/
+set :: proc "contextless" (data: rawptr, value: byte, len: int) -> rawptr {
+	return runtime.memset(data, i32(value), len)
+}
+
 // rand_bytes fills the dst buffer with cryptographic entropy taken from
 // the system entropy source.  This routine will block if the system entropy
 // source is not ready yet.  All system entropy source failures are treated
@@ -70,7 +105,7 @@ is_zero_constant_time :: proc "contextless" (b: []byte) -> int {
 // `HAS_RAND_BYTES` boolean constant.
 rand_bytes :: proc (dst: []byte) {
 	// zero-fill the buffer first
-	mem.zero_explicit(raw_data(dst), len(dst))
+	zero_explicit(raw_data(dst), len(dst))
 
 	runtime.rand_bytes(dst)
 }
diff --git a/core/crypto/deoxysii/deoxysii.odin b/core/crypto/deoxysii/deoxysii.odin
index 3ebcfea30..829d3d3ad 100644
--- a/core/crypto/deoxysii/deoxysii.odin
+++ b/core/crypto/deoxysii/deoxysii.odin
@@ -8,8 +8,8 @@ package deoxysii
 
 import "base:intrinsics"
 import "core:bytes"
+import "core:crypto"
 import "core:crypto/aes"
-import "core:mem"
 import "core:simd"
 
 // KEY_SIZE is the Deoxys-II-256 key size in bytes.
@@ -142,7 +142,7 @@ open :: proc(ctx: ^Context, dst, iv, aad, ciphertext, tag: []byte) -> bool {
 		ok = d_ref(ctx, dst, iv, aad, ciphertext, tag)
 	}
 	if !ok {
-		mem.zero_explicit(raw_data(dst), len(ciphertext))
+		crypto.zero_explicit(raw_data(dst), len(ciphertext))
 	}
 
 	return ok
@@ -151,7 +151,7 @@ open :: proc(ctx: ^Context, dst, iv, aad, ciphertext, tag: []byte) -> bool {
 // reset sanitizes the Context.  The Context must be
 // re-initialized to be used again.
 reset :: proc "contextless" (ctx: ^Context) {
-	mem.zero_explicit(&ctx._subkeys, len(ctx._subkeys))
+	crypto.zero_explicit(&ctx._subkeys, len(ctx._subkeys))
 	ctx._is_initialized = false
 }
 
diff --git a/core/crypto/deoxysii/deoxysii_impl_ct64.odin b/core/crypto/deoxysii/deoxysii_impl_ct64.odin
index c4d0edb03..e95eaa678 100644
--- a/core/crypto/deoxysii/deoxysii_impl_ct64.odin
+++ b/core/crypto/deoxysii/deoxysii_impl_ct64.odin
@@ -4,7 +4,6 @@ import "base:intrinsics"
 import "core:crypto"
 import aes "core:crypto/_aes/ct64"
 import "core:encoding/endian"
-import "core:mem"
 import "core:simd"
 
 // This uses the bitlsiced 64-bit general purpose register SWAR AES
@@ -149,8 +148,8 @@ bc_absorb :: proc "contextless" (
 
 	intrinsics.unaligned_store((^simd.u8x16)(raw_data(dst)), dst_)
 
-	mem.zero_explicit(&tweaks, size_of(tweaks))
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tweaks, size_of(tweaks))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 
 	return stk_block_nr
 }
@@ -214,8 +213,8 @@ bc_encrypt :: proc "contextless" (
 		nr_blocks -= n
 	}
 
-	mem.zero_explicit(&tweaks, size_of(tweaks))
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tweaks, size_of(tweaks))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 
 	return stk_block_nr
 }
@@ -295,13 +294,13 @@ e_ref :: proc "contextless" (ctx: ^Context, dst, tag, iv, aad, plaintext: []byte
 
 		copy(dst[n*BLOCK_SIZE:], m_star[:])
 
-		mem.zero_explicit(&m_star, size_of(m_star))
+		crypto.zero_explicit(&m_star, size_of(m_star))
 	}
 
 	copy(tag, auth[:])
 
-	mem.zero_explicit(&st.q_stk, size_of(st.q_stk))
-	mem.zero_explicit(&st.q_b, size_of(st.q_b))
+	crypto.zero_explicit(&st.q_stk, size_of(st.q_stk))
+	crypto.zero_explicit(&st.q_b, size_of(st.q_b))
 }
 
 @(private, require_results)
@@ -336,7 +335,7 @@ d_ref :: proc "contextless" (ctx: ^Context, dst, iv, aad, ciphertext, tag: []byt
 
 		copy(dst[n*BLOCK_SIZE:], m_star[:])
 
-		mem.zero_explicit(&m_star, size_of(m_star))
+		crypto.zero_explicit(&m_star, size_of(m_star))
 	}
 
 	// Associated data
@@ -382,7 +381,7 @@ d_ref :: proc "contextless" (ctx: ^Context, dst, iv, aad, ciphertext, tag: []byt
 
 		_ = bc_absorb(&st, auth[:], m_star[:], PREFIX_MSG_FINAL, n)
 
-		mem.zero_explicit(&m_star, size_of(m_star))
+		crypto.zero_explicit(&m_star, size_of(m_star))
 	}
 	bc_final(&st, auth[:], iv)
 
@@ -391,9 +390,9 @@ d_ref :: proc "contextless" (ctx: ^Context, dst, iv, aad, ciphertext, tag: []byt
 	// else return false
 	ok := crypto.compare_constant_time(auth[:], tag) == 1
 
-	mem.zero_explicit(&auth, size_of(auth))
-	mem.zero_explicit(&st.q_stk, size_of(st.q_stk))
-	mem.zero_explicit(&st.q_b, size_of(st.q_b))
+	crypto.zero_explicit(&auth, size_of(auth))
+	crypto.zero_explicit(&st.q_stk, size_of(st.q_stk))
+	crypto.zero_explicit(&st.q_b, size_of(st.q_b))
 
 	return ok
-}
+}
+\ No newline at end of file
diff --git a/core/crypto/deoxysii/deoxysii_impl_hw_intel.odin b/core/crypto/deoxysii/deoxysii_impl_hw_intel.odin
index d268009a2..cdad16f42 100644
--- a/core/crypto/deoxysii/deoxysii_impl_hw_intel.odin
+++ b/core/crypto/deoxysii/deoxysii_impl_hw_intel.odin
@@ -4,7 +4,6 @@ package deoxysii
 import "base:intrinsics"
 import "core:crypto"
 import "core:crypto/aes"
-import "core:mem"
 import "core:simd"
 import "core:simd/x86"
 
@@ -374,7 +373,7 @@ d_hw :: proc "contextless" (ctx: ^Context, dst, iv, aad, ciphertext, tag: []byte
 
 		copy(dst[n*BLOCK_SIZE:], m_star[:])
 
-		mem.zero_explicit(&m_star, size_of(m_star))
+		crypto.zero_explicit(&m_star, size_of(m_star))
 	}
 
 	// Associated data
@@ -428,7 +427,7 @@ d_hw :: proc "contextless" (ctx: ^Context, dst, iv, aad, ciphertext, tag: []byte
 	intrinsics.unaligned_store((^x86.__m128i)(raw_data(&tmp)), auth)
 	ok := crypto.compare_constant_time(tmp[:], tag) == 1
 
-	mem.zero_explicit(&tmp, size_of(tmp))
+	crypto.zero_explicit(&tmp, size_of(tmp))
 
 	return ok
 }
diff --git a/core/crypto/ecdh/ecdh.odin b/core/crypto/ecdh/ecdh.odin
index 80ef3f704..15dba335c 100644
--- a/core/crypto/ecdh/ecdh.odin
+++ b/core/crypto/ecdh/ecdh.odin
@@ -4,7 +4,6 @@ import "core:crypto"
 import secec "core:crypto/_weierstrass"
 import "core:crypto/x25519"
 import "core:crypto/x448"
-import "core:mem"
 import "core:reflect"
 
 // Note: For these primitives scalar size = point size
@@ -125,7 +124,7 @@ private_key_generate :: proc(priv_key: ^Private_Key, curve: Curve) -> bool {
 
 		// 384-bits reduced makes the modulo bias insignificant
 		b: [48]byte = ---
-		defer (mem.zero_explicit(&b, size_of(b)))
+		defer (crypto.zero_explicit(&b, size_of(b)))
 		for {
 			crypto.rand_bytes(b[:])
 			_ = secec.sc_set_bytes(sc, b[:])
@@ -137,7 +136,7 @@ private_key_generate :: proc(priv_key: ^Private_Key, curve: Curve) -> bool {
 		sc := &priv_key._impl.(secec.Scalar_p384r1)
 
 		b: [48]byte = ---
-		defer (mem.zero_explicit(&b, size_of(b)))
+		defer (crypto.zero_explicit(&b, size_of(b)))
 		for {
 			crypto.rand_bytes(b[:])
 			did_reduce := secec.sc_set_bytes(sc, b[:])
@@ -292,7 +291,7 @@ private_key_equal :: proc(p, q: ^Private_Key) -> bool {
 
 // private_key_clear clears priv_key to the uninitialized state.
 private_key_clear :: proc "contextless" (priv_key: ^Private_Key) {
-	mem.zero_explicit(priv_key, size_of(Private_Key))
+	crypto.zero_explicit(priv_key, size_of(Private_Key))
 }
 
 // public_key_set_bytes decodes a byte-encoded public key, and returns
@@ -412,7 +411,7 @@ public_key_equal :: proc(p, q: ^Public_Key) -> bool {
 
 // public_key_clear clears pub_key to the uninitialized state.
 public_key_clear :: proc "contextless" (pub_key: ^Public_Key) {
-	mem.zero_explicit(pub_key, size_of(Public_Key))
+	crypto.zero_explicit(pub_key, size_of(Public_Key))
 }
 
 // ecdh performs an Elliptic Curve Diffie-Hellman key exchange betwween
diff --git a/core/crypto/ed25519/ed25519.odin b/core/crypto/ed25519/ed25519.odin
index f6a71d888..90875c207 100644
--- a/core/crypto/ed25519/ed25519.odin
+++ b/core/crypto/ed25519/ed25519.odin
@@ -11,7 +11,6 @@ package ed25519
 import "core:crypto"
 import grp "core:crypto/_edwards25519"
 import "core:crypto/sha2"
-import "core:mem"
 
 // PRIVATE_KEY_SIZE is the byte-encoded private key size.
 PRIVATE_KEY_SIZE :: 32
@@ -89,7 +88,7 @@ private_key_bytes :: proc(priv_key: ^Private_Key, dst: []byte) {
 
 // private_key_clear clears priv_key to the uninitialized state.
 private_key_clear :: proc "contextless" (priv_key: ^Private_Key) {
-	mem.zero_explicit(priv_key, size_of(Private_Key))
+	crypto.zero_explicit(priv_key, size_of(Private_Key))
 }
 
 // sign writes the signature by priv_key over msg to sig.
diff --git a/core/crypto/hash/hash.odin b/core/crypto/hash/hash.odin
index ecb33b9d0..31f07ac72 100644
--- a/core/crypto/hash/hash.odin
+++ b/core/crypto/hash/hash.odin
@@ -8,8 +8,8 @@ package crypto_hash
 		zhibog, dotbmp:  Initial implementation.
 */
 
+import "core:crypto"
 import "core:io"
-import "core:mem"
 
 // hash_bytes will hash the given input and return the computed digest
 // in a newly allocated slice.
@@ -61,7 +61,7 @@ hash_stream :: proc(
 	ctx: Context
 
 	buf: [MAX_BLOCK_SIZE * 4]byte
-	defer mem.zero_explicit(&buf, size_of(buf))
+	defer crypto.zero_explicit(&buf, size_of(buf))
 
 	init(&ctx, algorithm)
 
diff --git a/core/crypto/hkdf/hkdf.odin b/core/crypto/hkdf/hkdf.odin
index b3a6bf303..b2b515676 100644
--- a/core/crypto/hkdf/hkdf.odin
+++ b/core/crypto/hkdf/hkdf.odin
@@ -5,9 +5,9 @@ See: [[ https://www.rfc-editor.org/rfc/rfc5869 ]]
 */
 package hkdf
 
+import "core:crypto"
 import "core:crypto/hash"
 import "core:crypto/hmac"
-import "core:mem"
 
 // extract_and_expand derives output keying material (OKM) via the
 // HKDF-Extract and HKDF-Expand algorithms, with the specified has
@@ -18,7 +18,7 @@ extract_and_expand :: proc(algorithm: hash.Algorithm, salt, ikm, info, dst: []by
 
 	tmp: [hash.MAX_DIGEST_SIZE]byte
 	prk := tmp[:h_len]
-	defer mem.zero_explicit(raw_data(prk), h_len)
+	defer crypto.zero_explicit(raw_data(prk), h_len)
 
 	extract(algorithm, salt, ikm, prk)
 	expand(algorithm, prk, info, dst)
@@ -83,7 +83,7 @@ expand :: proc(algorithm: hash.Algorithm, prk, info, dst: []byte) {
 	if r > 0 {
 		tmp: [hash.MAX_DIGEST_SIZE]byte
 		blk := tmp[:h_len]
-		defer mem.zero_explicit(raw_data(blk), h_len)
+		defer crypto.zero_explicit(raw_data(blk), h_len)
 
 		_F(&base, prev, info, n + 1, blk)
 		copy(dst_blk, blk)
diff --git a/core/crypto/hmac/hmac.odin b/core/crypto/hmac/hmac.odin
index 1427baf34..d28c03b5b 100644
--- a/core/crypto/hmac/hmac.odin
+++ b/core/crypto/hmac/hmac.odin
@@ -8,7 +8,6 @@ package hmac
 
 import "core:crypto"
 import "core:crypto/hash"
-import "core:mem"
 
 // sum will compute the HMAC with the specified algorithm and key
 // over msg, and write the computed tag to dst.  It requires that
@@ -126,7 +125,7 @@ _init_hashes :: proc(ctx: ^Context, algorithm: hash.Algorithm, key: []byte) {
 	kLen := len(key)
 	B := hash.BLOCK_SIZES[algorithm]
 	K0 := K0_buf[:B]
-	defer mem.zero_explicit(raw_data(K0), B)
+	defer crypto.zero_explicit(raw_data(K0), B)
 
 	switch {
 	case kLen == B, kLen < B:
@@ -157,7 +156,7 @@ _init_hashes :: proc(ctx: ^Context, algorithm: hash.Algorithm, key: []byte) {
 	hash.init(&ctx._i_hash, algorithm)
 
 	kPad := kPad_buf[:B]
-	defer mem.zero_explicit(raw_data(kPad), B)
+	defer crypto.zero_explicit(raw_data(kPad), B)
 
 	for v, i in K0 {
 		kPad[i] = v ~ _I_PAD
diff --git a/core/crypto/legacy/md5/md5.odin b/core/crypto/legacy/md5/md5.odin
index d9d74d498..399a789ed 100644
--- a/core/crypto/legacy/md5/md5.odin
+++ b/core/crypto/legacy/md5/md5.odin
@@ -18,9 +18,9 @@ package md5
         zhibog, dotbmp:  Initial implementation.
 */
 
+import "core:crypto"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 // DIGEST_SIZE is the MD5 digest size in bytes.
 DIGEST_SIZE :: 16
@@ -100,7 +100,7 @@ final :: proc(ctx: ^Context, hash: []byte, finalize_clone: bool = false) {
 			i += 1
 		}
 		transform(ctx, ctx.data[:])
-		mem.set(&ctx.data, 0, 56)
+		crypto.set(&ctx.data, 0, 56)
 	}
 
 	ctx.bitlen += u64(ctx.datalen * 8)
@@ -124,7 +124,7 @@ reset :: proc(ctx: ^$T) {
 		return
 	}
 
-	mem.zero_explicit(ctx, size_of(ctx^))
+	crypto.zero_explicit(ctx, size_of(ctx^))
 }
 
 /*
diff --git a/core/crypto/legacy/sha1/sha1.odin b/core/crypto/legacy/sha1/sha1.odin
index 35b228f69..f9adcc3d1 100644
--- a/core/crypto/legacy/sha1/sha1.odin
+++ b/core/crypto/legacy/sha1/sha1.odin
@@ -19,9 +19,9 @@ package sha1
         zhibog, dotbmp:  Initial implementation.
 */
 
+import "core:crypto"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 // DIGEST_SIZE is the SHA1 digest size in bytes.
 DIGEST_SIZE :: 20
@@ -107,7 +107,7 @@ final :: proc(ctx: ^Context, hash: []byte, finalize_clone: bool = false) {
 			i += 1
 		}
 		transform(ctx, ctx.data[:])
-		mem.set(&ctx.data, 0, 56)
+		crypto.set(&ctx.data, 0, 56)
 	}
 
 	ctx.bitlen += u64(ctx.datalen * 8)
@@ -131,7 +131,7 @@ reset :: proc(ctx: ^$T) {
 		return
 	}
 
-	mem.zero_explicit(ctx, size_of(ctx^))
+	crypto.zero_explicit(ctx, size_of(ctx^))
 }
 
 /*
diff --git a/core/crypto/pbkdf2/pbkdf2.odin b/core/crypto/pbkdf2/pbkdf2.odin
index c96855b9c..9d8394031 100644
--- a/core/crypto/pbkdf2/pbkdf2.odin
+++ b/core/crypto/pbkdf2/pbkdf2.odin
@@ -5,10 +5,10 @@ See: [[ https://www.rfc-editor.org/rfc/rfc2898 ]]
 */
 package pbkdf2
 
+import "core:crypto"
 import "core:crypto/hash"
 import "core:crypto/hmac"
 import "core:encoding/endian"
-import "core:mem"
 
 // derive invokes PBKDF2-HMAC with the specified hash algorithm, password,
 // salt, iteration count, and outputs the derived key to dst.
@@ -71,7 +71,7 @@ derive :: proc(
 	if r > 0 {
 		tmp: [hash.MAX_DIGEST_SIZE]byte
 		blk := tmp[:h_len]
-		defer mem.zero_explicit(raw_data(blk), h_len)
+		defer crypto.zero_explicit(raw_data(blk), h_len)
 
 		_F(&base, salt, iterations, u32(l + 1), blk)
 		copy(dst_blk, blk)
@@ -84,7 +84,7 @@ _F :: proc(base: ^hmac.Context, salt: []byte, c: u32, i: u32, dst_blk: []byte) {
 
 	tmp: [hash.MAX_DIGEST_SIZE]byte
 	u := tmp[:h_len]
-	defer mem.zero_explicit(raw_data(u), h_len)
+	defer crypto.zero_explicit(raw_data(u), h_len)
 
 	// F (P, S, c, i) = U_1 \xor U_2 \xor ... \xor U_c
 	//
diff --git a/core/crypto/poly1305/poly1305.odin b/core/crypto/poly1305/poly1305.odin
index d90f2ad54..69e2e3ad3 100644
--- a/core/crypto/poly1305/poly1305.odin
+++ b/core/crypto/poly1305/poly1305.odin
@@ -10,7 +10,6 @@ import "core:crypto"
 import field "core:crypto/_fiat/field_poly1305"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 // KEY_SIZE is the Poly1305 key size in bytes.
 KEY_SIZE :: 32
@@ -155,10 +154,10 @@ final :: proc(ctx: ^Context, dst: []byte) {
 // reset sanitizes the Context.  The Context must be re-initialized to
 // be used again.
 reset :: proc(ctx: ^Context) {
-	mem.zero_explicit(&ctx._r, size_of(ctx._r))
-	mem.zero_explicit(&ctx._a, size_of(ctx._a))
-	mem.zero_explicit(&ctx._s, size_of(ctx._s))
-	mem.zero_explicit(&ctx._buffer, size_of(ctx._buffer))
+	crypto.zero_explicit(&ctx._r, size_of(ctx._r))
+	crypto.zero_explicit(&ctx._a, size_of(ctx._a))
+	crypto.zero_explicit(&ctx._s, size_of(ctx._s))
+	crypto.zero_explicit(&ctx._buffer, size_of(ctx._buffer))
 
 	ctx._is_initialized = false
 }
diff --git a/core/crypto/ristretto255/ristretto255.odin b/core/crypto/ristretto255/ristretto255.odin
index 78bf45c28..3724aee7a 100644
--- a/core/crypto/ristretto255/ristretto255.odin
+++ b/core/crypto/ristretto255/ristretto255.odin
@@ -6,9 +6,9 @@ See:
 */
 package ristretto255
 
+import "core:crypto"
 import grp "core:crypto/_edwards25519"
 import field "core:crypto/_fiat/field_curve25519"
-import "core:mem"
 
 // ELEMENT_SIZE is the size of a byte-encoded ristretto255 group element.
 ELEMENT_SIZE :: 32
@@ -71,7 +71,7 @@ Group_Element :: struct {
 
 // ge_clear clears ge to the uninitialized state.
 ge_clear :: proc "contextless" (ge: ^Group_Element) {
-	mem.zero_explicit(ge, size_of(Group_Element))
+	crypto.zero_explicit(ge, size_of(Group_Element))
 }
 
 // ge_set sets `ge = a`.
diff --git a/core/crypto/sha2/sha2.odin b/core/crypto/sha2/sha2.odin
index 0b34cd6a1..36fa4aa02 100644
--- a/core/crypto/sha2/sha2.odin
+++ b/core/crypto/sha2/sha2.odin
@@ -15,9 +15,9 @@ package sha2
         zhibog, dotbmp:  Initial implementation.
 */
 
+@(require) import "core:crypto"
 @(require) import "core:encoding/endian"
 import "core:math/bits"
-@(require) import "core:mem"
 
 // DIGEST_SIZE_224 is the SHA-224 digest size in bytes.
 DIGEST_SIZE_224 :: 28
@@ -260,7 +260,7 @@ reset :: proc(ctx: ^$T) {
 		return
 	}
 
-	mem.zero_explicit(ctx, size_of(ctx^))
+	crypto.zero_explicit(ctx, size_of(ctx^))
 }
 
 /*
diff --git a/core/crypto/sm3/sm3.odin b/core/crypto/sm3/sm3.odin
index 186331d92..ac38ca417 100644
--- a/core/crypto/sm3/sm3.odin
+++ b/core/crypto/sm3/sm3.odin
@@ -14,9 +14,9 @@ package sm3
         zhibog, dotbmp:  Initial implementation.
 */
 
+import "core:crypto"
 import "core:encoding/endian"
 import "core:math/bits"
-import "core:mem"
 
 // DIGEST_SIZE is the SM3 digest size in bytes.
 DIGEST_SIZE :: 32
@@ -126,7 +126,7 @@ reset :: proc(ctx: ^Context) {
 		return
 	}
 
-	mem.zero_explicit(ctx, size_of(ctx^))
+	crypto.zero_explicit(ctx, size_of(ctx^))
 }
 
 /*
diff --git a/core/crypto/x25519/x25519.odin b/core/crypto/x25519/x25519.odin
index 2d7aa4153..6268a882d 100644
--- a/core/crypto/x25519/x25519.odin
+++ b/core/crypto/x25519/x25519.odin
@@ -9,7 +9,6 @@ package x25519
 import "core:crypto"
 import ed "core:crypto/_edwards25519"
 import field "core:crypto/_fiat/field_curve25519"
-import "core:mem"
 
 // SCALAR_SIZE is the size of a X25519 scalar (private key) in bytes.
 SCALAR_SIZE :: 32
@@ -119,7 +118,7 @@ scalarmult :: proc(dst, scalar, point: []byte) {
 	d := (^[32]byte)(raw_data(dst))
 	_scalarmult(d, &e, p)
 
-	mem.zero_explicit(&e, size_of(e))
+	crypto.zero_explicit(&e, size_of(e))
 }
 
 // scalarmult_basepoint "multiplies" the provided scalar with the X25519
diff --git a/core/crypto/x448/x448.odin b/core/crypto/x448/x448.odin
index 75693e055..f2cbaadec 100644
--- a/core/crypto/x448/x448.odin
+++ b/core/crypto/x448/x448.odin
@@ -6,8 +6,8 @@ See:
 */
 package x448
 
+import "core:crypto"
 import field "core:crypto/_fiat/field_curve448"
-import "core:mem"
 
 // SCALAR_SIZE is the size of a X448 scalar (private key) in bytes.
 SCALAR_SIZE :: 56
@@ -143,8 +143,8 @@ scalarmult :: proc(dst, scalar, point: []byte) {
 	_scalarmult(&d, &e, &p)
 	copy_slice(dst, d[:])
 
-	mem.zero_explicit(&e, size_of(e))
-	mem.zero_explicit(&d, size_of(d))
+	crypto.zero_explicit(&e, size_of(e))
+	crypto.zero_explicit(&d, size_of(d))
 }
 
 // scalarmult_basepoint "multiplies" the provided scalar with the X448