Implement Zeroize on exported types

author: Elichai Turkel <elichai.turkel@gmail.com> 2023-06-06 18:06:17 +0300
committer: Jack O'Connor <oconnor663@gmail.com> 2023-07-16 13:29:47 -0400
commit: 8e92fc6929a984508fc542b99bac302439cba0fb (patch)
tree: 5df07a057c1f1a3bb2ab2a9f7febec1f2258bfec
parent: 760ed6a8bfef14cfff7432dd21235627d6e42c47 (diff)
2 files changed, 15 insertions, 1 deletions
diff --git a/Cargo.toml b/Cargo.toml
index 8df1387..7c2e7a3 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -77,17 +77,20 @@ no_avx2 = []
 no_avx512 = []
 no_neon = []
 
+zeroize = ["zeroize_crate", "arrayvec/zeroize"]
+
 [package.metadata.docs.rs]
 # Document Hasher::update_rayon on docs.rs.
 features = ["rayon"]
 
 [dependencies]
 arrayref = "0.3.5"
-arrayvec = { version = "0.7.0", default-features = false }
+arrayvec = { version = "0.7.4", default-features = false }
 constant_time_eq = "0.3.0"
 rayon = { version = "1.2.1", optional = true }
 cfg-if = "1.0.0"
 digest = { version = "0.10.1", features = [ "mac" ], optional = true }
+zeroize_crate = { package = "zeroize", version = "1", default-features = false, features = ["zeroize_derive"], optional = true }
 
 [dev-dependencies]
 hex = "0.4.2"
diff --git a/src/lib.rs b/src/lib.rs
index ac61fb2..e2a4d9c 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -67,6 +67,10 @@
 
 #![cfg_attr(not(feature = "std"), no_std)]
 
+#[cfg(feature = "zeroize")]
+extern crate zeroize_crate as zeroize; // Needed because `zeroize::Zeroize` assumes the crate is named `zeroize`.
+
+
 #[cfg(test)]
 mod test;
 
@@ -197,6 +201,7 @@ fn counter_high(counter: u64) -> u32 {
 /// [`from_hex`]: #method.from_hex
 /// [`Display`]: https://doc.rust-lang.org/std/fmt/trait.Display.html
 /// [`FromStr`]: https://doc.rust-lang.org/std/str/trait.FromStr.html
+#[cfg_attr(feature = "zeroize", derive(zeroize::Zeroize))]
 #[derive(Clone, Copy, Hash)]
 pub struct Hash([u8; OUT_LEN]);
 
@@ -371,6 +376,7 @@ impl std::error::Error for HexError {}
 // Each chunk or parent node can produce either a 32-byte chaining value or, by
 // setting the ROOT flag, any number of final output bytes. The Output struct
 // captures the state just prior to choosing between those two possibilities.
+#[cfg_attr(feature = "zeroize", derive(zeroize::Zeroize))]
 #[derive(Clone)]
 struct Output {
     input_chaining_value: CVWords,
@@ -378,6 +384,7 @@ struct Output {
     block_len: u8,
     counter: u64,
     flags: u8,
+    #[cfg_attr(feature = "zeroize", zeroize(skip))]
     platform: Platform,
 }
 
@@ -414,6 +421,7 @@ impl Output {
 }
 
 #[derive(Clone)]
+#[cfg_attr(feature = "zeroize", derive(zeroize::Zeroize))]
 struct ChunkState {
     cv: CVWords,
     chunk_counter: u64,
@@ -421,6 +429,7 @@ struct ChunkState {
     buf_len: u8,
     blocks_compressed: u8,
     flags: u8,
+    #[cfg_attr(feature = "zeroize", zeroize(skip))]
     platform: Platform,
 }
 
@@ -942,6 +951,7 @@ fn parent_node_output(
 /// # }
 /// ```
 #[derive(Clone)]
+#[cfg_attr(feature = "zeroize", derive(zeroize::Zeroize))]
 pub struct Hasher {
     key: CVWords,
     chunk_state: ChunkState,
@@ -1366,6 +1376,7 @@ impl std::io::Write for Hasher {
 /// from an unknown position in the output stream to recover its block index. Callers with strong
 /// secret keys aren't affected in practice, but secret offsets are a [design
 /// smell](https://en.wikipedia.org/wiki/Design_smell) in any case.
+#[cfg_attr(feature = "zeroize", derive(zeroize::Zeroize))]
 #[derive(Clone)]
 pub struct OutputReader {
     inner: Output,
author	Elichai Turkel <elichai.turkel@gmail.com>	2023-06-06 18:06:17 +0300
committer	Jack O'Connor <oconnor663@gmail.com>	2023-07-16 13:29:47 -0400
commit	8e92fc6929a984508fc542b99bac302439cba0fb (patch)
tree	5df07a057c1f1a3bb2ab2a9f7febec1f2258bfec
parent	760ed6a8bfef14cfff7432dd21235627d6e42c47 (diff)