kuznyechik not buildable on non-x86 with feature zeroize

[alexanderkjall]

This crate kuznyechik + feature zeroize can only be built on x86_64, it seems to fail on all other arches: https://qa.debian.org/excuses.php?package=rust-kuznyechik

This is the error that we get:

capitol@tone2i386:~/rust/kuznyechik-0.8.1$ cargo build --features zeroize
   Compiling cipher v0.4.4
   Compiling kuznyechik v0.8.1 (/home/capitol/rust/kuznyechik-0.8.1)
error[E0599]: no method named `zeroize` found for array `[GenericArray<u8, UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>>; 10]` in the current scope
  --> src/soft/mod.rs:84:19
   |
84 |         self.keys.zeroize();
   |                   ^^^^^^^ method not found in `[GenericArray<u8, UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>>; 10]`

error[E0599]: no method named `zeroize` found for array `[GenericArray<u8, UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>>; 10]` in the current scope
   --> src/soft/mod.rs:138:19
    |
138 |         self.keys.zeroize();
    |                   ^^^^^^^ method not found in `[GenericArray<u8, UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>>; 10]`

error[E0599]: no method named `zeroize` found for array `[GenericArray<u8, UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>>; 10]` in the current scope
   --> src/soft/mod.rs:208:19
    |
208 |         self.keys.zeroize();
    |                   ^^^^^^^ method not found in `[GenericArray<u8, UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>>; 10]`

warning: unused import: `Zeroize`
 --> src/soft/mod.rs:9:23
  |
9 | use cipher::zeroize::{Zeroize, ZeroizeOnDrop};
  |                       ^^^^^^^
  |
  = note: `#[warn(unused_imports)]` on by default

For more information about this error, try `rustc --explain E0599`.
warning: `kuznyechik` (lib) generated 1 warning
error: could not compile `kuznyechik` due to 3 previous errors; 1 warning emitted

It can be fixed with this patch:

diff --git a/Cargo.toml b/Cargo.toml
index f8132cb..63dfd0b 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -27,6 +27,8 @@ all-features = true
 rustdoc-args = ["--cfg", "docsrs"]
 [dependencies.cipher]
 version = "0.4.2"
+[dependencies.generic-array]
+version = "0.14"
 [dev-dependencies.cipher]
 version = "0.4.2"
 features = ["dev"]
@@ -35,4 +37,4 @@ features = ["dev"]
 version = "0.3.3"

 [features]
-zeroize = ["cipher/zeroize"]
+zeroize = ["cipher/zeroize", "generic-array/zeroize"]

But I think this isn't the right solution, so I'm not sending it as a PR (but can of course if you want me to).

[newpavlov]

I can not reproduce this error by building the crate for aarch64-unknown-linux-gnu. I tried to downgrade generic-array to 0.14.4, build the crate outside of the repository workspace, use Rust 1.66, but no luck. Can you provide reproduction steps which do not rely on the Debian CI setup?

The code in question relies on dereferencing, i.e. it should use Zeroize impl for &mut [u8], not for generic array. I am not sure why de-referencing gets broken on non-x86 targets and why it does not get triggered for simple cargo build.

I guess, enabling generic-array/zeroize should be fine. Alternatively, we could explicitly loop over the arrays.

[newpavlov]

Ah, it looks like the issue was fixed in #311, but we forgot to release it. I will release v0.8.2 shortly.

x86 targets did not trigger the issue because they do not use the software backend.

[newpavlov]

Kuznyechik v0.8.2 is released and should fix the issue.

[alexanderkjall]

Thanks for the quick turnaround and fix :)

And very sorry for not verifying that this reproduces on the current master before opening a ticket about it, I will do better in the future.