Skip to content

Commit ea5e621

Browse files
baloobaloo
committed
digest: use ZeroizeOnDrop of the underlying types
1 parent 3c398ca commit ea5e621

File tree

4 files changed

+48
-24
lines changed

4 files changed

+48
-24
lines changed

Cargo.lock

Lines changed: 1 addition & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,3 +16,6 @@ members = [
1616
[patch.crates-io]
1717
digest = { path = "digest" }
1818
signature = { path = "signature" }
19+
20+
# https://github.com/RustCrypto/utils/pull/1192
21+
block-buffer = { git = "https://github.com/RustCrypto/utils.git" }

digest/src/buffer_macros/fixed.rs

Lines changed: 29 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -39,21 +39,6 @@ macro_rules! buffer_fixed {
3939
const OID: $crate::const_oid::ObjectIdentifier =
4040
$crate::const_oid::ObjectIdentifier::new_unwrap($oid);
4141
}
42-
43-
impl$(< $( $lt $( : $clt $(+ $dlt )* )? ),+ >)? Drop for $name$(< $( $lt ),+ >)? {
44-
#[inline]
45-
fn drop(&mut self) {
46-
#[cfg(feature = "zeroize")]
47-
{
48-
use $crate::zeroize::Zeroize;
49-
self.core.zeroize();
50-
self.buffer.zeroize();
51-
}
52-
}
53-
}
54-
55-
#[cfg(feature = "zeroize")]
56-
impl$(< $( $lt $( : $clt $(+ $dlt )* )? ),+ >)? $crate::zeroize::ZeroizeOnDrop for $name$(< $( $lt ),+ >)? {}
5742
};
5843

5944
// Terminates `impl_inner` sequences.
@@ -75,7 +60,7 @@ macro_rules! buffer_fixed {
7560
$crate::buffer_fixed!(
7661
impl_inner: $name$(< $( $lt $( : $clt $(+ $dlt )* )? ),+ >)?($core_ty);
7762
BaseFixedTraits AlgorithmName Default Clone HashMarker
78-
Reset FixedOutputReset SerializableState $($trait_name)*;
63+
Reset FixedOutputReset SerializableState ZeroizeOnDrop $($trait_name)*;
7964
);
8065
};
8166

@@ -198,8 +183,8 @@ macro_rules! buffer_fixed {
198183
Self { core, buffer }
199184
}
200185
fn decompose(self) -> (Self::Core, $crate::block_api::Buffer<Self::Core>) {
201-
let Self { ref core, ref buffer } = self;
202-
(core.clone(), buffer.clone())
186+
let Self { core, buffer } = self;
187+
(core, buffer)
203188
}
204189
}
205190

@@ -491,5 +476,30 @@ macro_rules! buffer_fixed {
491476
}
492477

493478
$crate::buffer_fixed!(impl_inner: $name$(< $( $lt $( : $clt $(+ $dlt )* )? ),+ >)?($core_ty); $($trait_name)*;);
494-
}
479+
};
480+
481+
// Implements `ZeroizeOnDrop`
482+
(
483+
impl_inner: $name:ident
484+
$(< $( $lt:tt $( : $clt:tt $(+ $dlt:tt )* )? ),+ >)?
485+
($core_ty:ty);
486+
ZeroizeOnDrop $($trait_name:ident)*;
487+
) => {
488+
// Verify that `$core_ty` and `Bufer<$core_ty>` implement `ZeroizeOnDrop`
489+
#[cfg(feature = "zeroize")]
490+
const _: () = {
491+
fn check_core$(< $( $lt $( : $clt $(+ $dlt )* )? ),+ >)?(v: &$core_ty) {
492+
v as &dyn $crate::zeroize::ZeroizeOnDrop;
493+
}
494+
495+
fn check_buffer$(< $( $lt $( : $clt $(+ $dlt )* )? ),+ >)?(v: &$crate::block_api::Buffer<$core_ty>) {
496+
v as &dyn $crate::zeroize::ZeroizeOnDrop;
497+
}
498+
};
499+
500+
#[cfg(feature = "zeroize")]
501+
impl$(< $( $lt $( : $clt $(+ $dlt )* )? ),+ >)? $crate::zeroize::ZeroizeOnDrop for $name$(< $( $lt ),+ >)? {}
502+
503+
$crate::buffer_fixed!(impl_inner: $name$(< $( $lt $( : $clt $(+ $dlt )* )? ),+ >)?($core_ty); $($trait_name)*;);
504+
};
495505
}

digest/tests/dummy_fixed.rs

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -77,11 +77,15 @@ mod block_api {
7777
}
7878

7979
#[cfg(feature = "zeroize")]
80-
impl zeroize::Zeroize for FixedHashCore {
81-
fn zeroize(&mut self) {
82-
self.state.zeroize()
80+
impl Drop for FixedHashCore {
81+
fn drop(&mut self) {
82+
use zeroize::Zeroize;
83+
self.state.zeroize();
8384
}
8485
}
86+
87+
#[cfg(feature = "zeroize")]
88+
impl zeroize::ZeroizeOnDrop for FixedHashCore {}
8589
}
8690

8791
digest::buffer_fixed!(
@@ -106,3 +110,11 @@ digest::buffer_fixed!(
106110
oid: "0.1.2.3.4.5";
107111
impl: FixedHashTraits;
108112
);
113+
114+
#[cfg(feature = "zeroize")]
115+
/// check for `ZeroizeOnDrop` implementations
116+
const _: () = {
117+
const fn check_zeroize<T: zeroize::ZeroizeOnDrop>() {}
118+
check_zeroize::<FixedHashWithSer>();
119+
check_zeroize::<FixedHashWithOidSer>();
120+
};

0 commit comments

Comments
 (0)