enabling zeroize for field elements#24
Conversation
| byteorder = "1" | ||
| ff_derive = { version = "0.4.0", path = "ff_derive", optional = true } | ||
| rand_core = "0.5" | ||
| zeroize = {version = "1.1", features = ["zeroize_derive"]} |
There was a problem hiding this comment.
I'm still not sure that we want to have a required dependency on zeroize for the ff crate, especially as Zeroize is not part of any bound on the Field or PrimeField traits. I think I would prefer that we make this crate optional, and instead of using zeroize_derive we manually add an impl Zeroize for #repr if the zeroize feature is enabled.
This would require adding a zeroize feature flag to ff_derive, and then here:
[dependencies]
...
zeroize_crate = { package = "zeroize", version = "1.1", optional = true }
[features]
...
zeroize = ["ff_derive/zeroize", "zeroize_crate"]
(Crates that use namespaced-features can't be published, so we can't have a feature with the same name as a crate.)
cc @tarcieri.
There was a problem hiding this comment.
We make zeroize optional in most of the RustCrypto crates, FWIW.
I think it may be possible to avoid adding a zeroize feature to ff_derive, but I'd have to double check what I have in mind: amely there's already a zeroize_derive crate, so it might be possible to use that rather than modifying ff_derive to have custom zeroize support?
| pub use ff_derive::*; | ||
|
|
||
| #[macro_use] | ||
| extern crate zeroize; |
4 participants
This PR enables zeroize for field elements -- allows for better memory safety for upper layer libs such as pairing or bls signatures. Would love to see this functionality merged to the main repo.
Replacing PR #22