From 37e7bc5c057414d9a2dd5c5aac9abd4784106022 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 12 Nov 2023 10:46:06 -0500 Subject: [PATCH] ZeroizeOnDrop instead of Zeroize --- blake2/Cargo.toml | 2 +- blake2/src/macros.rs | 17 +++++++---------- sha1/Cargo.toml | 2 +- sha1/src/lib.rs | 13 +++++-------- sha2/Cargo.toml | 2 +- sha2/src/core_api.rs | 39 ++++++++++++--------------------------- sha3/src/state.rs | 9 +-------- 7 files changed, 28 insertions(+), 56 deletions(-) diff --git a/blake2/Cargo.toml b/blake2/Cargo.toml index 97deec12b..78c701218 100644 --- a/blake2/Cargo.toml +++ b/blake2/Cargo.toml @@ -27,4 +27,4 @@ simd = [] simd_opt = ["simd"] simd_asm = ["simd_opt"] size_opt = [] # Optimize for code size. Removes some `inline(always)` -zeroize = ["zeroize_crate"] # Implement Zeroize for Digest implementors +zeroize = ["zeroize_crate"] # Implement ZeroizeOnDrop for Digest implementors diff --git a/blake2/src/macros.rs b/blake2/src/macros.rs index 1ae916798..8bad9f529 100644 --- a/blake2/src/macros.rs +++ b/blake2/src/macros.rs @@ -9,7 +9,7 @@ macro_rules! blake2_impl { pub struct $name { h: [$vec; 2], t: u64, - #[cfg(any(feature = "reset", feature = "zeroize"))] + #[cfg(feature = "reset")] h0: [$vec; 2], } @@ -86,7 +86,7 @@ macro_rules! blake2_impl { Self::iv1() ^ $vec::new(p[4], p[5], p[6], p[7]), ]; $name { - #[cfg(any(feature = "reset", feature = "zeroize"))] + #[cfg(feature = "reset")] h0: h.clone(), h, t: 0, @@ -244,18 +244,15 @@ macro_rules! blake2_impl { } #[cfg(feature = "zeroize")] - impl zeroize_crate::Zeroize for $name { - fn zeroize(&mut self) { + impl Drop for $name { + fn drop(&mut self) { + use zeroize_crate::Zeroize; self.h.zeroize(); self.t.zeroize(); - - // Because the hasher is now in an invalid state, restore the starting state - // This makes Zeroize equivalent to reset *yet using a zero-write the compiler - // hopefully shouldn't be able to optimize out* - // The following lines may be optimized out if no further use occurs, which is fine - self.h = self.h0; } } + #[cfg(feature = "zeroize")] + impl zeroize_crate::ZeroizeOnDrop for $name {} impl fmt::Debug for $name { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { diff --git a/sha1/Cargo.toml b/sha1/Cargo.toml index 501a4c659..f15fe4161 100644 --- a/sha1/Cargo.toml +++ b/sha1/Cargo.toml @@ -34,7 +34,7 @@ asm = ["sha1-asm"] # WARNING: this feature SHOULD NOT be enabled by library crat loongarch64_asm = [] compress = [] # Expose compress function force-soft = [] # Force software implementation -zeroize = ["zeroize_crate"] # Implement Zeroize for Digest implementors +zeroize = ["zeroize_crate"] # Implement ZeroizeOnDrop for Digest implementors [package.metadata.docs.rs] all-features = true diff --git a/sha1/src/lib.rs b/sha1/src/lib.rs index f2bd5f2d8..88e6400b5 100644 --- a/sha1/src/lib.rs +++ b/sha1/src/lib.rs @@ -151,18 +151,15 @@ impl AlgorithmName for Sha1Core { } #[cfg(feature = "zeroize")] -impl zeroize_crate::Zeroize for Sha1Core { - fn zeroize(&mut self) { +impl Drop for Sha1Core { + fn drop(&mut self) { + use zeroize_crate::Zeroize; self.h.zeroize(); self.block_len.zeroize(); - - // Because the hasher is now in an invalid state, restore the starting state - // This makes Zeroize equivalent to reset *yet using a zero-write the compiler hopefully - // shouldn't be able to optimize out* - // The following lines may be optimized out if no further use occurs, which is fine - self.h = Self::default().h; } } +#[cfg(feature = "zeroize")] +impl zeroize_crate::ZeroizeOnDrop for Sha1Core {} impl fmt::Debug for Sha1Core { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { diff --git a/sha2/Cargo.toml b/sha2/Cargo.toml index c3a232bfa..c66f723b2 100644 --- a/sha2/Cargo.toml +++ b/sha2/Cargo.toml @@ -38,7 +38,7 @@ loongarch64_asm = [] compress = [] # Expose compress functions force-soft = [] # Force software implementation asm-aarch64 = ["asm"] # DEPRECATED: use `asm` instead -zeroize = ["zeroize_crate"] # Implement Zeroize for Digest implementors +zeroize = ["zeroize_crate"] # Implement ZeroizeOnDrop for Digest implementors [package.metadata.docs.rs] all-features = true diff --git a/sha2/src/core_api.rs b/sha2/src/core_api.rs index 6027f217b..7723613fa 100644 --- a/sha2/src/core_api.rs +++ b/sha2/src/core_api.rs @@ -16,8 +16,6 @@ use digest::{ /// i.e. 224 and 256 bits respectively. #[derive(Clone)] pub struct Sha256VarCore { - #[cfg(feature = "zeroize")] - output_size: usize, state: consts::State256, block_len: u64, } @@ -55,12 +53,7 @@ impl VariableOutputCore for Sha256VarCore { _ => return Err(InvalidOutputSize), }; let block_len = 0; - Ok(Self { - #[cfg(feature = "zeroize")] - output_size, - state, - block_len, - }) + Ok(Self { state, block_len }) } #[inline] @@ -83,18 +76,15 @@ impl AlgorithmName for Sha256VarCore { } #[cfg(feature = "zeroize")] -impl zeroize_crate::Zeroize for Sha256VarCore { - fn zeroize(&mut self) { +impl Drop for Sha256VarCore { + fn drop(&mut self) { + use zeroize_crate::Zeroize; self.state.zeroize(); self.block_len.zeroize(); - - // Because the hasher is now in an invalid state, restore the starting state - // This makes Zeroize equivalent to reset *yet using a zero-write the compiler hopefully - // shouldn't be able to optimize out* - // The following lines may be optimized out if no further use occurs, which is fine - self.state = Self::new(self.output_size).unwrap().state; } } +#[cfg(feature = "zeroize")] +impl zeroize_crate::ZeroizeOnDrop for Sha256VarCore {} impl fmt::Debug for Sha256VarCore { #[inline] @@ -109,8 +99,6 @@ impl fmt::Debug for Sha256VarCore { /// i.e. 224, 256, 384, and 512 bits respectively. #[derive(Clone)] pub struct Sha512VarCore { - #[cfg(feature = "zeroize")] - output_size: usize, state: consts::State512, block_len: u128, } @@ -150,12 +138,7 @@ impl VariableOutputCore for Sha512VarCore { _ => return Err(InvalidOutputSize), }; let block_len = 0; - Ok(Self { - #[cfg(feature = "zeroize")] - output_size, - state, - block_len, - }) + Ok(Self { state, block_len }) } #[inline] @@ -178,13 +161,15 @@ impl AlgorithmName for Sha512VarCore { } #[cfg(feature = "zeroize")] -impl zeroize_crate::Zeroize for Sha512VarCore { - fn zeroize(&mut self) { +impl Drop for Sha512VarCore { + fn drop(&mut self) { + use zeroize_crate::Zeroize; self.state.zeroize(); self.block_len.zeroize(); - self.state = Self::new(self.output_size).unwrap().state; } } +#[cfg(feature = "zeroize")] +impl zeroize_crate::ZeroizeOnDrop for Sha512VarCore {} impl fmt::Debug for Sha512VarCore { #[inline] diff --git a/sha3/src/state.rs b/sha3/src/state.rs index 2309ceaba..ce3785f75 100644 --- a/sha3/src/state.rs +++ b/sha3/src/state.rs @@ -20,17 +20,10 @@ impl Default for Sha3State { } } -#[cfg(feature = "zeroize")] -impl Zeroize for Sha3State { - fn zeroize(&mut self) { - self.state.zeroize(); - } -} - #[cfg(feature = "zeroize")] impl Drop for Sha3State { fn drop(&mut self) { - self.zeroize(); + self.state.zeroize(); } }