Update zeroize crate, derive Zeroize & ZeroizeOnDrop for SecretKey.

ycrypto · Aug 23, 2022 · eb3c318 · eb3c318
1 parent a9f1791
commit eb3c318
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 4 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -13,7 +13,7 @@ keywords = ["no-std", "NaCl", "Ed25519", "cryptography", "signatures"]
 [dependencies]
 cosey = { version = "0.3.0", optional = true }
 subtle = { version = "2.4.0", default-features = false }
-zeroize = { version = "1.2.0", default-features = false }
+zeroize = { version = "1.5.7", default-features = false, features = ["zeroize_derive"] }
 ed25519 = { version = "1.3.0", default-features = false }
 
 [dev-dependencies]

diff --git a/src/agreement.rs b/src/agreement.rs
@@ -246,4 +246,14 @@ mod tests {
         // }
     }
 
+    #[test]
+    fn zeroize_on_drop() {
+        let mut secret = SecretKey::from_seed(&[1u8; 32]);
+
+        unsafe {
+            std::ptr::drop_in_place(&mut secret);
+        }
+
+        assert_eq!(secret.0.as_bytes(), &[0u8; 32]);
+    }
 }
diff --git a/src/scalar.rs b/src/scalar.rs
@@ -4,6 +4,7 @@ use core::ops::{
 };
 
 use crate::constants::SCALAR_LENGTH;
+use zeroize::{Zeroize, ZeroizeOnDrop};
 
 /// 32 octets, interpreted as little-endian 256 bit unsigned integer
 pub type U256le = [u8; 32];
@@ -14,7 +15,7 @@ pub type U512le = [u8; 64];
 /// structure, consisting of these scalars. They are the
 /// integers modulo "ell", where "ell" is 2**252 + something something.
 #[repr(C)]
-#[derive(Clone, Debug,Default,PartialEq)]
+#[derive(Clone, Debug,Default,PartialEq, Zeroize, ZeroizeOnDrop)]
 pub struct Scalar(
     pub [u8; SCALAR_LENGTH]
 );
@@ -307,4 +308,17 @@ mod test {
         assert_eq!(five, Scalar::from(5u64));
 
     }
+
+    #[test]
+    fn zeroize_on_drop() {
+        let mut one = Scalar([1u8; SCALAR_LENGTH]);
+
+        assert_ne!(one.0, [0u8; SCALAR_LENGTH]);
+
+        unsafe {
+            std::ptr::drop_in_place(&mut one);
+        }
+
+        assert_eq!(one.0, [0u8; SCALAR_LENGTH]);
+    }
 }
diff --git a/src/signature.rs b/src/signature.rs
@@ -1,5 +1,6 @@
 #[cfg(feature = "cose")]
 pub use cosey::Ed25519PublicKey as CosePublicKey;
+use zeroize::{Zeroize, ZeroizeOnDrop};
 
 use crate::{
     Error,
@@ -23,6 +24,7 @@ use crate::{
 
 /// a secret key, consisting internally of the seed and
 /// its expansion into a scalar and a "nonce".
+#[derive(Zeroize, ZeroizeOnDrop)]
 pub struct SecretKey {
     #[allow(dead_code)]
     pub (crate) seed: [u8; SECRETKEY_SEED_LENGTH],
@@ -417,8 +419,8 @@ impl Signature {
 #[cfg(test)]
 mod tests {
     use hex_literal::hex;
-    use super::Keypair;
-    use crate::hash::Sha512;
+    use super::*;
+    use crate::{constants::SCALAR_LENGTH, hash::Sha512};
 
     #[test]
     fn test_decompression() {
@@ -584,5 +586,22 @@ mod tests {
         assert_eq!(secret1.y(), secret2.y());
 
     }
+
+    #[test]
+    fn zeroize_on_drop() {
+        let mut secret = SecretKey::from(&[1u8; SECRETKEY_SEED_LENGTH]);
+
+        assert_ne!(secret.seed, [0u8; SECRETKEY_SEED_LENGTH]);
+        assert_ne!(secret.scalar.0, [0u8; SCALAR_LENGTH]);
+        assert_ne!(secret.nonce, [0u8; SECRETKEY_NONCE_LENGTH]);
+
+        unsafe {
+            std::ptr::drop_in_place(&mut secret);
+        }
+
+        assert_eq!(secret.seed, [0u8; SECRETKEY_SEED_LENGTH]);
+        assert_eq!(secret.scalar.0, [0u8; SCALAR_LENGTH]);
+        assert_eq!(secret.nonce, [0u8; SECRETKEY_NONCE_LENGTH]);
+    }
 }