From 86229382029d208361655421620ba97f2a22aca4 Mon Sep 17 00:00:00 2001 From: Claudia Richoux Date: Sat, 28 Jan 2023 19:19:39 -0500 Subject: [PATCH] make it a feature --- blake2/Cargo.toml | 3 ++- blake2/src/blake2b.rs | 7 +++++-- blake2/src/blake2b/backend.rs | 3 +++ blake2/src/blake2b/params.rs | 4 +++- blake2/src/blake2b/state.rs | 4 +++- blake2/src/blake2bp.rs | 7 +++++-- blake2/src/blake2s.rs | 7 +++++-- blake2/src/blake2s/backend.rs | 3 +++ blake2/src/blake2s/params.rs | 4 +++- blake2/src/blake2s/state.rs | 4 +++- blake2/src/blake2sp.rs | 7 +++++-- 11 files changed, 40 insertions(+), 13 deletions(-) diff --git a/blake2/Cargo.toml b/blake2/Cargo.toml index 16939396b..9bba9024c 100644 --- a/blake2/Cargo.toml +++ b/blake2/Cargo.toml @@ -18,7 +18,7 @@ crypto-mac = "0.8" digest = "0.9" opaque-debug = "0.3" subtle = { version = ">=2, <2.5", default-features = false } -zeroize = { version = "1.5.7", features = ["zeroize_derive"] } +zeroize = { version = "1.5.7", features = ["zeroize_derive"], default-features = false, optional = true } [dev-dependencies] crypto-mac = { version = "0.8", features = ["dev"] } @@ -40,6 +40,7 @@ blake2s = [] # performance. This feature disables some inlining, improving the performance # of the portable implementation in that specific case. uninline_portable = [] +zeroize = ["zeroize/zeroize_derive"] [package.metadata.docs.rs] all-features = true diff --git a/blake2/src/blake2b.rs b/blake2/src/blake2b.rs index e4ccb1065..6d837bf02 100644 --- a/blake2/src/blake2b.rs +++ b/blake2/src/blake2b.rs @@ -44,6 +44,7 @@ use digest::{ generic_array::GenericArray, BlockInput, FixedOutputDirty, InvalidOutputSize, Reset, Update, VariableOutputDirty, }; +#[cfg(feature = "zeroize")] use zeroize::ZeroizeOnDrop; pub(crate) type Word = u64; @@ -109,7 +110,8 @@ pub fn blake2b(input: &[u8]) -> Hash { } /// Blake2b instance with a fixed output. -#[derive(Clone, Default, ZeroizeOnDrop)] +#[derive(Clone, Default)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct Blake2b { params: Params, state: State, @@ -193,7 +195,8 @@ opaque_debug::implement!(Blake2b); digest::impl_write!(Blake2b); /// Blake2b instance with a variable output. -#[derive(Clone, Default, ZeroizeOnDrop)] +#[derive(Clone, Default)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct VarBlake2b { params: Params, state: State, diff --git a/blake2/src/blake2b/backend.rs b/blake2/src/blake2b/backend.rs index 613d15ad3..c9a11a12b 100644 --- a/blake2/src/blake2b/backend.rs +++ b/blake2/src/blake2b/backend.rs @@ -9,6 +9,7 @@ mod sse41; use super::*; use arrayref::array_ref; use core::cmp; +#[cfg(feature = "zeroize")] use zeroize::Zeroize; #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] @@ -139,6 +140,7 @@ impl Implementation { } } +#[cfg(feature = "zeroize")] impl Zeroize for Implementation { fn zeroize(&mut self) { // Nothing to do. @@ -188,6 +190,7 @@ pub enum LastNode { No, } +#[cfg(feature = "zeroize")] impl Zeroize for LastNode { fn zeroize(&mut self) { // Nothing to do. diff --git a/blake2/src/blake2b/params.rs b/blake2/src/blake2b/params.rs index 16ff89e79..f910edc49 100644 --- a/blake2/src/blake2b/params.rs +++ b/blake2/src/blake2b/params.rs @@ -3,6 +3,7 @@ use super::{ }; use arrayref::array_refs; use core::fmt; +#[cfg(feature = "zeroize")] use zeroize::ZeroizeOnDrop; /// A parameter builder that exposes all the non-default BLAKE2 features. @@ -29,7 +30,8 @@ use zeroize::ZeroizeOnDrop; /// // Or use those params to build an incremental State. /// let mut state = params.to_state(); /// ``` -#[derive(Clone, ZeroizeOnDrop)] +#[derive(Clone)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct Params { pub(super) hash_length: u8, pub(super) key_length: u8, diff --git a/blake2/src/blake2b/state.rs b/blake2/src/blake2b/state.rs index 7e77aeee9..4fb686ede 100644 --- a/blake2/src/blake2b/state.rs +++ b/blake2/src/blake2b/state.rs @@ -2,6 +2,7 @@ use super::{backend, Count, Hash, Params, Word, BLOCKBYTES, OUTBYTES}; use arrayref::mut_array_refs; use core::{cmp, fmt, mem::size_of}; +#[cfg(feature = "zeroize")] use zeroize::ZeroizeOnDrop; /// An incremental hasher for BLAKE2b. @@ -21,7 +22,8 @@ use zeroize::ZeroizeOnDrop; /// state.update(b"bar"); /// assert_eq!(blake2b(b"foobar"), state.finalize()); /// ``` -#[derive(Clone, ZeroizeOnDrop)] +#[derive(Clone)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct State { pub(super) words: [Word; 8], pub(super) count: Count, diff --git a/blake2/src/blake2bp.rs b/blake2/src/blake2bp.rs index 64b409213..7f61cd337 100644 --- a/blake2/src/blake2bp.rs +++ b/blake2/src/blake2bp.rs @@ -26,6 +26,7 @@ use crate::blake2b::{ many, state, Count, Hash, Word, BLOCKBYTES, KEYBYTES, OUTBYTES, }; use core::{cmp, fmt, mem::size_of}; +#[cfg(feature = "zeroize")] use zeroize::ZeroizeOnDrop; pub(crate) const DEGREE: usize = 4; @@ -59,7 +60,8 @@ pub fn blake2bp(input: &[u8]) -> Hash { /// use blake2::blake2bp; /// let mut state = blake2bp::Params::new().hash_length(32).to_state(); /// ``` -#[derive(Clone, ZeroizeOnDrop)] +#[derive(Clone)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct Params { hash_length: u8, key_length: u8, @@ -207,7 +209,8 @@ impl fmt::Debug for Params { /// dfa3205f7f7f71e4f0673d25fa82a368488911f446bccd323af3ab03f53e56e5"; /// assert_eq!(expected, &hash.to_hex()); /// ``` -#[derive(Clone, ZeroizeOnDrop)] +#[derive(Clone)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct State { leaf_words: [[Word; 8]; DEGREE], root_words: [Word; 8], diff --git a/blake2/src/blake2s.rs b/blake2/src/blake2s.rs index bf9732ab9..3851ccc62 100644 --- a/blake2/src/blake2s.rs +++ b/blake2/src/blake2s.rs @@ -43,6 +43,7 @@ use digest::{ generic_array::GenericArray, BlockInput, FixedOutputDirty, InvalidOutputSize, Reset, Update, VariableOutputDirty, }; +#[cfg(feature = "zeroize")] use zeroize::ZeroizeOnDrop; pub(crate) type Word = u32; @@ -98,7 +99,8 @@ pub fn blake2s(input: &[u8]) -> Hash { } /// Blake2s instance with a fixed output. -#[derive(Clone, Default, ZeroizeOnDrop)] +#[derive(Clone, Default)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct Blake2s { params: Params, state: State, @@ -182,7 +184,8 @@ opaque_debug::implement!(Blake2s); digest::impl_write!(Blake2s); /// Blake2s instance with a variable output. -#[derive(Clone, Default, ZeroizeOnDrop)] +#[derive(Clone, Default)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct VarBlake2s { params: Params, state: State, diff --git a/blake2/src/blake2s/backend.rs b/blake2/src/blake2s/backend.rs index 6b6b17e09..4da0ff888 100644 --- a/blake2/src/blake2s/backend.rs +++ b/blake2/src/blake2s/backend.rs @@ -9,6 +9,7 @@ mod sse41; use super::*; use arrayref::array_ref; use core::cmp; +#[cfg(feature = "zeroize")] use zeroize::Zeroize; #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] @@ -137,6 +138,7 @@ impl Implementation { } } +#[cfg(feature = "zeroize")] impl Zeroize for Implementation { fn zeroize(&mut self) { // Nothing to do. @@ -186,6 +188,7 @@ pub enum LastNode { No, } +#[cfg(feature = "zeroize")] impl Zeroize for LastNode { fn zeroize(&mut self) { // Nothing to do. diff --git a/blake2/src/blake2s/params.rs b/blake2/src/blake2s/params.rs index 37009148a..97c81ec02 100644 --- a/blake2/src/blake2s/params.rs +++ b/blake2/src/blake2s/params.rs @@ -3,6 +3,7 @@ use super::{ }; use arrayref::array_refs; use core::fmt; +#[cfg(feature = "zeroize")] use zeroize::ZeroizeOnDrop; /// A parameter builder that exposes all the non-default BLAKE2 features. @@ -29,7 +30,8 @@ use zeroize::ZeroizeOnDrop; /// // Or use those params to build an incremental State. /// let mut state = params.to_state(); /// ``` -#[derive(Clone, ZeroizeOnDrop)] +#[derive(Clone)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct Params { pub(super) hash_length: u8, pub(super) key_length: u8, diff --git a/blake2/src/blake2s/state.rs b/blake2/src/blake2s/state.rs index 4d456a652..e0c7e951c 100644 --- a/blake2/src/blake2s/state.rs +++ b/blake2/src/blake2s/state.rs @@ -1,6 +1,7 @@ use super::{backend, Count, Hash, Params, Word, BLOCKBYTES, OUTBYTES}; use arrayref::mut_array_refs; use core::{cmp, fmt, mem::size_of}; +#[cfg(feature = "zeroize")] use zeroize::ZeroizeOnDrop; /// An incremental hasher for BLAKE2s. @@ -20,7 +21,8 @@ use zeroize::ZeroizeOnDrop; /// state.update(b"bar"); /// assert_eq!(blake2s(b"foobar"), state.finalize()); /// ``` -#[derive(Clone, ZeroizeOnDrop)] +#[derive(Clone)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct State { pub(super) words: [Word; 8], pub(super) count: Count, diff --git a/blake2/src/blake2sp.rs b/blake2/src/blake2sp.rs index 93504251f..b4731ee05 100644 --- a/blake2/src/blake2sp.rs +++ b/blake2/src/blake2sp.rs @@ -26,6 +26,7 @@ use crate::blake2s::{ many, state, Count, Hash, Word, BLOCKBYTES, KEYBYTES, OUTBYTES, }; use core::{cmp, fmt, mem::size_of}; +#[cfg(feature = "zeroize")] use zeroize::ZeroizeOnDrop; pub(crate) const DEGREE: usize = 8; @@ -58,7 +59,8 @@ pub fn blake2sp(input: &[u8]) -> Hash { /// use blake2::blake2sp; /// let mut state = blake2sp::Params::new().hash_length(32).to_state(); /// ``` -#[derive(Clone, ZeroizeOnDrop)] +#[derive(Clone)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct Params { hash_length: u8, key_length: u8, @@ -214,7 +216,8 @@ impl fmt::Debug for Params { /// let expected = "268120e51df583c61d6bfb7915f1c8ead299696c42f413092cd0b2247e1a388d"; /// assert_eq!(expected, &hash.to_hex()); /// ``` -#[derive(Clone, ZeroizeOnDrop)] +#[derive(Clone)] +#[cfg_attr(feature = "zeroize", derive(ZeroizeOnDrop))] pub struct State { leaf_words: [[Word; 8]; DEGREE], root_words: [Word; 8],