From e5412546389e45d943b68dc1800f31a0c3367850 Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Wed, 17 Jul 2024 15:44:35 -0600 Subject: [PATCH] hkd32: remove usage of `zeroize_derive` It's being used for trivial impls of the `zeroize` traits, and in the meantime `syn` MSRV changes are breaking the crate's current MSRV. The derived usages are trivially rewritten without the whole proc macro stack, and really these types shouldn't have `Zeroize` impls at all, but instead impl `Drop` and `ZeroizeOnDrop`. --- Cargo.lock | 14 -------------- hkd32/Cargo.toml | 2 +- hkd32/src/key_material.rs | 16 ++++++++++++++-- hkd32/src/pathbuf.rs | 21 +++++++++++++++------ 4 files changed, 30 insertions(+), 23 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 16b1132b..8cbb27d4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1551,17 +1551,3 @@ name = "zeroize" version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2a0956f1ba7c7909bfb66c2e9e4124ab6f6482560f6628b5aaeba39207c9aad9" -dependencies = [ - "zeroize_derive", -] - -[[package]] -name = "zeroize_derive" -version = "1.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25588073e5216b50bca71d61cb8595cdb9745e87032a58c199730def2862c934" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.11", -] diff --git a/hkd32/Cargo.toml b/hkd32/Cargo.toml index 263e2150..cabbcdca 100644 --- a/hkd32/Cargo.toml +++ b/hkd32/Cargo.toml @@ -22,7 +22,7 @@ rust-version = "1.60" hmac = { version = "0.12", default-features = false } rand_core = { version = "0.6", default-features = false } sha2 = { version = "0.10", default-features = false } -zeroize = { version = "1", default-features = false, features = ["zeroize_derive"] } +zeroize = { version = "1", default-features = false } # optional dependencies once_cell = { version = "1", optional = true } diff --git a/hkd32/src/key_material.rs b/hkd32/src/key_material.rs index 66e9513b..091e1468 100644 --- a/hkd32/src/key_material.rs +++ b/hkd32/src/key_material.rs @@ -23,8 +23,7 @@ use crate::mnemonic; /// /// This type provides the main key derivation functionality and is used to /// represent both input and output key material. -#[derive(Clone, Zeroize)] -#[zeroize(drop)] +#[derive(Clone)] pub struct KeyMaterial([u8; KEY_SIZE]); impl KeyMaterial { @@ -125,6 +124,12 @@ impl KeyMaterial { } } +impl Drop for KeyMaterial { + fn drop(&mut self) { + self.zeroize(); + } +} + impl From<[u8; KEY_SIZE]> for KeyMaterial { fn from(bytes: [u8; KEY_SIZE]) -> Self { Self::new(bytes) @@ -138,3 +143,10 @@ impl<'a> TryFrom<&'a [u8]> for KeyMaterial { Self::from_bytes(slice) } } + +// TODO(tarcieri): remove this impl in favor of `ZeroizeOnDrop` in next breaking release +impl Zeroize for KeyMaterial { + fn zeroize(&mut self) { + self.0.zeroize(); + } +} diff --git a/hkd32/src/pathbuf.rs b/hkd32/src/pathbuf.rs index 9a24e328..dc65d44e 100644 --- a/hkd32/src/pathbuf.rs +++ b/hkd32/src/pathbuf.rs @@ -3,10 +3,7 @@ //! //! This type is only available when the `alloc` feature is enabled. -use crate::{ - path::{Component, Path}, - Error, DELIMITER, -}; +use crate::{path::{Component, Path}, Error, DELIMITER}; use alloc::{borrow::ToOwned, str::FromStr, vec::Vec}; use core::fmt::{self, Debug}; use core::{borrow::Borrow, ops::Deref}; @@ -17,9 +14,8 @@ use zeroize::Zeroize; /// /// This is the owned path type. The corresponding reference type is /// `hkd32::Path` (ala the corresponding types in `std`). -#[derive(Clone, Default, Eq, Hash, PartialEq, PartialOrd, Ord, Zeroize)] +#[derive(Clone, Default, Eq, Hash, PartialEq, PartialOrd, Ord)] #[repr(transparent)] -#[zeroize(drop)] pub struct PathBuf(Vec); impl PathBuf { @@ -91,6 +87,12 @@ impl Deref for PathBuf { } } +impl Drop for PathBuf { + fn drop(&mut self) { + self.0.zeroize(); + } +} + impl FromStr for PathBuf { type Err = Error; @@ -136,6 +138,13 @@ impl ToOwned for Path { } } +// TODO(tarcieri): remove this impl in favor of `ZeroizeOnDrop` in next breaking release +impl Zeroize for PathBuf { + fn zeroize(&mut self) { + self.0.zeroize(); + } +} + #[cfg(all(test, feature = "alloc"))] mod tests { use super::*;