Add zeroization support for heapless data structures #614
Conversation
|
Thanks so much. I think it's definitely a good change. Before we do a proper review, could you please squash the commits and force push (please do not create a new PR). |
src/vec/mod.rs
Outdated
| #[cfg_attr( | ||
| feature = "zeroize", | ||
| derive(Zeroize), | ||
| zeroize(bound = "S: Zeroize, LenT: Zeroize") |
There was a problem hiding this comment.
I think that in the case the Zeroize feature is enabled, the LenType sealed trait can be a supertrait of Zeroize so that the bounds are simpler.
vishy11
force-pushed
the
master
branch
3 times, most recently
from
23b933e to
e08f29b
Compare
|
@vishy11 thanks! I hate to ask but could please rebase (rather than merge) on master, squash the remaining 2 commits and use the PR description as the commit message? Then we'll have a clean history. 🙏 |
vishy11
force-pushed
the
master
branch
8 times, most recently
from
7c07198 to
ed337d8
Compare
Apologies, was having a lot of the commits mess with each other - they should be good now. Let me know if you need any other changes and I'll do my best to get them done! |
No worries. It looks all good now. For future reference, I'd suggest first checking the history locally to see everything is in order before submitting the PR and each time before pushing changes to the PR. It's just easier for reviewers this way. 👍 |
src/string/mod.rs
Outdated
| #[cfg_attr( | ||
| feature = "zeroize", | ||
| derive(Zeroize), | ||
| zeroize(bound = "S: Zeroize, LenT: Zeroize") |
There was a problem hiding this comment.
| zeroize(bound = "S: Zeroize, LenT: Zeroize") | |
| zeroize(bound = "S: Zeroize") |
src/c_string.rs
Outdated
| #[cfg(feature = "zeroize")] | ||
| impl<const N: usize, LenT: LenType> Zeroize for CString<N, LenT> | ||
| where | ||
| LenT: Zeroize, |
There was a problem hiding this comment.
| #[cfg(feature = "zeroize")] | |
| impl<const N: usize, LenT: LenType> Zeroize for CString<N, LenT> | |
| where | |
| LenT: Zeroize, | |
| #[cfg(feature = "zeroize")] | |
| impl<const N: usize, LenT: LenType> Zeroize for CString<N, LenT> |
… securely clear sensitive data from memory: - When the zeroize feature is enabled, the LenType sealed trait now has Zeroize as a supertrait - This simplifies the bound for deriving Zeroize for VecInner and other types - Added tests to verify VecView also implements Zeroize correctly This feature is essential for security-sensitive applications needing to prevent data leaks from memory dumps. Note: Zeroize initially worked on Vector purely via derivation, however was not complete without proper bound checks. Without these checks, the deref implementation of Zeroize was used instead, which led to incomplete zeroization of the Vector's contents.
3 participants
Implements zeroization support across all heapless data structures to securely clear sensitive data from memory:
Vector,CString,String,IndexMap,IndexSet, and other structuresThis feature is essential for security-sensitive applications needing to prevent data leaks from memory dumps.
Note: Zeroize initially worked on
Vectorpurely via derivation, however was not complete without proper bound checks. Without these checks, thederefimplementation of Zeroize was used instead, which led to incomplete zeroization of the Vector's contents.