ssh-cipher: add zeroize feature

Adds a feature which transitively enables zeroization support in various dependencies. `ssh-key` now activates it by default.
RustCrypto · Aug 15, 2024 · 5b3fb10 · 5b3fb10
1 parent 8342b9f
commit 5b3fb10
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 2 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/ssh-cipher/Cargo.toml b/ssh-cipher/Cargo.toml
@@ -32,6 +32,7 @@ chacha20 = { version = "=0.10.0-pre.1", optional = true, default-features = fals
 des = { version = "=0.9.0-pre.1", optional = true, default-features = false }
 poly1305 = { version = "0.9.0-rc.0", optional = true, default-features = false }
 subtle = { version = "2", optional = true, default-features = false }
+zeroize = { version = "1", optional = true, default-features = false }
 
 [dev-dependencies]
 hex-literal = "0.4"
@@ -44,6 +45,14 @@ aes-ctr = ["dep:aes", "dep:ctr"]
 aes-gcm = ["dep:aead", "dep:aes", "dep:aes-gcm"]
 chacha20poly1305 = ["dep:aead", "dep:chacha20", "dep:poly1305", "dep:subtle"]
 tdes = ["dep:des", "dep:cbc"]
+zeroize = [
+    "dep:zeroize",
+    "aes?/zeroize",
+    "aes-gcm?/zeroize",
+    "chacha20?/zeroize",
+    "des?/zeroize",
+    "poly1305?/zeroize"
+]
 
 [package.metadata.docs.rs]
 all-features = true

diff --git a/ssh-cipher/src/chacha20poly1305.rs b/ssh-cipher/src/chacha20poly1305.rs
@@ -11,6 +11,9 @@ use cipher::{KeyIvInit, StreamCipher, StreamCipherSeek};
 use poly1305::Poly1305;
 use subtle::ConstantTimeEq;
 
+#[cfg(feature = "zeroize")]
+use zeroize::{Zeroize, ZeroizeOnDrop};
+
 /// Key for `[email protected]`.
 pub type ChaChaKey = chacha20::Key;
 
@@ -29,7 +32,6 @@ pub type ChaChaNonce = chacha20::LegacyNonce;
 /// [RFC8439]: https://datatracker.ietf.org/doc/html/rfc8439
 #[derive(Clone)]
 pub struct ChaCha20Poly1305 {
-    // TODO(tarcieri): zeroize on drop
     key: ChaChaKey,
 }
 
@@ -93,6 +95,16 @@ impl ChaCha20Poly1305 {
     }
 }
 
+impl Drop for ChaCha20Poly1305 {
+    fn drop(&mut self) {
+        #[cfg(feature = "zeroize")]
+        self.key.zeroize();
+    }
+}
+
+#[cfg(feature = "zeroize")]
+impl ZeroizeOnDrop for ChaCha20Poly1305 {}
+
 /// Internal type representing a cipher instance.
 struct Cipher {
     cipher: ChaCha20,

diff --git a/ssh-key/Cargo.toml b/ssh-key/Cargo.toml
@@ -18,7 +18,7 @@ edition = "2021"
 rust-version = "1.73"
 
 [dependencies]
-cipher = { package = "ssh-cipher", version = "=0.3.0-pre.2", path = "../ssh-cipher" }
+cipher = { package = "ssh-cipher", version = "=0.3.0-pre.2", features = ["zeroize"], path = "../ssh-cipher" }
 encoding = { package = "ssh-encoding", version = "=0.3.0-pre.1", features = ["base64", "digest", "pem"], path = "../ssh-encoding" }
 sha2 = { version = "=0.11.0-pre.4", default-features = false }
 signature = { version = "=2.3.0-pre.4", default-features = false }