From 96fd7cf5d00b41069beb2c32493a18aa30b12d5c Mon Sep 17 00:00:00 2001 From: Alexander Wagner Date: Tue, 24 Oct 2023 23:37:19 +0200 Subject: [PATCH] ascon-aead: Add ascon sponge Zeroize feature (#527) Not zeroizing the state may expose the private key. --- Cargo.lock | 3 +++ ascon-aead/Cargo.toml | 5 +++-- ascon-aead/src/lib.rs | 3 +++ 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index cec9dd20..5d41facb 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -82,6 +82,9 @@ name = "ascon" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5f0e716048a18530cce4684daf98a7563a499d710e1ed8ef35567fcb43a7c5f1" +dependencies = [ + "zeroize", +] [[package]] name = "ascon-aead" diff --git a/ascon-aead/Cargo.toml b/ascon-aead/Cargo.toml index bb352044..1cd3016a 100644 --- a/ascon-aead/Cargo.toml +++ b/ascon-aead/Cargo.toml @@ -17,7 +17,7 @@ rust-version = "1.56" [dependencies] aead = { version = "0.5", default-features = false } subtle = { version = "2", default-features = false } -zeroize = { version = "1.6", optional = true, default-features = false, features = [ +zeroize_crate = { package = "zeroize", version = "1.6", optional = true, default-features = false, features = [ "derive", ] } ascon = "0.4" @@ -27,7 +27,7 @@ hex-literal = "0.3" aead = { version = "0.5", features = ["alloc"] } [features] -default = ["alloc", "getrandom", "zeroize"] +default = ["alloc", "getrandom"] std = ["aead/std", "alloc"] alloc = ["aead/alloc"] arrayvec = ["aead/arrayvec"] @@ -35,6 +35,7 @@ getrandom = ["aead/getrandom", "rand_core"] heapless = ["aead/heapless"] rand_core = ["aead/rand_core"] stream = ["aead/stream"] +zeroize = ["zeroize_crate", "ascon/zeroize"] [package.metadata.docs.rs] all-features = true diff --git a/ascon-aead/src/lib.rs b/ascon-aead/src/lib.rs index 43993411..81774e94 100644 --- a/ascon-aead/src/lib.rs +++ b/ascon-aead/src/lib.rs @@ -98,6 +98,9 @@ //! Similarly, enabling the `arrayvec` feature of this crate will provide an impl of //! [`aead::Buffer`] for `arrayvec::ArrayVec`. +#[cfg(feature = "zeroize")] +extern crate zeroize_crate as zeroize; + pub use aead::{self, Error, Key, Nonce, Tag}; use aead::{ consts::{U0, U16, U20},