diff --git a/Cargo.toml b/Cargo.toml index 5a0de68..2888195 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -29,13 +29,12 @@ travis-ci = { repository = "dalek-cryptography/x25519-dalek", branch = "master"} features = ["nightly"] [dependencies] -curve25519-dalek = { version = "2.0.0-alpha.0", default-features = false } +curve25519-dalek = { version = "2", default-features = false } rand_core = { version = "0.3", default-features = false } -clear_on_drop = { version = "0.2" } # `serde` is renamed to `our_serde` in order to avoid a name collision between # importing the serde dependency and enabling the curve25519-dalek/serde feature our_serde = { package = "serde", version = "1", default-features = false, optional = true, features = ["derive"] } -zeroize = { version = "1", default-features = false } +zeroize = { version = "1", default-features = false, features = ["zeroize_derive"] } [dev-dependencies] bincode = "1" @@ -50,6 +49,6 @@ harness = false default = ["std", "u64_backend"] serde = ["our_serde", "curve25519-dalek/serde"] std = ["curve25519-dalek/std"] -nightly = ["curve25519-dalek/nightly", "clear_on_drop/nightly"] +nightly = ["curve25519-dalek/nightly"] u64_backend = ["curve25519-dalek/u64_backend"] u32_backend = ["curve25519-dalek/u32_backend"] diff --git a/src/lib.rs b/src/lib.rs index de23f56..888a806 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -24,12 +24,12 @@ //! Note that docs will only build on nightly Rust until //! `feature(external_doc)` is stabilized. -extern crate clear_on_drop; - extern crate curve25519_dalek; extern crate rand_core; +extern crate zeroize; + #[cfg(test)] extern crate rand_os; diff --git a/src/x25519.rs b/src/x25519.rs index 2a71a63..0663146 100644 --- a/src/x25519.rs +++ b/src/x25519.rs @@ -14,8 +14,6 @@ //! This implements x25519 key exchange as specified by Mike Hamburg //! and Adam Langley in [RFC7748](https://tools.ietf.org/html/rfc7748). -use clear_on_drop::clear::Clear; - use curve25519_dalek::constants::ED25519_BASEPOINT_TABLE; use curve25519_dalek::montgomery::MontgomeryPoint; use curve25519_dalek::scalar::Scalar; @@ -23,6 +21,8 @@ use curve25519_dalek::scalar::Scalar; use rand_core::CryptoRng; use rand_core::RngCore; +use zeroize::Zeroize; + /// A `PublicKey` is the corresponding public key converted from /// an `EphemeralSecret` or a `StaticSecret` key. #[cfg_attr(feature = "serde", serde(crate = "our_serde"))] @@ -50,15 +50,10 @@ impl PublicKey { /// A `EphemeralSecret` is a short lived Diffie-Hellman secret key /// used to create a `SharedSecret` when given their `PublicKey`. +#[derive(Zeroize)] +#[zeroize(drop)] pub struct EphemeralSecret(pub(crate) Scalar); -/// Overwrite ephemeral secret key material with null bytes when it goes out of scope. -impl Drop for EphemeralSecret { - fn drop(&mut self) { - self.0.clear(); - } -} - impl EphemeralSecret { /// Perform a Diffie-Hellman key agreement between `self` and /// `their_public` key to produce a `SharedSecret`. @@ -95,18 +90,12 @@ impl<'a> From<&'a EphemeralSecret> for PublicKey { feature = "serde", derive(our_serde::Serialize, our_serde::Deserialize) )] -#[derive(Clone)] +#[derive(Clone, Zeroize)] +#[zeroize(drop)] pub struct StaticSecret( #[cfg_attr(feature = "serde", serde(with = "AllowUnreducedScalarBytes"))] pub(crate) Scalar, ); -/// Overwrite static secret key material with null bytes when it goes out of scope. -impl Drop for StaticSecret { - fn drop(&mut self) { - self.0.clear(); - } -} - impl StaticSecret { /// Perform a Diffie-Hellman key agreement between `self` and /// `their_public` key to produce a `SharedSecret`. @@ -149,15 +138,10 @@ impl<'a> From<&'a StaticSecret> for PublicKey { /// A `SharedSecret` is a Diffie-Hellman shared secret that’s generated /// from your `EphemeralSecret` or `StaticSecret` and their `PublicKey`. +#[derive(Zeroize)] +#[zeroize(drop)] pub struct SharedSecret(pub(crate) MontgomeryPoint); -/// Overwrite shared secret material with null bytes when it goes out of scope. -impl Drop for SharedSecret { - fn drop(&mut self) { - self.0.clear(); - } -} - impl SharedSecret { /// View this shared secret key as a byte array. #[inline]