crypto-bigint: add zeroize feature (#461)

tarcieri · web-flow · commit 01c945e05d86 · 2021-06-02T11:57:02.000-07:00
Adds an optional `Zeroize` impl on `UInt`.
diff --git a/.github/workflows/crypto-bigint.yml b/.github/workflows/crypto-bigint.yml
@@ -37,6 +37,7 @@ jobs:
           override: true
       - run: cargo build --target ${{ matrix.target }} --release
       - run: cargo build --target ${{ matrix.target }} --release --features generic-array
+      - run: cargo build --target ${{ matrix.target }} --release --features zeroize
 
   test:
     runs-on: ubuntu-latest
@@ -67,6 +68,7 @@ jobs:
       - run: ${{ matrix.deps }}
       - run: cargo test --target ${{ matrix.target }} --release
       - run: cargo test --target ${{ matrix.target }} --release --features generic-array
+      - run: cargo test --target ${{ matrix.target }} --release --features zeroize
       - run: cargo test --target ${{ matrix.target }} --release --all-features
 
   # Cross-compiled tests
@@ -99,4 +101,5 @@ jobs:
       - run: cargo install cross
       - run: cross test --target ${{ matrix.target }} --release
       - run: cross test --target ${{ matrix.target }} --release --features generic-array
+      - run: cross test --target ${{ matrix.target }} --release --features zeroize
       - run: cross test --target ${{ matrix.target }} --release --all-features
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/crypto-bigint/Cargo.toml b/crypto-bigint/Cargo.toml
@@ -17,6 +17,7 @@ readme = "README.md"
 [dependencies]
 generic-array = { version = "0.14", optional = true }
 subtle = { version = "2.4", default-features = false }
+zeroize = { version = "1", optional = true,  default-features = false }
 
 [dev-dependencies]
 hex-literal = "0.3"
diff --git a/crypto-bigint/src/uint.rs b/crypto-bigint/src/uint.rs
@@ -19,6 +19,9 @@ use crate::{Concat, Limb, NumBits, NumBytes, Split};
 use core::{cmp::Ordering, fmt};
 use subtle::{Choice, ConstantTimeEq, ConstantTimeGreater, ConstantTimeLess};
 
+#[cfg(feature = "zeroize")]
+use zeroize::Zeroize;
+
 /// Big unsigned integer.
 ///
 /// Generic over the given number of `LIMBS`
@@ -64,6 +67,13 @@ impl<const LIMBS: usize> AsRef<[Limb]> for UInt<LIMBS> {
     }
 }
 
+// TODO(tarcieri): eventually phase this out?
+impl<const LIMBS: usize> AsMut<[Limb]> for UInt<LIMBS> {
+    fn as_mut(&mut self) -> &mut [Limb] {
+        &mut self.limbs
+    }
+}
+
 impl<const LIMBS: usize> Default for UInt<LIMBS> {
     fn default() -> Self {
         Self::ZERO
@@ -121,6 +131,14 @@ impl<const LIMBS: usize> fmt::UpperHex for UInt<LIMBS> {
     }
 }
 
+#[cfg(feature = "zeroize")]
+#[cfg_attr(docsrs, doc(cfg(feature = "zeroize")))]
+impl<const LIMBS: usize> Zeroize for UInt<LIMBS> {
+    fn zeroize(&mut self) {
+        self.limbs.zeroize();
+    }
+}
+
 // TODO(tarcieri): use `const_evaluatable_checked` when stable to make generic around bits.
 impl_uint_aliases! {
     (U64, 64, "64-bit"),
