block-buffer: add optional Zeroize implementation (#963)

Author: newpavlov

Cargo.lock

@@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - `ReadBuffer` type ([#823])
 - `serialize` and `deserialize` methods ([#823])
+- Optional implementation of the `Zeroize` trait ([#963])
 
 ### Changed
 - Supported block sizes are now bounded by the `crypto_common::BlockSizes` trait,
@@ -20,6 +21,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - `EagerBuffer::set_data` method. Use the `ReadBuffer` type instead. ([#823])
 
 [#823]: https://github.com/RustCrypto/utils/pull/823
+[#963]: https://github.com/RustCrypto/utils/pull/963
 
 ## 0.10.3 (2022-09-04)
 ### Added

block-buffer/CHANGELOG.md

@@ -14,6 +14,7 @@ readme = "README.md"
 [dependencies]
 crypto-common = "0.2.0-pre"
 generic-array = "0.14"
+zeroize = { version = "1.4", optional = true, default-features = false }
 
 [dev-dependencies]
 hex-literal = "0.3.3"

block-buffer/Cargo.toml

@@ -15,6 +15,8 @@ use generic_array::{
     typenum::{Add1, B1},
     ArrayLength, GenericArray,
 };
+#[cfg(feature = "zeroize")]
+use zeroize::Zeroize;
 
 mod read;
 mod sealed;
@@ -333,3 +335,12 @@ impl<BS: BlockSizes> BlockBuffer<BS, Lazy> {
         })
     }
 }
+
+#[cfg(feature = "zeroize")]
+impl<BS: BlockSizes, K: BufferKind> Zeroize for BlockBuffer<BS, K> {
+    #[inline]
+    fn zeroize(&mut self) {
+        self.buffer.zeroize();
+        self.pos.zeroize();
+    }
+}

block-buffer/src/lib.rs

@@ -1,6 +1,8 @@
 use super::{Block, Error};
 use core::{fmt, slice};
 use crypto_common::{BlockSizeUser, BlockSizes};
+#[cfg(feature = "zeroize")]
+use zeroize::Zeroize;
 
 /// Buffer for reading block-generated data.
 pub struct ReadBuffer<BS: BlockSizes> {
@@ -146,3 +148,11 @@ impl<BS: BlockSizes> ReadBuffer<BS> {
         (blocks, right)
     }
 }
+
+#[cfg(feature = "zeroize")]
+impl<BS: BlockSizes> Zeroize for ReadBuffer<BS> {
+    #[inline]
+    fn zeroize(&mut self) {
+        self.buffer.zeroize();
+    }
+}

block-buffer/src/read.rs

@@ -3,7 +3,10 @@ use generic_array::{ArrayLength, GenericArray};
 
 /// Sealed trait for buffer kinds.
 pub trait Sealed {
+    #[cfg(not(feature = "zeroize"))]
     type Pos: Default + Clone;
+    #[cfg(feature = "zeroize")]
+    type Pos: Default + Clone + zeroize::Zeroize;
 
     fn get_pos(buf: &[u8], pos: &Self::Pos) -> usize;