Zeroize HKDF key on drop (#22)

Author: tofay

Cargo.toml

@@ -16,6 +16,7 @@ openssl-sys = "0.9.104"
 rustls = { version = "0.23.0", default-features = false }
 rustls-webpki = { version = "0.102.2", default-features = false }
 once_cell = "1.8.0"
+zeroize = "1.8.1"
 
 [features]
 default = ["tls12"]

src/hkdf.rs

@@ -8,6 +8,7 @@ use rustls::crypto::hmac::{Hmac as _, Tag};
 use rustls::crypto::tls13::{
     Hkdf as RustlsHkdf, HkdfExpander as RustlsHkdfExpander, OkmBlock, OutputLengthError,
 };
+use zeroize::Zeroize;
 
 const MAX_MD_SIZE: usize = openssl_sys::EVP_MAX_MD_SIZE as usize;
 
@@ -124,6 +125,12 @@ fn add_hkdf_info<T>(ctx: &mut PkeyCtxRef<T>, info: &[&[u8]]) -> Result<(), Error
     Ok(())
 }
 
+impl Drop for HkdfExpander {
+    fn drop(&mut self) {
+        self.private_key.zeroize();
+    }
+}
+
 #[cfg(test)]
 mod test {
     use rustls::crypto::tls13::Hkdf;