traits icon indicating copy to clipboard operation
traits copied to clipboard

Published 20 hours ago verified publisher icon RustCrypto

Zeroize for GenericArray based keys

Open dbrgn opened this issue 3 years ago • 2 comments

The xsalsa20poly1305 Key is an alias for GenericArray<u8, <Salsa<R20> as NewCipher>::KeySize>. This means that zeroize is not used, and the key is not zeroed on drop.

I'm not too much familiar with how the different crates and traits interact, but in general it would be desirable if secret keys would be zeroized on drop. According to @tarcieri this repo is the right place to file an issue:

it's defined at a trait-level though, so you can't just fix one crate

dbrgn avatar Jan 10 '22 15:01 dbrgn

To have a proper solution for this we'd need to define a newtype wrapper for AEAD keys.

There are many reasons why this might be a good idea. We could place the random key generation methods on that type, for example.

It'd also permit changing the internal representation of an AEAD key without making a user-facing API change.

tarcieri avatar Jan 10 '22 15:01 tarcieri

Right now we have the Key type alias built on top of the KeySizeUser trait. We could make it a wrapper type instead, but we should be careful about resulting ergonomics.

newpavlov avatar Feb 17 '22 08:02 newpavlov

We are in the process of migrating from generic-array to hybrid-array, so I think we can close this issue.

newpavlov avatar Nov 12 '23 06:11 newpavlov