RustCrypto · kayabaNerve · Nov 12, 2023 · Nov 12, 2023 · Nov 12, 2023 · Nov 12, 2023
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/blake2/Cargo.toml b/blake2/Cargo.toml
@@ -13,6 +13,7 @@ categories = ["cryptography", "no-std"]
 
 [dependencies]
 digest = { version = "0.10.7", features = ["mac"] }
+zeroize_crate = { package = "zeroize", version = "1", default-features = false, optional = true }
 
 [dev-dependencies]
 digest = { version = "0.10.7", features = ["dev"] }
@@ -26,3 +27,4 @@ simd = []
 simd_opt = ["simd"]
 simd_asm = ["simd_opt"]
 size_opt = [] # Optimize for code size. Removes some `inline(always)`
+zeroize = ["zeroize_crate"] # Implement ZeroizeOnDrop for Digest implementors
diff --git a/blake2/src/macros.rs b/blake2/src/macros.rs
@@ -243,6 +243,17 @@ macro_rules! blake2_impl {
             }
         }
 
+        #[cfg(feature = "zeroize")]
+        impl Drop for $name {
+            fn drop(&mut self) {
+                use zeroize_crate::Zeroize;
+                self.h.zeroize();
+                self.t.zeroize();
+            }
+        }
+        #[cfg(feature = "zeroize")]
+        impl zeroize_crate::ZeroizeOnDrop for $name {}
+
         impl fmt::Debug for $name {
             fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
                 f.write_str(concat!(stringify!($name), " { ... }"))

diff --git a/blake2/src/simd/simdty.rs b/blake2/src/simd/simdty.rs
@@ -50,6 +50,16 @@ decl_simd! {
                          pub T, pub T, pub T, pub T);
 }
 
+#[cfg(feature = "zeroize")]
+impl<T: zeroize_crate::Zeroize> zeroize_crate::Zeroize for Simd4<T> {
+    fn zeroize(&mut self) {
+        self.0.zeroize();
+        self.1.zeroize();
+        self.2.zeroize();
+        self.3.zeroize();
+    }
+}
+
 pub type u64x2 = Simd2<u64>;
 
 pub type u32x4 = Simd4<u32>;

diff --git a/sha1/Cargo.toml b/sha1/Cargo.toml
@@ -14,6 +14,7 @@ categories = ["cryptography", "no-std"]
 [dependencies]
 digest = "0.10.7"
 cfg-if = "1.0"
+zeroize_crate = { package = "zeroize", version = "1", default-features = false, optional = true }
 
 [target.'cfg(any(target_arch = "aarch64", target_arch = "x86", target_arch = "x86_64"))'.dependencies]
 cpufeatures = "0.2"
@@ -33,6 +34,7 @@ asm = ["sha1-asm"] # WARNING: this feature SHOULD NOT be enabled by library crat
 loongarch64_asm = []
 compress = [] # Expose compress function
 force-soft = [] # Force software implementation
+zeroize = ["zeroize_crate"] # Implement ZeroizeOnDrop for Digest implementors
 
 [package.metadata.docs.rs]
 all-features = true

diff --git a/sha1/src/lib.rs b/sha1/src/lib.rs
@@ -150,6 +150,17 @@ impl AlgorithmName for Sha1Core {
     }
 }
 
+#[cfg(feature = "zeroize")]
+impl Drop for Sha1Core {
+    fn drop(&mut self) {
+        use zeroize_crate::Zeroize;
+        self.h.zeroize();
+        self.block_len.zeroize();
+    }
+}
+#[cfg(feature = "zeroize")]
+impl zeroize_crate::ZeroizeOnDrop for Sha1Core {}
+
 impl fmt::Debug for Sha1Core {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         f.write_str("Sha1Core { ... }")

diff --git a/sha2/Cargo.toml b/sha2/Cargo.toml
@@ -17,6 +17,7 @@ categories = ["cryptography", "no-std"]
 [dependencies]
 digest = "0.10.7"
 cfg-if = "1.0"
+zeroize_crate = { package = "zeroize", version = "1", default-features = false, optional = true }
 
 [target.'cfg(any(target_arch = "aarch64", target_arch = "x86_64", target_arch = "x86"))'.dependencies]
 cpufeatures = "0.2"
@@ -37,6 +38,7 @@ loongarch64_asm = []
 compress = [] # Expose compress functions
 force-soft = [] # Force software implementation
 asm-aarch64 = ["asm"] # DEPRECATED: use `asm` instead
+zeroize = ["zeroize_crate"] # Implement ZeroizeOnDrop for Digest implementors
 
 [package.metadata.docs.rs]
 all-features = true

diff --git a/sha2/src/core_api.rs b/sha2/src/core_api.rs
@@ -75,6 +75,17 @@ impl AlgorithmName for Sha256VarCore {
     }
 }
 
+#[cfg(feature = "zeroize")]
+impl Drop for Sha256VarCore {
+    fn drop(&mut self) {
+        use zeroize_crate::Zeroize;
+        self.state.zeroize();
+        self.block_len.zeroize();
+    }
+}
+#[cfg(feature = "zeroize")]
+impl zeroize_crate::ZeroizeOnDrop for Sha256VarCore {}
+
 impl fmt::Debug for Sha256VarCore {
     #[inline]
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
@@ -149,6 +160,17 @@ impl AlgorithmName for Sha512VarCore {
     }
 }
 
+#[cfg(feature = "zeroize")]
+impl Drop for Sha512VarCore {
+    fn drop(&mut self) {
+        use zeroize_crate::Zeroize;
+        self.state.zeroize();
+        self.block_len.zeroize();
+    }
+}
+#[cfg(feature = "zeroize")]
+impl zeroize_crate::ZeroizeOnDrop for Sha512VarCore {}
+
 impl fmt::Debug for Sha512VarCore {
     #[inline]
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {

diff --git a/sha3/Cargo.toml b/sha3/Cargo.toml
@@ -26,7 +26,7 @@ hex-literal = "0.2.2"
 
 [features]
 default = ["std"]
-std = ["digest/std"]
+std = ["digest/std", "zeroize?/std"]
 
 asm = ["keccak/asm"] # Enable ASM (currently ARMv8 only). WARNING: Bumps MSRV to 1.59
 oid = ["digest/oid"] # Enable OID support. WARNING: Bumps MSRV to 1.57