Comments (3)
Yep, I should probably call out Vec
explicitly in the docs under the caveats section in regard to things which make copies. I have definitely ranted about it offline quite a bit, and wondered if providing Zeroize
impls for these types, including String
, is a good idea or not. As this crate is effectively "best effort", the intent is to zero out as many copies as possible with the assumption fewer copies is better, leaving avoiding making them in the first place as an exercise to the end user.
Is it possible to provide a
Vec
-like type which zeros the old data during reallocation?
One option is to use heapless::Vec and heapless::String. Otherwise I think functionality beyond the core zeroization behavior is best left to crates which consume zeroize and leverage it as a zeroing backend.
I think the simplest way to avoid problems is to wrap Vec
/String
in a tuple struct/newtype which is ZeroizeOnDrop
and always initialized (even vicariously) with the correct initial capacity so as to avoid reallocation, then only permitting immutable borrows of its contents, which would strategically eliminate the potential for reallocation and ensure it doesn't happen on initialization. Such a type seems like a good thing for a higher-level crate to provide.
I might take a crack at making such a crate. I've been thinking about it for awhile.
from crates.
I recently created secrecy
, which seems like an appropriate place for these sorts of types:
https://github.com/iqlusioninc/crates/tree/develop/secrecy
I'd like to add SecretVec
and a SecretString
(which is backed by SecretVec
)
from crates.
secrecy
v0.3 now contains SecretVec
and SecretString
types (which are really just aliases for Secret<String>
and Secret<Vec>
, which I think addresses the original goals of this issue by both preventing mutations once instantiated as well as ensuring zeroize
-on-drop:
https://docs.rs/secrecy/0.3.1/secrecy/type.SecretVec.html
from crates.
Related Issues (20)
- RUSTSEC-2020-0071: Potential segfault in the time crate
- Implement `Zeroize` for `NonZeroX` HOT 1
- zeroize: implement `Zeroize` for `PhantomData` HOT 3
- MSRV in bip32 README is incorrect HOT 1
- secrecy: Zeroize an serde_json::Value HOT 1
- bip32: why can't private ExtendedKey instances convert to `ExtendedPublicKeys` with `TryFrom`? HOT 2
- secrecy: how should one use `SecretBytesMut`? HOT 2
- Is it possible to get derived address from a private key generated by bip32 crate?
- Cannot clone a `SecretVec<u8>` as `u8` is not `CloneableSecret` HOT 1
- secrecy: Using the serde feature in a no-std environment
- secrecy: Add an example to deserialize a SecretString
- Impl `exposure_count` for `ExposeSecret` trait?
- canonical-path: Repository link is 404
- RUSTSEC-2023-0052: webpki: CPU denial of service in certificate path building
- Support 12 word BIP39 entropy HOT 1
- implemente HasLen trait
- RUSTSEC-2024-0336: `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input
- secrecy: support `ZeroizeOnDrop` HOT 3
- Into version for SecretString expose_secret
- secrecy: Secret.as_ref() ?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from crates.