diff --git a/Cargo.lock b/Cargo.lock
index fdc0ffd198186f1180b32dbdc1d0e1150ba99384..27283b9268fc59a8efe0e158be8c6f5013d379e9 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -556,14 +556,6 @@ dependencies = [
"vec_map 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)",
]
-[[package]]
-name = "clear_on_drop"
-version = "0.2.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "cc 1.0.48 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
[[package]]
name = "cloudabi"
version = "0.0.3"
@@ -861,7 +853,6 @@ dependencies = [
"bs58 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
"byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
"chacha20-poly1305-aead 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "clear_on_drop 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)",
"durs-common-tools 0.2.0",
"failure 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
"log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -870,6 +861,7 @@ dependencies = [
"serde 1.0.104 (registry+https://github.com/rust-lang/crates.io-index)",
"serde_derive 1.0.104 (registry+https://github.com/rust-lang/crates.io-index)",
"unwrap 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "zeroize 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
@@ -1017,7 +1009,6 @@ version = "0.3.0-dev"
dependencies = [
"chrono 0.4.10 (registry+https://github.com/rust-lang/crates.io-index)",
"clap 2.33.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "clear_on_drop 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)",
"dubp-currency-params 0.2.0",
"dup-crypto 0.7.0",
"durs-bc 0.3.0-dev",
@@ -1038,6 +1029,7 @@ dependencies = [
"serde_json 1.0.44 (registry+https://github.com/rust-lang/crates.io-index)",
"structopt 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)",
"unwrap 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "zeroize 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
@@ -3111,6 +3103,25 @@ dependencies = [
"winapi-build 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
]
+[[package]]
+name = "zeroize"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "zeroize_derive 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "zeroize_derive"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "proc-macro2 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "syn 1.0.11 (registry+https://github.com/rust-lang/crates.io-index)",
+ "synstructure 0.12.3 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
[metadata]
"checksum actix-codec 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "09e55f0a5c2ca15795035d90c46bd0e73a5123b72f68f12596d6ba5282051380"
"checksum actix-connect 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "1f2b61480a8d30c94d5c883d79ef026b02ad6809931b0a4bb703f9545cd8c986"
@@ -3164,7 +3175,6 @@ dependencies = [
"checksum chacha20-poly1305-aead 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "77d2058ba29594f69c75e8a9018e0485e3914ca5084e3613cd64529042f5423b"
"checksum chrono 0.4.10 (registry+https://github.com/rust-lang/crates.io-index)" = "31850b4a4d6bae316f7a09e691c944c28299298837edc0a03f755618c23cbc01"
"checksum clap 2.33.0 (registry+https://github.com/rust-lang/crates.io-index)" = "5067f5bb2d80ef5d68b4c87db81601f0b75bca627bc2ef76b141d7b846a3c6d9"
-"checksum clear_on_drop 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "97276801e127ffb46b66ce23f35cc96bd454fa311294bced4bbace7baa8b1d17"
"checksum cloudabi 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "ddfc5b9aa5d4507acaf872de71051dfd0e309860e88966e1051e462a077aac4f"
"checksum colored 1.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "433e7ac7d511768127ed85b0c4947f47a254131e37864b2dc13f52aa32cd37e5"
"checksum combine 3.8.1 (registry+https://github.com/rust-lang/crates.io-index)" = "da3da6baa321ec19e1cc41d31bf599f00c783d0517095cdaf0332e3fe8d20680"
@@ -3390,3 +3400,5 @@ dependencies = [
"checksum winutil 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7daf138b6b14196e3830a588acf1e86966c694d3e8fb026fb105b8b5dca07e6e"
"checksum ws 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)" = "c51a2c47b5798ccc774ffb93ff536aec7c4275d722fd9c740c83cdd1af1f2d94"
"checksum ws2_32-sys 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "d59cefebd0c892fa2dd6de581e937301d8552cb44489cdff035c6187cb63fa5e"
+"checksum zeroize 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "3cbac2ed2ba24cc90f5e06485ac8c7c1e5449fe8911aef4d8877218af021a5b8"
+"checksum zeroize_derive 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "de251eec69fc7c1bc3923403d18ececb929380e016afe103da75f396704f8ca2"
diff --git a/lib/core/conf/src/keypairs/cli.rs b/lib/core/conf/src/keypairs/cli.rs
index 22b5c245c48711dee53f09ef0d47be6553095fc3..03b8f26648c15a7fa64e8f99be09bceb182d89e7 100644
--- a/lib/core/conf/src/keypairs/cli.rs
+++ b/lib/core/conf/src/keypairs/cli.rs
@@ -31,8 +31,8 @@ use crate::*;
use std::io;
#[derive(Debug, Copy, Clone)]
-/// Errors encountered by the wizard
-pub enum WizardError {
+/// Errors encountered by the user interaction
+pub enum CLIError {
/// Canceled
Canceled,
@@ -40,35 +40,22 @@ pub enum WizardError {
BadInput,
}
-impl From<std::io::Error> for WizardError {
+impl From<std::io::Error> for CLIError {
fn from(_e: std::io::Error) -> Self {
- WizardError::BadInput
+ CLIError::BadInput
}
}
/// Modify network keys command
-pub fn modify_network_keys(
- salt: String,
- password: String,
- mut key_pairs: DuniterKeyPairs,
-) -> DuniterKeyPairs {
- let generator = ed25519::KeyPairFromSaltedPasswordGenerator::with_default_parameters();
- key_pairs.network_keypair =
- KeyPairEnum::Ed25519(generator.generate(ed25519::SaltedPassword::new(salt, password)));
- key_pairs
+pub fn modify_network_keys(mut key_pairs: DuniterKeyPairs) -> Result<DuniterKeyPairs, CLIError> {
+ key_pairs.network_keypair = salt_password_prompt()?;
+ Ok(key_pairs)
}
/// Modify member keys command
-pub fn modify_member_keys(
- salt: String,
- password: String,
- mut key_pairs: DuniterKeyPairs,
-) -> DuniterKeyPairs {
- let generator = ed25519::KeyPairFromSaltedPasswordGenerator::with_default_parameters();
- key_pairs.member_keypair = Some(KeyPairEnum::Ed25519(
- generator.generate(ed25519::SaltedPassword::new(salt, password)),
- ));
- key_pairs
+pub fn modify_member_keys(mut key_pairs: DuniterKeyPairs) -> Result<DuniterKeyPairs, CLIError> {
+ key_pairs.member_keypair = Some(salt_password_prompt()?);
+ Ok(key_pairs)
}
/// Ask user for confirmation and Clear keys command
@@ -126,7 +113,7 @@ pub fn show_keys(key_pairs: DuniterKeyPairs) {
pub fn save_keypairs(
profile_path: PathBuf,
keypairs_file_path: &Option<PathBuf>,
- key_pairs: DuniterKeyPairs,
+ key_pairs: &DuniterKeyPairs,
) -> Result<(), std::io::Error> {
let conf_keys_path: PathBuf = if let Some(keypairs_file_path) = keypairs_file_path {
keypairs_file_path.to_path_buf()
@@ -139,7 +126,7 @@ pub fn save_keypairs(
Ok(())
}
-fn question_prompt<'a>(question: &str, answers: &[&'a str]) -> Result<&'a str, WizardError> {
+fn question_prompt<'a>(question: &str, answers: &[&'a str]) -> Result<&'a str, CLIError> {
let mut buf = String::new();
println!("{} ({}):", question, answers.join("/"));
@@ -150,14 +137,14 @@ fn question_prompt<'a>(question: &str, answers: &[&'a str]) -> Result<&'a str, W
let answer = answers.iter().find(|x| **x == buf.trim());
match answer {
Some(&value) => Ok(value),
- None => Err(WizardError::Canceled),
+ None => Err(CLIError::Canceled),
}
}
- Err(_) => Err(WizardError::Canceled),
+ Err(_) => Err(CLIError::Canceled),
}
}
-fn salt_password_prompt() -> Result<KeyPairEnum, WizardError> {
+fn salt_password_prompt() -> Result<KeyPairEnum, CLIError> {
let salt = rpassword::prompt_password_stdout("Salt: ")?;
if !salt.is_empty() {
let password = rpassword::prompt_password_stdout("Password: ")?;
@@ -168,15 +155,15 @@ fn salt_password_prompt() -> Result<KeyPairEnum, WizardError> {
);
Ok(key_pairs)
} else {
- Err(WizardError::BadInput)
+ Err(CLIError::BadInput)
}
} else {
- Err(WizardError::BadInput)
+ Err(CLIError::BadInput)
}
}
/// The wizard key function
-pub fn key_wizard(mut key_pairs: DuniterKeyPairs) -> Result<DuniterKeyPairs, WizardError> {
+pub fn key_wizard(mut key_pairs: DuniterKeyPairs) -> Result<DuniterKeyPairs, CLIError> {
let mut answer = question_prompt("Modify your network keypair?", &["y", "n"])?;
if answer == "y" {
key_pairs.network_keypair = salt_password_prompt()?;
@@ -204,89 +191,6 @@ mod tests {
//static SALT_INIT: &'static str = "initsalt";
//static PASSWORD_INIT: &'static str = "initpassword";
- static BASE58_SEED_TEST: &'static str = "ELjDWGPyCGMuhr7R7H2aip6UJA9qLRepmK77pcD41UqQ";
- static BASE58_PUB_TEST: &'static str = "6sewkaNWyEMqkEa2PVRWrDb3hxWtjPdUSB1zXVCqhdWV";
- static SALT_TEST: &'static str = "testsalt";
- static PASSWORD_TEST: &'static str = "testpassword";
-
- #[test]
- fn test_modify_member_keys() {
- let key_pairs = DuniterKeyPairs {
- network_keypair: KeyPairEnum::Ed25519(ed25519::Ed25519KeyPair {
- seed: Seed32::from_base58(BASE58_SEED_INIT)
- .expect("conf : keypairs file : fail to parse network_seed !"),
- pubkey: ed25519::PublicKey::from_base58(BASE58_PUB_INIT)
- .expect("conf : keypairs file : fail to parse network_pub !"),
- }),
- member_keypair: None,
- };
- let result_key_pairs =
- modify_member_keys(SALT_TEST.to_owned(), PASSWORD_TEST.to_owned(), key_pairs);
- // We expect network key not to change
- assert_eq!(
- result_key_pairs.network_keypair.public_key(),
- PubKey::Ed25519(
- ed25519::PublicKey::from_base58(BASE58_PUB_INIT)
- .expect("Wrong data in BASE58_PUB_TEST")
- )
- );
- assert_eq!(
- result_key_pairs.network_keypair.seed().clone(),
- Seed32::from_base58(BASE58_SEED_INIT).expect("Wrong data in BASE58_SEED_INIT"),
- );
-
- // We expect member key to update as intended
- assert_eq!(
- unwrap!(
- result_key_pairs.member_keypair.clone(),
- "conf: member_keypair must have a value"
- )
- .public_key(),
- PubKey::Ed25519(unwrap!(
- ed25519::PublicKey::from_base58(BASE58_PUB_TEST),
- "Wrong data in BASE58_PUB_TEST"
- ))
- );
- assert_eq!(
- result_key_pairs
- .member_keypair
- .clone()
- .expect("conf: member_keypair must have a value")
- .seed()
- .clone(),
- Seed32::from_base58(BASE58_SEED_TEST).expect("Wrong data in BASE58_SEED_TEST"),
- );
- }
-
- #[test]
- fn test_modify_network_keys() {
- let key_pairs = DuniterKeyPairs {
- network_keypair: KeyPairEnum::Ed25519(ed25519::Ed25519KeyPair {
- seed: Seed32::from_base58(BASE58_SEED_INIT)
- .expect("conf : keypairs file : fail to parse network_seed !"),
- pubkey: ed25519::PublicKey::from_base58(BASE58_PUB_INIT)
- .expect("conf : keypairs file : fail to parse network_pub !"),
- }),
- member_keypair: None,
- };
- let result_key_pairs =
- modify_network_keys(SALT_TEST.to_owned(), PASSWORD_TEST.to_owned(), key_pairs);
- // We expect network key to update
- assert_eq!(
- result_key_pairs.network_keypair.public_key(),
- PubKey::Ed25519(
- ed25519::PublicKey::from_base58(BASE58_PUB_TEST)
- .expect("Wrong data in BASE58_PUB_TEST")
- )
- );
- assert_eq!(
- result_key_pairs.network_keypair.seed().clone(),
- Seed32::from_base58(BASE58_SEED_TEST).expect("Wrong data in BASE58_SEED_TEST")
- );
- // We expect member key not to change
- assert_eq!(result_key_pairs.member_keypair, None);
- }
-
#[test]
fn test_clear_network_keys() {
let key_pairs = DuniterKeyPairs {
diff --git a/lib/core/core/Cargo.toml b/lib/core/core/Cargo.toml
index 5b7526bfa04c97a623b43a9eda7ea5b68a0f5e0a..3e5bffb6cfba707910822443f8197f590eb77911 100644
--- a/lib/core/core/Cargo.toml
+++ b/lib/core/core/Cargo.toml
@@ -12,7 +12,6 @@ path = "src/lib.rs"
[dependencies]
chrono = "0.4"
clap = "2.33.0"
-clear_on_drop = "0.2.3"
durs-bc = { path = "../../modules/blockchain/blockchain" }
durs-common-tools = { path = "../../tools/common-tools" }
durs-bc-db-reader = { path = "../../modules-lib/bc-db-reader" }
@@ -33,5 +32,6 @@ serde_derive = "1.0.*"
serde_json = "1.0.*"
structopt= "0.3.9"
unwrap = "1.2.1"
+zeroize = { version = "1.1.0", features = ["zeroize_derive"] }
[features]
diff --git a/lib/core/core/src/commands/keys.rs b/lib/core/core/src/commands/keys.rs
index 61736c8978c51c4ea9a310b8aae210964007cb51..b0abf7bbe2dbe559f4d601450b476ca384963a3e 100644
--- a/lib/core/core/src/commands/keys.rs
+++ b/lib/core/core/src/commands/keys.rs
@@ -19,11 +19,11 @@ use crate::commands::DursExecutableCoreCommand;
use crate::errors::DursCoreError;
use crate::DursCore;
use clap::arg_enum;
-use clear_on_drop::clear::Clear;
use durs_conf::keypairs::cli::*;
use durs_conf::DuRsConf;
+use zeroize::Zeroize;
-#[derive(StructOpt, Debug, Clone)]
+#[derive(StructOpt, Debug, Clone, Copy)]
#[structopt(
name = "keys",
author = "inso <inso@tuta.io>",
@@ -36,7 +36,7 @@ pub struct KeysOpt {
pub subcommand: KeysSubCommand,
}
-#[derive(StructOpt, Debug, Clone)]
+#[derive(StructOpt, Debug, Clone, Copy)]
/// keys subcommands
pub enum KeysSubCommand {
/// Modify keys
@@ -72,7 +72,7 @@ pub enum KeysSubCommand {
Wizard(WizardOpt),
}
-#[derive(StructOpt, Debug, Clone)]
+#[derive(StructOpt, Debug, Clone, Copy)]
/// ModifyOpt
pub struct ModifyOpt {
#[structopt(subcommand)]
@@ -80,16 +80,16 @@ pub struct ModifyOpt {
pub subcommand: ModifySubCommand,
}
-#[derive(StructOpt, Debug, Clone)]
+#[derive(StructOpt, Debug, Clone, Copy)]
/// keys modify subcommands
pub enum ModifySubCommand {
#[structopt(name = "member", setting(structopt::clap::AppSettings::ColoredHelp))]
/// Salt and password of member key
- MemberSaltPassword(SaltPasswordOpt),
+ MemberSaltPassword,
#[structopt(name = "network", setting(structopt::clap::AppSettings::ColoredHelp))]
/// Salt and password of network key
- NetworkSaltPassword(SaltPasswordOpt),
+ NetworkSaltPassword,
}
arg_enum! {
@@ -121,26 +121,6 @@ pub struct ClearOpt {
key: KeyKind,
}
-#[derive(StructOpt, Debug, Clone)]
-/// SaltPasswordOpt
-pub struct SaltPasswordOpt {
- #[structopt(long = "salt")]
- /// Salt of key generator
- pub salt: String,
-
- #[structopt(long = "password")]
- /// Password of key generator
- pub password: String,
-}
-
-impl Drop for SaltPasswordOpt {
- #[inline]
- fn drop(&mut self) {
- <String as Clear>::clear(&mut self.salt);
- <String as Clear>::clear(&mut self.password);
- }
-}
-
#[derive(StructOpt, Debug, Copy, Clone)]
/// WizardOpt
pub struct WizardOpt {}
@@ -154,46 +134,40 @@ impl DursExecutableCoreCommand for KeysOpt {
let profile_path = durs_core.soft_meta_datas.profile_path;
let keypairs_file = durs_core.options.keypairs_file;
let keypairs = durs_core.keypairs;
+ let new_keypairs;
match self.subcommand {
KeysSubCommand::Wizard(_) => {
- let new_keypairs = key_wizard(keypairs)?;
- save_keypairs(profile_path, &keypairs_file, new_keypairs)
- .map_err(DursCoreError::FailWriteKeypairsFile)
+ new_keypairs = key_wizard(keypairs)?;
+ save_keypairs(profile_path, &keypairs_file, &new_keypairs)
}
KeysSubCommand::Modify(modify_opt) => match modify_opt.subcommand {
- ModifySubCommand::NetworkSaltPassword(network_opt) => {
- let new_keypairs = modify_network_keys(
- network_opt.salt.clone(),
- network_opt.password.clone(),
- keypairs,
- );
- save_keypairs(profile_path, &keypairs_file, new_keypairs)
- .map_err(DursCoreError::FailWriteKeypairsFile)
+ ModifySubCommand::NetworkSaltPassword => {
+ new_keypairs = modify_network_keys(keypairs)?;
+ save_keypairs(profile_path, &keypairs_file, &new_keypairs)
}
- ModifySubCommand::MemberSaltPassword(member_opt) => {
- let new_keypairs = modify_member_keys(
- member_opt.salt.clone(),
- member_opt.password.clone(),
- keypairs,
- );
- save_keypairs(profile_path, &keypairs_file, new_keypairs)
- .map_err(DursCoreError::FailWriteKeypairsFile)
+ ModifySubCommand::MemberSaltPassword => {
+ new_keypairs = modify_member_keys(keypairs)?;
+ save_keypairs(profile_path, &keypairs_file, &new_keypairs)
}
},
KeysSubCommand::Clear(clear_opt) => {
- let new_keypairs = clear_keys(
+ new_keypairs = clear_keys(
clear_opt.key.is_network(),
clear_opt.key.is_member(),
keypairs,
);
- save_keypairs(profile_path, &keypairs_file, new_keypairs)
- .map_err(DursCoreError::FailWriteKeypairsFile)
+ save_keypairs(profile_path, &keypairs_file, &new_keypairs)
}
KeysSubCommand::Show(_) => {
- show_keys(keypairs);
+ new_keypairs = keypairs;
Ok(())
}
}
+ .map_err(DursCoreError::FailWriteKeypairsFile)
+ .and_then(|_| {
+ show_keys(new_keypairs);
+ Ok(())
+ })
}
}
diff --git a/lib/core/core/src/errors.rs b/lib/core/core/src/errors.rs
index 9e40dd0e69e61eca4a37143fad08569106380441..dda4404f1c241f3adcc5a25ec95f15d5e8598b02 100644
--- a/lib/core/core/src/errors.rs
+++ b/lib/core/core/src/errors.rs
@@ -17,7 +17,7 @@
use crate::logger::InitLoggerError;
use dubp_currency_params::db::CurrencyParamsDbError;
-use durs_conf::keypairs::cli::WizardError;
+use durs_conf::keypairs::cli::CLIError;
use durs_module::{ModuleStaticName, PlugModuleError};
use failure::{Error, Fail};
@@ -67,7 +67,7 @@ pub enum DursCoreError {
SyncWithoutSource,
/// Error on keys sub-command
#[fail(display = "Error en keys sub-command")]
- WizardKeysError(WizardError),
+ WizardKeysError(CLIError),
}
impl From<InitLoggerError> for DursCoreError {
@@ -76,8 +76,8 @@ impl From<InitLoggerError> for DursCoreError {
}
}
-impl From<WizardError> for DursCoreError {
- fn from(e: WizardError) -> Self {
+impl From<CLIError> for DursCoreError {
+ fn from(e: CLIError) -> Self {
DursCoreError::WizardKeysError(e)
}
}
diff --git a/lib/crypto/Cargo.toml b/lib/crypto/Cargo.toml
index 06bf66cec28c0ef8fab90b0bf06bd31a05c383af..e5eb0616ee5e798c6c86fdb2af62a73e0a0f2b42 100644
--- a/lib/crypto/Cargo.toml
+++ b/lib/crypto/Cargo.toml
@@ -17,7 +17,6 @@ base64 = "0.11.0"
bs58 = "0.3.0"
byteorder = "1.3.2"
chacha20-poly1305-aead = "0.1.2"
-clear_on_drop = "0.2.3"
failure = "0.1.5"
ring = "0.16.9"
scrypt = { version = "0.2", default-features = false }
@@ -26,6 +25,7 @@ serde_derive = "1.0.*"
durs-common-tools = { path = "../tools/common-tools", version = "0.2.0" }
log = "0.4.*"
unwrap = "1.2.1"
+zeroize = { version = "1.1.0", features = ["zeroize_derive"] }
[dev-dependencies]
bincode = "1.2.0"
diff --git a/lib/crypto/src/keys/ed25519.rs b/lib/crypto/src/keys/ed25519.rs
index bfb8cc9ced64bdb704323b53fd9f8a878300c613..d0aac4b714bffbc5aa36a9ad4abce8474b4c6e3f 100644
--- a/lib/crypto/src/keys/ed25519.rs
+++ b/lib/crypto/src/keys/ed25519.rs
@@ -25,7 +25,6 @@ use crate::bases::b58::{bytes_to_str_base58, ToBase58};
use crate::bases::*;
use crate::seeds::Seed32;
use base64;
-use clear_on_drop::clear::Clear;
use ring::signature::{Ed25519KeyPair as RingKeyPair, KeyPair, UnparsedPublicKey, ED25519};
use serde::de::{Deserialize, Deserializer, Error, SeqAccess, Visitor};
use serde::ser::{Serialize, SerializeTuple, Serializer};
@@ -35,6 +34,7 @@ use std::fmt::{Debug, Display, Formatter};
use std::hash::{Hash, Hasher};
use std::marker::PhantomData;
use unwrap::unwrap;
+use zeroize::Zeroize;
/// Maximal size of a public key in bytes
pub static PUBKEY_SIZE_IN_BYTES: &usize = &32;
@@ -333,6 +333,8 @@ impl KeyPairFromSeed32Generator {
}
}
+#[derive(Zeroize)]
+#[zeroize(drop)]
/// Salted password
pub struct SaltedPassword {
salt: String,
@@ -346,14 +348,6 @@ impl SaltedPassword {
}
}
-impl Drop for SaltedPassword {
- #[inline]
- fn drop(&mut self) {
- <String as Clear>::clear(&mut self.salt);
- <String as Clear>::clear(&mut self.password);
- }
-}
-
/// Keypair generator with given parameters for `scrypt` keypair function.
#[derive(Copy, Clone)]
pub struct KeyPairFromSaltedPasswordGenerator {
diff --git a/lib/crypto/src/seeds.rs b/lib/crypto/src/seeds.rs
index ab9d9f68d2ffc8c561d391d715b42b9c1368b1f1..7d03033ca6d1b12d5b4a3c33da40afaa9717818a 100644
--- a/lib/crypto/src/seeds.rs
+++ b/lib/crypto/src/seeds.rs
@@ -17,13 +17,14 @@
use crate::bases::b58::{bytes_to_str_base58, ToBase58};
use crate::bases::*;
-use clear_on_drop::clear::Clear;
use durs_common_tools::fatal_error;
use ring::rand;
use std::fmt::{self, Debug, Display, Formatter};
+use zeroize::Zeroize;
/// Store a 32 bytes seed used to generate keys.
-#[derive(Clone, Default, Deserialize, PartialEq, Eq, Hash, Serialize)]
+#[derive(Clone, Default, Deserialize, PartialEq, Eq, Hash, Serialize, Zeroize)]
+#[zeroize(drop)]
pub struct Seed32([u8; 32]);
impl AsRef<[u8]> for Seed32 {
@@ -50,13 +51,6 @@ impl Display for Seed32 {
}
}
-impl Drop for Seed32 {
- #[inline]
- fn drop(&mut self) {
- <[u8; 32] as Clear>::clear(&mut self.0);
- }
-}
-
impl Seed32 {
#[inline]
/// Create new seed