#zero #drop #erasure

nightly zerodrop

Zero boxed data when dropped. Nolonger maintained. Use ClearOnDrop at https://github.com/cesarb/clear_on_drop/ instead.

1 unstable release

Uses old Rust 2015

0.1.4 Feb 2, 2017
0.1.3 Jan 14, 2017
0.1.2 Jan 13, 2017
0.1.1 Jan 13, 2017
0.1.0 Jan 12, 2017

#1566 in Cryptography

MIT/Apache

19KB
264 lines

Nolonger maintained. Used ClearOnDrop instead.

A thin wrapper for Box that zeros its data when dropped

build status documenation crates.io link

Documentation

There are many types of data that should be erased when nolonger needed, with cryptographic key material being an extreme example. This crate provides simple wrapper types that zero their contents when dropped. See the documentation.

We cannot recommend this crate for all cryptographic applications because it lacks support for mlock. There is no way to support mlock with less than a full fledged allocator because if several mlock calls lock the same page then the first munlock call will unlock that page completely.

There are two crates secrets and tars that provides such an allocator, which you should use if you want real protection. These crates predate the recently added allocator traits however, so things remain in flux for now.

We believe this crate provides an API similar enough to an allocator wrapping mlock that code developed using it and later ported to a full fledged allocator. In particular, we operate only upon Boxed data and provide no methods that return data to the stack where it could not be erased reliably.

Installation

This crate works with Cargo and is on crates.io. Add it to your Cargo.toml with:

[dependencies]
zerodrop = "^0.1"

Use the crate like:

extern crate zerodrop;

...

Dependencies

~595KB