Better management of key material

author: Mathias Hall-Andersen <mathias@hall-andersen.dk> 2019-08-31 15:03:14 +0200
committer: Mathias Hall-Andersen <mathias@hall-andersen.dk> 2019-08-31 15:03:14 +0200
commit: 51179f5433fbc1617d59e25493a22072c0987726 (patch)
tree: 3034f4ca9d35da77c55750e5c0c058bafeea22ff /src/types/keys.rs
parent: Move to RustCrypto AEAD crate for handshake (diff)
download: wireguard-rs-51179f5433fbc1617d59e25493a22072c0987726.tar.xz
wireguard-rs-51179f5433fbc1617d59e25493a22072c0987726.zip
1 files changed, 10 insertions, 2 deletions
diff --git a/src/types/keys.rs b/src/types/keys.rs
index c39816c..d2c4139 100644
--- a/src/types/keys.rs
+++ b/src/types/keys.rs
@@ -1,15 +1,23 @@
+use clear_on_drop::clear::Clear;
 use std::time::Instant;
 
 /* This file holds types passed between components.
  * Whenever a type cannot be held local to a single module.
  */
 
-#[derive(Debug, Clone, Copy)]
+#[derive(Debug, Clone)]
 pub struct Key {
     pub key: [u8; 32],
     pub id: u32,
 }
 
+// zero key on drop
+impl Drop for Key {
+    fn drop(&mut self) {
+        self.key.clear()
+    }
+}
+
 #[cfg(test)]
 impl PartialEq for Key {
     fn eq(&self, other: &Self) -> bool {
@@ -17,7 +25,7 @@ impl PartialEq for Key {
     }
 }
 
-#[derive(Debug, Clone, Copy)]
+#[derive(Debug, Clone)]
 pub struct KeyPair {
     pub birth: Instant,  // when was the key-pair created
     pub initiator: bool, // has the key-pair been confirmed?
author	Mathias Hall-Andersen <mathias@hall-andersen.dk>	2019-08-31 15:03:14 +0200
committer	Mathias Hall-Andersen <mathias@hall-andersen.dk>	2019-08-31 15:03:14 +0200
commit	51179f5433fbc1617d59e25493a22072c0987726 (patch)
tree	3034f4ca9d35da77c55750e5c0c058bafeea22ff /src/types/keys.rs
parent	Move to RustCrypto AEAD crate for handshake (diff)
download	wireguard-rs-51179f5433fbc1617d59e25493a22072c0987726.tar.xz wireguard-rs-51179f5433fbc1617d59e25493a22072c0987726.zip