Skip to content

Zero data when dropped in Rust

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT
Notifications You must be signed in to change notification settings

burdges/zerodrop-rs

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Nolonger maintained. Used ClearOnDrop instead.

A thin wrapper for Box that zeros its data when dropped

build status documenation crates.io link

Documentation

There are many types of data that should be erased when nolonger needed, with cryptographic key material being an extreme example. This crate provides simple wrapper types that zero their contents when dropped. See the documentation.

We cannot recommend this crate for all cryptographic applications because it lacks support for mlock. There is no way to support mlock with less than a full fledged allocator because if several mlock calls lock the same page then the first munlock call will unlock that page completely.

There are two crates secrets and tars that provides such an allocator, which you should use if you want real protection. These crates predate the recently added allocator traits however, so things remain in flux for now.

We believe this crate provides an API similar enough to an allocator wrapping mlock that code developed using it and later ported to a full fledged allocator. In particular, we operate only upon Boxed data and provide no methods that return data to the stack where it could not be erased reliably.

Installation

This crate works with Cargo and is on crates.io. Add it to your Cargo.toml with:

[dependencies]
zerodrop = "^0.1"

Use the crate like:

extern crate zerodrop;

...

About

Zero data when dropped in Rust

Resources

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages