Add zeroize support for sha crates

sha1/Cargo.toml

@@ -15,6 +15,8 @@ rust-version = "1.72"
 [dependencies]
 digest = "=0.11.0-pre.6"
 cfg-if = "1.0"
+# TODO: use zeroize re-exported from digest
+zeroize = { version = "1.4", optional = true, default-features = false }
 
 [target.'cfg(any(target_arch = "aarch64", target_arch = "x86", target_arch = "x86_64"))'.dependencies]
 cpufeatures = "0.2"
@@ -27,6 +29,7 @@ hex-literal = "0.4"
 default = ["oid", "std"]
 std = ["digest/std"]
 oid = ["digest/oid"] # Enable OID support
+zeroize = ["dep:zeroize", "digest/zeroize"]
 force-soft = [] # Force software implementation
 
 [package.metadata.docs.rs]

sha1/src/lib.rs

@@ -37,6 +37,9 @@ pub struct Sha1Core {
     block_len: u64,
 }
 
+/// SHA-1 hasher state.
+pub type Sha1 = CoreWrapper<Sha1Core>;
+
 impl HashMarker for Sha1Core {}
 
 impl BlockSizeUser for Sha1Core {
@@ -109,5 +112,15 @@ impl AssociatedOid for Sha1Core {
     const OID: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.3.14.3.2.26");
 }
 
-/// SHA-1 hasher state.
-pub type Sha1 = CoreWrapper<Sha1Core>;
+impl Drop for Sha1Core {
+    fn drop(&mut self) {
+        #[cfg(feature = "zeroize")]
+        {
+            use zeroize::Zeroize;
+            self.h.zeroize();
+            self.block_len.zeroize();
+        }
+    }
+}
+#[cfg(feature = "zeroize")]
+impl zeroize::ZeroizeOnDrop for Sha1Core {}

sha2/Cargo.toml

@@ -18,6 +18,8 @@ rust-version = "1.72"
 [dependencies]
 digest = "=0.11.0-pre.6"
 cfg-if = "1"
+# TODO: use zeroize re-exported from digest
+zeroize = { version = "1.4", optional = true, default-features = false }
 
 [target.'cfg(any(target_arch = "aarch64", target_arch = "x86_64", target_arch = "x86"))'.dependencies]
 cpufeatures = "0.2"
@@ -30,6 +32,7 @@ hex-literal = "0.4"
 default = ["oid", "std"]
 std = ["digest/std"]
 oid = ["digest/oid"] # Enable OID support
+zeroize = ["dep:zeroize", "digest/zeroize"]
 force-soft = [] # Force software implementation
 
 [package.metadata.docs.rs]

sha2/src/core_api.rs

@@ -11,6 +11,9 @@ use digest::{
     HashMarker, InvalidOutputSize, Output,
 };
 
+#[cfg(feature = "zeroize")]
+use zeroize::{Zeroize, ZeroizeOnDrop};
+
 /// Core block-level SHA-256 hasher with variable output size.
 ///
 /// Supports initialization only for 28 and 32 byte output sizes,
@@ -84,6 +87,19 @@ impl fmt::Debug for Sha256VarCore {
     }
 }
 
+impl Drop for Sha256VarCore {
+    fn drop(&mut self) {
+        #[cfg(feature = "zeroize")]
+        {
+            self.state.zeroize();
+            self.block_len.zeroize();
+        }
+    }
+}
+
+#[cfg(feature = "zeroize")]
+impl ZeroizeOnDrop for Sha256VarCore {}
+
 /// Core block-level SHA-512 hasher with variable output size.
 ///
 /// Supports initialization only for 28, 32, 48, and 64 byte output sizes,
@@ -158,3 +174,15 @@ impl fmt::Debug for Sha512VarCore {
         f.write_str("Sha512VarCore { ... }")
     }
 }
+
+impl Drop for Sha512VarCore {
+    fn drop(&mut self) {
+        #[cfg(feature = "zeroize")]
+        {
+            self.state.zeroize();
+            self.block_len.zeroize();
+        }
+    }
+}
+#[cfg(feature = "zeroize")]
+impl ZeroizeOnDrop for Sha1Core {}

sha3/Cargo.toml

@@ -19,7 +19,8 @@ rust-version = "1.71"
 [dependencies]
 digest = "=0.11.0-pre.6"
 keccak = "0.1.4"
-zeroize = { version = "1.6.0", default-features = false, optional=true } # WARNING: Bumps MSRV to 1.56
+# TODO: use zeroize re-exported from digest
+zeroize = { version = "1.6", optional = true, default-features = false }
 
 [dev-dependencies]
 digest = { version = "=0.11.0-pre.6", features = ["dev"] }
@@ -28,6 +29,7 @@ hex-literal = "0.4"
 [features]
 default = ["oid", "std"]
 std = ["digest/std"]
+zeroize = ["dep:zeroize", "digest/zeroize"]
 
 asm = ["keccak/asm"] # Enable ASM (currently ARMv8 only).
 oid = ["digest/oid"] # Enable OID support.