search

rustic-rs / rustic_core

rustic_core - library for fast, encrypted, deduplicated backups that powers rustic-rs
https://rustic.cli.rs/ecosystem/rustic-core/
Apache License 2.0
31 stars 13 forks source link

Implement zeroing memory for Password and other privacy/security related things #9

Open simonsan opened 1 year ago

simonsan commented 1 year ago

Trait: Zeroize: Securely zero memory with a simple trait (Zeroize) built on stable Rust primitives which guarantee the operation will not be “optimized away”.

use secrecy::{CloneableSecret, DebugSecret, ExposeSecret, Secret, Zeroize};

pub struct Password(String);

impl Zeroize for Password {
    fn zeroize(&mut self) {
        self.0.zeroize();
    }
}

impl DebugSecret for Password {}
impl CloneableSecret for Password {}

/// Our Secret Password
pub type SecretPassword = Secret<Password>;

https://crates.io/crates/secrecy

related: https://github.com/rustic-rs/rustic/issues/534

aawsome commented 1 year ago

This should be already done in the crypto crates, i.e. aes256ctr_poly1305aes.

However, you are right - this holds for the AES and MAC key, but not for the password given by the user. There might be also other sensitive information like connection parameters.

aawsome commented 1 year ago

Actually, this is not yet done in aes256ctr_poly1305aes. So this should be also an issue there...