impl CryptoBlockRng and ZeroizeOnDrop for Rng and RngCore

RustCrypto · Apr 11, 2024 · 1d15d68 · 1d15d68
1 parent 304f2bb
commit 1d15d68
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 1 deletion.
diff --git a/chacha20/src/rng.rs b/chacha20/src/rng.rs
@@ -9,7 +9,7 @@
 use core::fmt::Debug;
 
 use rand_core::{
-    block::{BlockRng, BlockRngCore},
+    block::{BlockRng, BlockRngCore, CryptoBlockRng},
     CryptoRng, Error, RngCore, SeedableRng,
 };
 
@@ -346,8 +346,17 @@ macro_rules! impl_chacha_rng {
             }
         }
 
+        impl CryptoBlockRng for $ChaChaXCore {}
         impl CryptoRng for $ChaChaXRng {}
 
+        #[cfg(feature = "zeroize")]
+        #[cfg_attr(docsrs, doc(cfg(feature = "zeroize")))]
+        impl ZeroizeOnDrop for $ChaChaXCore {}
+
+        #[cfg(feature = "zeroize")]
+        #[cfg_attr(docsrs, doc(cfg(feature = "zeroize")))]
+        impl ZeroizeOnDrop for $ChaChaXRng {}
+
         // Custom Debug implementation that does not expose the internal state
         impl Debug for $ChaChaXRng {
             fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {

diff --git a/rust-toolchain.toml.save b/rust-toolchain.toml.save
@@ -0,0 +1,38 @@
+// Tested for N=32; could be bugs in the loop bounds for other N
+// returns bytes written, like fwrite: N means no error, 0 means error in all fwrites
+size_t LongNumPrint( uint8_t *num, size_t N)
+{
+    // caller can print a name if it wants
+
+    const int revbufsize = 8192;      // 8kiB on the stack should be fine
+    alignas(32) char revbuf[revbufsize];
+
+    if (N<32) {
+        // TODO: maybe use a smaller revbuf for this case to avoid touching new stack pages
+        ASCIIrev32B(revbuf, num);   // the data we want is at the *end* of a 32-byte reverse
+        return fwrite(revbuf+32-N, 1, N, stdout);
+    }
+
+    size_t bytes_written = 0;
+    const uint8_t *inp = num+N;  // start with last 32 bytes of num[]
+    do {
+        size_t chunksize = (inp - num >= revbufsize) ? revbufsize : inp - num;
+
+        const uint8_t *inp_stop = inp - chunksize + 32;   // leave one full vector for the end
+        uint8_t *outp = revbuf;
+        while (inp > inp_stop) {        // may run 0 times
+            inp -= 32;
+            ASCIIrev32B(outp, inp);
+            outp += 32;
+        }
+        // reverse first (lowest address) 32 bytes of this chunk of num
+        // into last 32 bytes of this chunk of revbuf
+        // if chunksize%32 != 0 this will overlap, which is fine.
+        ASCIIrev32B(revbuf + chunksize - 32, inp_stop - 32);
+        bytes_written += fwrite(revbuf, 1, chunksize, stdout);
+        inp = inp_stop - 32;
+    } while ( inp > num );
+
+    return bytes_written;
+    // caller can putchar('\n') if it wants
+}