From e98780b39330530a5f8e21ff4c1e67a92a205735 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= Date: Mon, 22 Jun 2020 17:39:18 +0200 Subject: [PATCH] Box zeroize to prevent leaving copies on move. (#358) * Box zeroize to prevent leaving copies in memory. * Trigger build. --- README.md | 4 ++-- src/api/accounts.rs | 11 +++++++++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index a662807a..4aa30c63 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ First, add this to your `Cargo.toml`: web3 = { git = "https://github.com/tomusdrw/rust-web3" } ``` -## Examples +## Example ```rust #[tokio::main] async fn main() -> web3::Result<()> { @@ -100,7 +100,7 @@ web3.api::().custom_method().wait().unwrap() # Installation on Windows Currently, Windows does not support IPC, which is enabled in the library by default. -To complile, you need to disable IPC feature: +To complile, you need to disable the IPC feature: ``` web3 = { version = "0.11.0", default-features = false, features = ["http"] } ``` diff --git a/src/api/accounts.rs b/src/api/accounts.rs index c0efa86e..d2c5f74d 100644 --- a/src/api/accounts.rs +++ b/src/api/accounts.rs @@ -177,7 +177,7 @@ type TxParams = Join3, MaybeReady, MaybeReady { tx: TransactionParameters, - key: ZeroizeSecretKey, + key: Box, inner: TxParams, } @@ -202,7 +202,7 @@ impl SignTransactionFuture { SignTransactionFuture { tx, - key: ZeroizeSecretKey(*key), + key: ZeroizeSecretKey::boxed(*key), inner, } } @@ -350,6 +350,13 @@ impl Transaction { #[derive(Clone, Copy)] struct ZeroizeSecretKey(SecretKey); +impl ZeroizeSecretKey { + /// Create new boxed instance to make sure we don't leak any copies around. + pub fn boxed(key: SecretKey) -> Box { + Box::new(Self(key)) + } +} + impl Default for ZeroizeSecretKey { fn default() -> Self { ZeroizeSecretKey(ONE_KEY)