Make zeroize optional for all crates (#644)

aes-gcm-siv/Cargo.toml

@@ -23,7 +23,7 @@ cipher = "=0.5.0-pre.7"
 ctr = "0.10.0-pre.2"
 polyval = { version = "0.7.0-rc.0", default-features = false }
 subtle = { version = "2", default-features = false }
-zeroize = { version = "1", default-features = false }
+zeroize = { version = "1", optional = true, default-features = false }
 
 [dev-dependencies]
 aead = { version = "0.6.0-rc.0", features = ["dev"], default-features = false }

aes-gcm-siv/src/lib.rs

@@ -95,7 +95,6 @@ use cipher::{
     BlockCipherEncrypt, BlockSizeUser, InnerIvInit, StreamCipherCore,
 };
 use polyval::{universal_hash::UniversalHash, Polyval};
-use zeroize::Zeroize;
 
 /// AES is optional to allow swapping in hardware-specific backends.
 #[cfg(feature = "aes")]
@@ -261,9 +260,13 @@ where
 
         // Zeroize all intermediate buffers
         // TODO(tarcieri): use `Zeroizing` when const generics land
-        mac_key.as_mut_slice().zeroize();
-        enc_key.as_mut_slice().zeroize();
-        block.as_mut_slice().zeroize();
+        #[cfg(feature = "zeroize")]
+        {
+            use zeroize::Zeroize;
+            mac_key.as_mut_slice().zeroize();
+            enc_key.as_mut_slice().zeroize();
+            block.as_mut_slice().zeroize();
+        }
 
         result
     }

aes-siv/Cargo.toml

@@ -24,7 +24,7 @@ cmac = "0.8.0-pre.2"
 ctr = "0.10.0-pre.2"
 dbl = "0.4.0-rc.1"
 digest = { version = "=0.11.0-pre.9", features = ["mac"] }
-zeroize = { version = "1", default-features = false }
+zeroize = { version = "1", optional = true, default-features = false }
 
 # optional dependencies
 pmac = { version = "0.8.0-pre.2", optional = true }

aes-siv/src/siv.rs

@@ -81,7 +81,6 @@ use cmac::Cmac;
 use core::ops::Add;
 use dbl::Dbl;
 use digest::{CtOutput, FixedOutputReset, Mac};
-use zeroize::Zeroize;
 
 #[cfg(feature = "alloc")]
 use alloc::vec::Vec;
@@ -329,10 +328,22 @@ where
     M: Mac<OutputSize = U16>,
 {
     fn drop(&mut self) {
-        self.encryption_key.zeroize()
+        #[cfg(feature = "zeroize")]
+        {
+            use zeroize::Zeroize;
+            self.encryption_key.zeroize()
+        }
     }
 }
 
+#[cfg(feature = "zeroize")]
+impl<C, M> zeroize::ZeroizeOnDrop for Siv<C, M>
+where
+    C: BlockSizeUser<BlockSize = U16> + BlockCipherEncrypt + KeyInit + KeySizeUser,
+    M: Mac<OutputSize = U16>,
+{
+}
+
 /// "S2V" is a vectorized pseudorandom function (sometimes referred to as a
 /// vector MAC or "vMAC") which performs a "dbl"-and-xor operation on the
 /// outputs of a pseudo-random function (CMAC or PMAC).

chacha20poly1305/Cargo.toml

@@ -21,10 +21,10 @@ rust-version = "1.81"
 
 [dependencies]
 aead = { version = "0.6.0-rc.0", default-features = false }
-chacha20 = { version = "=0.10.0-pre.2", default-features = false, features = ["xchacha", "zeroize"] }
+chacha20 = { version = "=0.10.0-pre.2", default-features = false, features = ["xchacha"] }
 cipher = "=0.5.0-pre.7"
 poly1305 = "0.9.0-rc.0"
-zeroize = { version = "1.8", default-features = false }
+zeroize = { version = "1.8", optional = true, default-features = false }
 
 [dev-dependencies]
 aead = { version = "0.6.0-rc.0", features = ["dev"], default-features = false }
@@ -40,6 +40,7 @@ heapless = ["aead/heapless"]
 rand_core = ["aead/rand_core"]
 reduced-round = []
 stream = ["aead/stream"]
+zeroize = ["dep:zeroize", "chacha20/zeroize"]
 
 [package.metadata.docs.rs]
 all-features = true

chacha20poly1305/src/cipher.rs

@@ -7,7 +7,6 @@ use poly1305::{
     universal_hash::{KeyInit, UniversalHash},
     Poly1305,
 };
-use zeroize::Zeroize;
 
 use super::Tag;
 
@@ -38,7 +37,11 @@ where
         cipher.apply_keystream(&mut mac_key);
 
         let mac = Poly1305::new(&mac_key);
-        mac_key.zeroize();
+        #[cfg(feature = "zeroize")]
+        {
+            use zeroize::Zeroize;
+            mac_key.zeroize();
+        }
 
         // Set ChaCha20 counter to 1
         cipher.seek(BLOCK_SIZE as u64);

chacha20poly1305/src/lib.rs

@@ -154,7 +154,6 @@ use aead::{
     consts::{U0, U12, U16, U24, U32},
 };
 use core::marker::PhantomData;
-use zeroize::{Zeroize, ZeroizeOnDrop};
 
 use chacha20::{ChaCha20, XChaCha20};
 
@@ -301,8 +300,13 @@ where
     N: ArraySize,
 {
     fn drop(&mut self) {
-        self.key.as_mut_slice().zeroize();
+        #[cfg(feature = "zeroize")]
+        {
+            use zeroize::Zeroize;
+            self.key.as_mut_slice().zeroize();
+        }
     }
 }
 
-impl<C, N: ArraySize> ZeroizeOnDrop for ChaChaPoly1305<C, N> {}
+#[cfg(feature = "zeroize")]
+impl<C, N: ArraySize> zeroize::ZeroizeOnDrop for ChaChaPoly1305<C, N> {}

deoxys/Cargo.toml

@@ -21,7 +21,7 @@ rust-version = "1.81"
 aead = { version = "0.6.0-rc.0", default-features = false }
 aes = { version = "=0.9.0-pre.2", features = ["hazmat"], default-features = false }
 subtle = { version = "2", default-features = false }
-zeroize = { version = "1", default-features = false }
+zeroize = { version = "1", optional = true, default-features = false }
 
 [dev-dependencies]
 aead = { version = "0.6.0-rc.0", features = ["dev"], default-features = false }

deoxys/src/lib.rs

@@ -118,8 +118,6 @@ use aead::{
 };
 use core::marker::PhantomData;
 
-use zeroize::Zeroize;
-
 /// Deoxys-I with 128-bit keys
 pub type DeoxysI128 = Deoxys<modes::DeoxysI<deoxys_bc::DeoxysBc256>, deoxys_bc::DeoxysBc256>;
 
@@ -299,8 +297,20 @@ where
     B: DeoxysBcType,
 {
     fn drop(&mut self) {
-        for s in self.subkeys.iter_mut() {
-            s.zeroize();
+        #[cfg(feature = "zeroize")]
+        {
+            use zeroize::Zeroize;
+            for s in self.subkeys.iter_mut() {
+                s.zeroize();
+            }
         }
     }
 }
+
+#[cfg(feature = "zeroize")]
+impl<M, B> zeroize::ZeroizeOnDrop for Deoxys<M, B>
+where
+    M: DeoxysMode<B>,
+    B: DeoxysBcType,
+{
+}