Skip to main content

const_secret/
drop_strategy.rs

1//! Drop strategies for handling encrypted data when it goes out of scope.
2//!
3//! This module provides different strategies for what happens to decrypted data
4//! when an [`Encrypted`](crate::Encrypted) value is dropped. Each strategy
5//! implements the [`DropStrategy`] trait.
6//!
7//! # Available Strategies
8//!
9//! - [`Zeroize`]: Overwrites the buffer with zeros using the `zeroize` crate
10//! - [`NoOp`]: Does nothing, leaving the data in memory as-is
11//!
12//! Algorithm-specific strategies:
13//! - [`xor::ReEncrypt`](crate::xor::ReEncrypt): Re-encrypts with XOR
14//! - [`rc4::ReEncrypt`](crate::rc4::ReEncrypt): Re-encrypts with RC4
15//!
16//! # Generic Over Extra Data
17//!
18//! These strategies are generic over the `Extra` type to support different
19//! algorithms that may need to store additional data (like encryption keys).
20
21use core::marker::PhantomData;
22use zeroize::Zeroize as ZeroizeTrait;
23
24pub trait DropStrategy {
25    type Extra;
26    fn drop(data: &mut [u8], extra: &Self::Extra);
27}
28
29/// Zeroizes the buffer on drop. Generic over the Extra type to work with any algorithm.
30pub struct Zeroize<E = ()>(PhantomData<E>);
31/// Does nothing on drop. Generic over the Extra type to work with any algorithm.
32pub struct NoOp<E = ()>(PhantomData<E>);
33
34impl<E> DropStrategy for Zeroize<E> {
35    type Extra = E;
36    fn drop(data: &mut [u8], _extra: &E) {
37        data.zeroize();
38    }
39}
40
41impl<E> DropStrategy for NoOp<E> {
42    type Extra = E;
43    fn drop(_data: &mut [u8], _extra: &E) {}
44}