Zeroizing allocator (#154)

* Add a zeroizing allocator

* Also implement the allocator API

* Add misisng license file to zalloc

* Slight change to zalloc description

Cargo.lock

@@ -10129,6 +10129,13 @@ dependencies = [
  "static_assertions",
 ]
 
+[[package]]
+name = "zalloc"
+version = "0.1.0"
+dependencies = [
+ "zeroize",
+]
+
 [[package]]
 name = "zeroize"
 version = "1.5.7"

Cargo.toml

@@ -1,5 +1,7 @@
 [workspace]
 members = [
+  "common/zalloc",
+
   "crypto/transcript",
 
   "crypto/dalek-ff-group",

common/zalloc/Cargo.toml

@@ -0,0 +1,19 @@
+[package]
+name = "zalloc"
+version = "0.1.0"
+description = "An allocator wrapper which zeroizes memory on dealloc"
+license = "MIT"
+repository = "https://github.com/serai-dex/serai/tree/develop/common/zalloc"
+authors = ["Luke Parker <lukeparker5132@gmail.com>"]
+keywords = []
+edition = "2021"
+
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
+
+[dependencies]
+zeroize = "1.5"
+
+[features]
+allocator = []

common/zalloc/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 Luke Parker
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

common/zalloc/src/lib.rs

@@ -0,0 +1,46 @@
+#![cfg_attr(docsrs, feature(doc_cfg))]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+#![cfg_attr(feature = "allocator", feature(allocator_api))]
+
+//! Implementation of a Zeroizing Allocator, enabling zeroizing memory on deallocation.
+//! This can either be used with Box (requires nightly and the "allocator" feature) to provide the
+//! functionality of zeroize on types which don't implement zeroize, or used as a wrapper around
+//! the global allocator to ensure *all* memory is zeroized.
+
+use core::{
+  slice,
+  alloc::{Layout, GlobalAlloc},
+};
+
+use zeroize::Zeroize;
+
+/// An allocator wrapper which zeroizes its memory on dealloc.
+pub struct ZeroizingAlloc<T>(pub T);
+
+#[cfg(feature = "allocator")]
+use core::{
+  ptr::NonNull,
+  alloc::{AllocError, Allocator},
+};
+#[cfg(feature = "allocator")]
+unsafe impl<T: Allocator> Allocator for ZeroizingAlloc<T> {
+  fn allocate(&self, layout: Layout) -> Result<NonNull<[u8]>, AllocError> {
+    self.0.allocate(layout)
+  }
+
+  unsafe fn deallocate(&self, mut ptr: NonNull<u8>, layout: Layout) {
+    slice::from_raw_parts_mut(ptr.as_mut(), layout.size()).zeroize();
+    self.0.deallocate(ptr, layout);
+  }
+}
+
+unsafe impl<T: GlobalAlloc> GlobalAlloc for ZeroizingAlloc<T> {
+  unsafe fn alloc(&self, layout: Layout) -> *mut u8 {
+    self.0.alloc(layout)
+  }
+
+  unsafe fn dealloc(&self, ptr: *mut u8, layout: Layout) {
+    slice::from_raw_parts_mut(ptr, layout.size()).zeroize();
+    self.0.dealloc(ptr, layout);
+  }
+}