Custom Debug implementation for ChaCha and Xorshift

So the internal state is never exposed (may be security-sensitive)
dhardy · Oct 21, 2017 · e513aaa · e513aaa
1 parent 6712a3a
commit e513aaa
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 3 deletions.
diff --git a/src/prng/chacha.rs b/src/prng/chacha.rs
@@ -11,6 +11,7 @@
 //! The ChaCha random number generator.
 
 use core::num::Wrapping as w;
+use core::fmt;
 use {Rng, CryptoRng, SeedFromRng, SeedableRng, Error};
 
 #[allow(bad_style)]
@@ -29,13 +30,20 @@ const CHACHA_ROUNDS: u32 = 20; // Cryptographically secure from 8 upwards as of
 ///
 /// [1]: D. J. Bernstein, [*ChaCha, a variant of
 /// Salsa20*](http://cr.yp.to/chacha.html)
-#[derive(Clone, Debug)]
+#[derive(Clone)]
 pub struct ChaChaRng {
     buffer:  [w32; STATE_WORDS], // Internal buffer of output
     state:   [w32; STATE_WORDS], // Initial state
     index:   usize,                 // Index into state
 }
 
+// Custom Debug implementation that does not expose the internal state
+impl fmt::Debug for ChaChaRng {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        write!(f, "ChaChaRng {{}}")
+    }
+}
+
 macro_rules! quarter_round{
     ($a: expr, $b: expr, $c: expr, $d: expr) => {{
         $a = $a + $b; $d = $d ^ $a; $d = w($d.0.rotate_left(16));

diff --git a/src/prng/isaac.rs b/src/prng/isaac.rs
@@ -110,6 +110,7 @@ impl Clone for IsaacRng {
     }
 }
 
+// Custom Debug implementation that does not expose the internal state
 impl fmt::Debug for IsaacRng {
     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
         write!(f, "IsaacRng {{}}")

diff --git a/src/prng/isaac64.rs b/src/prng/isaac64.rs
@@ -94,6 +94,7 @@ impl Clone for Isaac64Rng {
     }
 }
 
+// Custom Debug implementation that does not expose the internal state
 impl fmt::Debug for Isaac64Rng {
     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
         write!(f, "Isaac64Rng {{}}")

diff --git a/src/prng/xorshift.rs b/src/prng/xorshift.rs
@@ -11,6 +11,7 @@
 //! Xorshift generators
 
 use core::num::Wrapping as w;
+use core::fmt;
 use {Rng, SeedFromRng, SeedableRng, Error};
 
 /// An Xorshift[1] random number
@@ -23,15 +24,21 @@ use {Rng, SeedFromRng, SeedableRng, Error};
 /// [1]: Marsaglia, George (July 2003). ["Xorshift
 /// RNGs"](http://www.jstatsoft.org/v08/i14/paper). *Journal of
 /// Statistical Software*. Vol. 8 (Issue 14).
-#[allow(missing_copy_implementations)]
-#[derive(Clone, Debug)]
+#[derive(Clone)]
 pub struct XorShiftRng {
     x: w<u32>,
     y: w<u32>,
     z: w<u32>,
     w: w<u32>,
 }
 
+// Custom Debug implementation that does not expose the internal state
+impl fmt::Debug for XorShiftRng {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        write!(f, "XorShiftRng {{}}")
+    }
+}
+
 impl XorShiftRng {
     /// Creates a new XorShiftRng instance which is not seeded.
     ///