From e086be237cc4d7cb247d1defa08ca371815a1885 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Damir=20Jeli=C4=87?= <poljar@termina.org.uk>
Date: Wed, 3 Jul 2024 10:09:46 +0200
Subject: [PATCH 1/2] chore: Use the ZeroizeOnDrop trait instead of the
 deprecated drop call

---
 src/cipher/key.rs                   |  8 +++-----
 src/megolm/group_session.rs         |  5 ++---
 src/megolm/inbound_group_session.rs |  5 ++---
 src/megolm/mod.rs                   |  5 ++---
 src/megolm/ratchet.rs               |  8 +++-----
 src/olm/account/mod.rs              | 11 ++++-------
 src/olm/session/chain_key.rs        |  8 +++-----
 src/olm/session/mod.rs              | 11 ++++-------
 src/olm/session/root_key.rs         |  8 +++-----
 src/olm/shared_secret.rs            |  8 +++-----
 src/utilities/libolm_compat.rs      |  5 ++---
 11 files changed, 31 insertions(+), 51 deletions(-)

diff --git a/src/cipher/key.rs b/src/cipher/key.rs
index bcf6fb1e..77bc5541 100644
--- a/src/cipher/key.rs
+++ b/src/cipher/key.rs
@@ -19,7 +19,7 @@ use aes::{
 };
 use hkdf::Hkdf;
 use sha2::Sha256;
-use zeroize::Zeroize;
+use zeroize::{Zeroize, ZeroizeOnDrop};
 
 use super::Aes256CbcEnc;
 
@@ -27,8 +27,7 @@ type Aes256Key = GenericArray<u8, <Aes256 as KeySizeUser>::KeySize>;
 type Aes256Iv = GenericArray<u8, <Aes256CbcEnc as IvSizeUser>::IvSize>;
 type HmacSha256Key = [u8; 32];
 
-#[derive(Zeroize)]
-#[zeroize(drop)]
+#[derive(Zeroize, ZeroizeOnDrop)]
 struct ExpandedKeys(Box<[u8; 80]>);
 
 impl ExpandedKeys {
@@ -59,8 +58,7 @@ impl ExpandedKeys {
     }
 }
 
-#[derive(Zeroize)]
-#[zeroize(drop)]
+#[derive(Zeroize, ZeroizeOnDrop)]
 pub(super) struct CipherKeys {
     aes_key: Box<[u8; 32]>,
     aes_iv: Box<[u8; 16]>,
diff --git a/src/megolm/group_session.rs b/src/megolm/group_session.rs
index a5377892..5a1144c6 100644
--- a/src/megolm/group_session.rs
+++ b/src/megolm/group_session.rs
@@ -156,7 +156,7 @@ impl GroupSession {
 #[cfg(feature = "libolm-compat")]
 mod libolm_compat {
     use matrix_pickle::Decode;
-    use zeroize::Zeroize;
+    use zeroize::{Zeroize, ZeroizeOnDrop};
 
     use super::GroupSession;
     use crate::{
@@ -165,8 +165,7 @@ mod libolm_compat {
         Ed25519Keypair,
     };
 
-    #[derive(Zeroize, Decode)]
-    #[zeroize(drop)]
+    #[derive(Zeroize, ZeroizeOnDrop, Decode)]
     pub(super) struct Pickle {
         version: u32,
         ratchet: LibolmRatchetPickle,
diff --git a/src/megolm/inbound_group_session.rs b/src/megolm/inbound_group_session.rs
index 73b488b4..538b2630 100644
--- a/src/megolm/inbound_group_session.rs
+++ b/src/megolm/inbound_group_session.rs
@@ -382,7 +382,7 @@ impl InboundGroupSession {
 #[cfg(feature = "libolm-compat")]
 mod libolm_compat {
     use matrix_pickle::Decode;
-    use zeroize::Zeroize;
+    use zeroize::{Zeroize, ZeroizeOnDrop};
 
     use super::InboundGroupSession;
     use crate::{
@@ -390,8 +390,7 @@ mod libolm_compat {
         Ed25519PublicKey,
     };
 
-    #[derive(Zeroize, Decode)]
-    #[zeroize(drop)]
+    #[derive(Zeroize, ZeroizeOnDrop, Decode)]
     pub(super) struct Pickle {
         version: u32,
         initial_ratchet: LibolmRatchetPickle,
diff --git a/src/megolm/mod.rs b/src/megolm/mod.rs
index 090462ac..fb23e25e 100644
--- a/src/megolm/mod.rs
+++ b/src/megolm/mod.rs
@@ -37,12 +37,11 @@ fn default_config() -> SessionConfig {
 #[cfg(feature = "libolm-compat")]
 mod libolm {
     use matrix_pickle::Decode;
-    use zeroize::Zeroize;
+    use zeroize::{Zeroize, ZeroizeOnDrop};
 
     use super::ratchet::Ratchet;
 
-    #[derive(Zeroize, Decode)]
-    #[zeroize(drop)]
+    #[derive(Zeroize, ZeroizeOnDrop, Decode)]
     pub(crate) struct LibolmRatchetPickle {
         #[secret]
         ratchet: Box<[u8; 128]>,
diff --git a/src/megolm/ratchet.rs b/src/megolm/ratchet.rs
index 1a16cbd4..f6e7c86a 100644
--- a/src/megolm/ratchet.rs
+++ b/src/megolm/ratchet.rs
@@ -19,13 +19,12 @@ use serde::{Deserialize, Deserializer, Serialize, Serializer};
 use sha2::{digest::CtOutput, Sha256};
 use subtle::{Choice, ConstantTimeEq};
 use thiserror::Error;
-use zeroize::Zeroize;
+use zeroize::{Zeroize, ZeroizeOnDrop};
 
 const ADVANCEMENT_SEEDS: [&[u8; 1]; Ratchet::RATCHET_PART_COUNT] =
     [b"\x00", b"\x01", b"\x02", b"\x03"];
 
-#[derive(Serialize, Deserialize, Zeroize, Clone)]
-#[zeroize(drop)]
+#[derive(Clone, Serialize, Deserialize, Zeroize, ZeroizeOnDrop)]
 pub(super) struct Ratchet {
     inner: RatchetBytes,
     counter: u32,
@@ -42,8 +41,7 @@ impl ConstantTimeEq for Ratchet {
     }
 }
 
-#[derive(Zeroize, Clone)]
-#[zeroize(drop)]
+#[derive(Clone, Zeroize, ZeroizeOnDrop)]
 struct RatchetBytes(Box<[u8; Ratchet::RATCHET_LENGTH]>);
 
 impl RatchetBytes {
diff --git a/src/olm/account/mod.rs b/src/olm/account/mod.rs
index a3f27ae8..4b8d4462 100644
--- a/src/olm/account/mod.rs
+++ b/src/olm/account/mod.rs
@@ -478,7 +478,7 @@ impl From<AccountPickle> for Account {
 #[cfg(feature = "libolm-compat")]
 mod libolm {
     use matrix_pickle::{Decode, DecodeError, Encode, EncodeError};
-    use zeroize::Zeroize;
+    use zeroize::{Zeroize, ZeroizeOnDrop};
 
     use super::{
         fallback_keys::{FallbackKey, FallbackKeys},
@@ -491,8 +491,7 @@ mod libolm {
         Curve25519PublicKey, Ed25519Keypair, KeyId,
     };
 
-    #[derive(Debug, Zeroize, Encode, Decode)]
-    #[zeroize(drop)]
+    #[derive(Debug, Encode, Decode, Zeroize, ZeroizeOnDrop)]
     struct OneTimeKey {
         key_id: u32,
         published: bool,
@@ -510,8 +509,7 @@ mod libolm {
         }
     }
 
-    #[derive(Debug, Zeroize)]
-    #[zeroize(drop)]
+    #[derive(Debug, Zeroize, ZeroizeOnDrop)]
     struct FallbackKeysArray {
         fallback_key: Option<OneTimeKey>,
         previous_fallback_key: Option<OneTimeKey>,
@@ -559,8 +557,7 @@ mod libolm {
         }
     }
 
-    #[derive(Zeroize, Encode, Decode)]
-    #[zeroize(drop)]
+    #[derive(Encode, Decode, Zeroize, ZeroizeOnDrop)]
     pub(super) struct Pickle {
         version: u32,
         ed25519_keypair: LibolmEd25519Keypair,
diff --git a/src/olm/session/chain_key.rs b/src/olm/session/chain_key.rs
index 8518e3bf..44d9eafe 100644
--- a/src/olm/session/chain_key.rs
+++ b/src/olm/session/chain_key.rs
@@ -15,7 +15,7 @@
 use hmac::{Hmac, Mac};
 use serde::{Deserialize, Serialize};
 use sha2::{digest::CtOutput, Sha256};
-use zeroize::Zeroize;
+use zeroize::{Zeroize, ZeroizeOnDrop};
 
 use super::{
     message_key::{MessageKey, RemoteMessageKey},
@@ -48,15 +48,13 @@ fn advance(key: &[u8; 32]) -> CtOutput<Hmac<Sha256>> {
     mac.finalize()
 }
 
-#[derive(Clone, Zeroize, Serialize, Deserialize)]
-#[zeroize(drop)]
+#[derive(Clone, Serialize, Deserialize, Zeroize, ZeroizeOnDrop)]
 pub(super) struct ChainKey {
     key: Box<[u8; 32]>,
     index: u64,
 }
 
-#[derive(Clone, Zeroize, Serialize, Deserialize)]
-#[zeroize(drop)]
+#[derive(Clone, Serialize, Deserialize, Zeroize, ZeroizeOnDrop)]
 pub(super) struct RemoteChainKey {
     key: Box<[u8; 32]>,
     index: u64,
diff --git a/src/olm/session/mod.rs b/src/olm/session/mod.rs
index 5d435c0d..1ccf4c28 100644
--- a/src/olm/session/mod.rs
+++ b/src/olm/session/mod.rs
@@ -336,7 +336,7 @@ impl Session {
 #[cfg(feature = "libolm-compat")]
 mod libolm_compat {
     use matrix_pickle::Decode;
-    use zeroize::Zeroize;
+    use zeroize::{Zeroize, ZeroizeOnDrop};
 
     use super::{
         chain_key::{ChainKey, RemoteChainKey},
@@ -353,8 +353,7 @@ mod libolm_compat {
         Curve25519PublicKey,
     };
 
-    #[derive(Debug, Decode, Zeroize)]
-    #[zeroize(drop)]
+    #[derive(Debug, Decode, Zeroize, ZeroizeOnDrop)]
     struct SenderChain {
         public_ratchet_key: [u8; 32],
         #[secret]
@@ -363,8 +362,7 @@ mod libolm_compat {
         chain_key_index: u32,
     }
 
-    #[derive(Debug, Decode, Zeroize)]
-    #[zeroize(drop)]
+    #[derive(Debug, Decode, Zeroize, ZeroizeOnDrop)]
     struct ReceivingChain {
         public_ratchet_key: [u8; 32],
         #[secret]
@@ -384,8 +382,7 @@ mod libolm_compat {
         }
     }
 
-    #[derive(Debug, Decode, Zeroize)]
-    #[zeroize(drop)]
+    #[derive(Debug, Decode, Zeroize, ZeroizeOnDrop)]
     struct MessageKey {
         ratchet_key: [u8; 32],
         #[secret]
diff --git a/src/olm/session/root_key.rs b/src/olm/session/root_key.rs
index 3c71d50c..61865bab 100644
--- a/src/olm/session/root_key.rs
+++ b/src/olm/session/root_key.rs
@@ -15,7 +15,7 @@
 use hkdf::Hkdf;
 use serde::{Deserialize, Serialize};
 use sha2::Sha256;
-use zeroize::Zeroize;
+use zeroize::{Zeroize, ZeroizeOnDrop};
 
 use super::{
     chain_key::{ChainKey, RemoteChainKey},
@@ -34,9 +34,8 @@ const ADVANCEMENT_SEED: &[u8; 11] = b"OLM_RATCHET";
 ///
 /// This struct holds the root key corresponding to chains where we are the
 /// sender. See also [`RemoteRootKey`].
-#[derive(Serialize, Deserialize, Clone, Zeroize)]
+#[derive(Clone, Serialize, Deserialize, Zeroize, ZeroizeOnDrop)]
 #[serde(transparent)]
-#[zeroize(drop)]
 pub(crate) struct RootKey {
     pub key: Box<[u8; 32]>,
 }
@@ -45,8 +44,7 @@ pub(crate) struct RootKey {
 ///
 /// See [`RootKey`] for information on root keys. This struct holds the root key
 /// corresponding to chains where the other side is the sender.
-#[derive(Serialize, Deserialize, Clone, Zeroize)]
-#[zeroize(drop)]
+#[derive(Clone, Serialize, Deserialize, Zeroize, ZeroizeOnDrop)]
 pub(crate) struct RemoteRootKey {
     pub key: Box<[u8; 32]>,
 }
diff --git a/src/olm/shared_secret.rs b/src/olm/shared_secret.rs
index 9507dbf4..06d85189 100644
--- a/src/olm/shared_secret.rs
+++ b/src/olm/shared_secret.rs
@@ -34,16 +34,14 @@
 use hkdf::Hkdf;
 use sha2::Sha256;
 use x25519_dalek::{ReusableSecret, SharedSecret};
-use zeroize::Zeroize;
+use zeroize::{Zeroize, ZeroizeOnDrop};
 
 use crate::{types::Curve25519SecretKey as StaticSecret, Curve25519PublicKey as PublicKey};
 
-#[derive(Zeroize)]
-#[zeroize(drop)]
+#[derive(Zeroize, ZeroizeOnDrop)]
 pub struct Shared3DHSecret(Box<[u8; 96]>);
 
-#[derive(Zeroize)]
-#[zeroize(drop)]
+#[derive(Zeroize, ZeroizeOnDrop)]
 pub struct RemoteShared3DHSecret(Box<[u8; 96]>);
 
 fn expand(shared_secret: &[u8; 96]) -> (Box<[u8; 32]>, Box<[u8; 32]>) {
diff --git a/src/utilities/libolm_compat.rs b/src/utilities/libolm_compat.rs
index 23128a32..f6fe726c 100644
--- a/src/utilities/libolm_compat.rs
+++ b/src/utilities/libolm_compat.rs
@@ -15,7 +15,7 @@
 use std::io::Cursor;
 
 use matrix_pickle::{Decode, Encode};
-use zeroize::Zeroize;
+use zeroize::{Zeroize, ZeroizeOnDrop};
 
 use super::{base64_decode, base64_encode};
 use crate::{cipher::Cipher, LibolmPickleError};
@@ -78,8 +78,7 @@ where
     Ok(base64_encode(encrypted))
 }
 
-#[derive(Zeroize, Encode, Decode)]
-#[zeroize(drop)]
+#[derive(Encode, Decode, Zeroize, ZeroizeOnDrop)]
 pub(crate) struct LibolmEd25519Keypair {
     pub public_key: [u8; 32],
     #[secret]

From 91906645b469d33841db061ba40690b9d2d95089 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Damir=20Jeli=C4=87?= <poljar@termina.org.uk>
Date: Wed, 3 Jul 2024 10:09:46 +0200
Subject: [PATCH 2/2] chore: Fix a typo

---
 src/lib.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lib.rs b/src/lib.rs
index 17da71ab..f3940c52 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -179,7 +179,7 @@
 //! instead call the `.pickle()` method to obtain a special serializable struct.
 //! This struct *does* implement `Serialize` and can therefore be serialized
 //! into any format supported by `serde`. To get back to the original struct
-//! from such as serializeable struct, just call `.unpickle()`.
+//! from such as serializable struct, just call `.unpickle()`.
 //!
 //! ```rust
 //! use anyhow::Result;