der: Make zeroize's alloc feature conditional
#920
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Previously `zeroize`'s `alloc` feature would be enabled if `zeroize` was enabled. Now `zeroize`'s `alloc` feature is only enabled if this crate's `alloc` feature is enabled.
|
Though technically a breaking change, the fact this entire repo passes with it is a good indication it's unlikely to cause real-world breakages. I can merge this and yank the previous release so this is the new behavior going forward. It does seem like a good change. |
Merged
|
Thanks so much!! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Previously
zeroize'sallocfeature would be enabled ifzeroizewas enabled inder. Nowzeroize'sallocfeature is only enabled if thisder'sallocfeature is enabled.We were hoping to use p256 in a no-alloc environment. Moving p256 from 0.12.0->0.13.0 results in
allocgetting pulled in.It looks like when
sec1went from 0.3.0->0.7.1, sec1/v0.3.0...sec1/v0.7.1#diff-fe7c93733c51ed30397c61754e6d22958291335b1d61470ce78edcdf49a09399R36 itsderdependency now useszeroize. Thezeroizedependency inderwas calling outalloc.Looking through
derandsec1it seems thatalloc+zeriozeis only needed forder's document.rs.Making this proposed change may be a breaking change as
derexposeszeroize, https://github.com/RustCrypto/formats/blob/master/der/src/lib.rs#L394. If someone was using the Vec, String, etc features exposed viader::zeroizeand theallocfeature.