From 912547a5002ec587a7d31803d270df46898baa4c Mon Sep 17 00:00:00 2001
From: dignifiedquire <me@dignifiedquire.com>
Date: Thu, 20 Feb 2025 20:08:32 +0100
Subject: [PATCH] fix: ensure Debug implementations do not leak private info

Closes #479
---
 src/key.rs | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/src/key.rs b/src/key.rs
index 790fe4a5..974f7233 100644
--- a/src/key.rs
+++ b/src/key.rs
@@ -1,5 +1,7 @@
 use alloc::vec::Vec;
+use core::fmt;
 use core::hash::{Hash, Hasher};
+
 use crypto_bigint::modular::{BoxedMontyForm, BoxedMontyParams};
 use crypto_bigint::{BoxedUint, Integer, NonZero, Odd};
 use rand_core::CryptoRngCore;
@@ -55,7 +57,7 @@ impl Hash for RsaPublicKey {
 }
 
 /// Represents a whole RSA key, public and private parts.
-#[derive(Debug, Clone)]
+#[derive(Clone)]
 pub struct RsaPrivateKey {
     /// Public components of the private key.
     pubkey_components: RsaPublicKey,
@@ -67,6 +69,22 @@ pub struct RsaPrivateKey {
     pub(crate) precomputed: Option<PrecomputedValues>,
 }
 
+impl fmt::Debug for RsaPrivateKey {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        let precomputed = if self.precomputed.is_some() {
+            "Some(...)"
+        } else {
+            "None"
+        };
+        f.debug_struct("RsaPrivateKey")
+            .field("pubkey_components", &self.pubkey_components)
+            .field("d", &"...")
+            .field("primes", &"&[...]")
+            .field("precomputed", &precomputed)
+            .finish()
+    }
+}
+
 impl Eq for RsaPrivateKey {}
 impl PartialEq for RsaPrivateKey {
     #[inline]
@@ -101,7 +119,7 @@ impl Drop for RsaPrivateKey {
 
 impl ZeroizeOnDrop for RsaPrivateKey {}
 
-#[derive(Debug, Clone)]
+#[derive(Clone)]
 pub(crate) struct PrecomputedValues {
     /// D mod (P-1)
     pub(crate) dp: BoxedUint,