V1.2.14 macros - integrating a new safety approach

Cargo.toml

@@ -1,7 +1,7 @@
 workspace = { members = ["crypt_guard_proc"] }
 [package]
 name = "crypt_guard"
-version = "1.2.13"
+version = "1.2.14"
 edition = "2021"
 description = "CryptGuardLib is a comprehensive Rust library designed for strong encryption and decryption, incorporating post-quantum cryptography to safeguard against quantum threats. It's geared towards developers who need to embed advanced cryptographic capabilities in their Rust applications."
 license = "MIT"
@@ -24,6 +24,7 @@ pqcrypto-kyber = "0.8.1"
 chrono = "0.4.37"
 lazy_static = "1.4.0"
 crypt_guard_proc = { path = "./crypt_guard_proc", version = "0.1.0" }
+zeroize = "1.8.1"
 
 [dev-dependencies]
 tempfile = "3.10.1"

README.md

@@ -33,9 +33,13 @@ An additional layer of security is provided through the appending of a HMAC (Has
 
 ### Newest Features
 
+The macros now automatically zero out the used values to enhance data security during execution. For other execution methods, ensure data safety by manually addressing confidentiality. Developers using this crate are responsible for securely storing, hiding, and zeroing out keys in memory to protect encrypted information. As these values are generated, they fall outside my control for adding security measures. Note that the macros now require data ownership; to ensure safety, avoid cloning and instead use `.to_owned()`.
+
+**Regarding the transfer of ownership, please take a look at the `src` folder in the Git repository. It contains the `tests` module folder and the test file `MacroTests.rs`, which uses the approach mentioned. The same is true for `KyberTests` and parts of the example `encrypt_aes.rs`.**
+
 ### Current Release
 
-The present version, **1.2.13**, emphasizes detailed cryptographic operations. This version is ideal for those who want a fast but not too complicated, elaborate approach to cryptography and don't want to use asynchronous code. Asynchronous capabilities will be reimplemented in a later update (but this time as a feature). For those who prefer using async implementation, use version 1.0.3 until a later update is released. This version's syntax is more user-friendly and does not require the definition of too many structs like in 1.1.X or 1.1.0 but allows for precise control over the encryption and decryption algorithm as well as the Kyber key size. It allows the usage of Kyber1024, Kyber768, and Kyber512. Now you also can use logging cappabilitys.
+The present version, **1.2.14**, focuses on detailed cryptographic operations with enhanced data handling through automated macros. These macros simplify execution by wrapping up the necessary steps of definition, leveraging generic types and trait definitions. This version avoids asynchronous code, which will be reintroduced as a feature in future updates. Users preferring async implementation should use version 1.0.3. Note that version 1.0.3 uses the old syntax and has indirect documentation through the README, lacking Cargo's auto-generated documentation due to missing comments. Version 1.2.14 offers user-friendly syntax, reducing the need for extensive struct definitions, and supports Kyber1024, Kyber768, and Kyber512, along with logging capabilities.
 
 ### Simplifying Encryption and Decryption with Macros
 
@@ -415,6 +419,12 @@ let mut decryptor = Kyber::<Decryption, Kyber768, Files, XChaCha20>::new(secret_
 let decrypt_message = decryptor.decrypt_file(dec_path.clone(), passphrase.clone(), cipher)?;
 ```
 
+#### News regarding the CLI version[![Crates.io][cli-badge]][cli-link]
+[cli-badge]: https://img.shields.io/badge/github-cli-black.svg?style=for-the-badge
+[cli-link]: https://github.com/mm9942/crypt_guard_cli
+
+I have almost finished each subcommand, with only the verify subcommand remaining. After completing this, I will test signing and verification. The pre-release is now available on GitHub, and the finished product should be released within a few days or by the end of the month at the latest!
+
 ### Conclusion and Looking Forward
 
 We appreciate your engagement with our cryptographic library. As we strive to improve and evolve, your feedback and contributions are invaluable. The anticipated update promises to make cryptography more accessible and straightforward for everyone.

examples/encrypt_xchacha.rs

@@ -15,8 +15,8 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
     let tmp_dir = TempDir::new().map_err(|e| CryptError::from(e))?;
     let tmp_dir = Builder::new().prefix("messages").tempdir().map_err(|e| CryptError::from(e))?;
 
-    let enc_path = tmp_dir.path().clone().join("message.txt");
-    let dec_path = tmp_dir.path().clone().join("message.txt.enc"); 
+    let enc_path = tmp_dir.path().join("message.txt");
+    let dec_path = tmp_dir.path().join("message.txt.enc"); 
 
     let _ = fs::write(&enc_path, message.as_bytes())?;
 

examples/macro_example.rs

@@ -19,10 +19,10 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
     let (public_key, secret_key) = KeyControKyber1024::keypair().expect("Failed to generate keypair");
 
     // Encrypt message
-    let (encrypt_message, cipher) = Encryption!(public_key.clone(), 1024, message, passphrase, AES)?;
+    let (encrypt_message, cipher) = Encryption!(public_key.to_owned(), 1024, message.to_owned(), passphrase, AES)?;
 
     // Decrypt message
-    let decrypt_message = Decryption!(secret_key, 1024, encrypt_message, passphrase, cipher, AES);
+    let decrypt_message = Decryption!(secret_key.to_owned(), 1024, encrypt_message.to_owned(), passphrase, cipher.to_owned(), AES);
     println!("{}", String::from_utf8(decrypt_message?).expect("Failed to convert decrypted message to string"));
     Ok(())
 }

src/error.rs

@@ -1,3 +1,4 @@
+pub use zeroize::Zeroize;
 use std::{fmt::{self, Display, Formatter}, error::Error, io, sync::Arc};
 
 #[derive(Debug)]