[MONGOCRYPT-89] Securely allocate buffers for storing decrypted key material Created: 08/May/19  Updated: 13/Feb/20  Resolved: 15/Oct/19

Status: Closed
Project: Libmongocrypt
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Kevin Albertson Assignee: Unassigned
Resolution: Won't Fix Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

In the driver spec we've decided we want to make a best-effort to store decrypted key material securely in memory. In libmongocrypt, we can store cached decrypted key material in buffers allocated securely (i.e. don't get paged to disk and are zeroed out when freed). We have server code that already does this apparently.



 Comments   
Comment by Samantha Ritter (Inactive) [ 22/May/19 ]

code review (secure zero only): https://mongodbcr.appspot.com/469100003/

Generated at Thu Feb 08 09:07:56 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.