Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Avoid String use with secure strings #1813

Merged
merged 2 commits into from
Apr 27, 2022

Conversation

David-Engel
Copy link
Collaborator

@David-Engel David-Engel commented Apr 21, 2022

Since Strings are immutable in Java and tend to stay around in memory for potential re-use in the JVM, it's best practice to avoid them for sensitive data. It's recommended to use char arrays instead and clear/overwrite them once they're no longer needed. This limits the amount of time sensitive data remains in memory.

@Jeffery-Wasty Jeffery-Wasty added this to the 11.1.2 milestone Apr 22, 2022
@lilgreenbird lilgreenbird merged commit 17fdf96 into microsoft:main Apr 27, 2022
@David-Engel David-Engel deleted the securestring branch April 27, 2022 23:51
String getEncryptedString(String str) throws SQLServerException {
byte[] getEncryptedBytes(char[] chars) throws SQLServerException {
if (chars == null)
return null;
SecureRandom random = new SecureRandom();
random.nextBytes(iv);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is very fragile. Out of order encrypt-decrypt calls will not work because iv is stored in instance variable.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mmimica Thanks for catching that! #1858 should address this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants