ceph/src/libkmip/docs/source/security.rst

   1 Security
   2 ========
   3 The security of libkmip is the top priority for the project. Use the
   4 information provided below to inform your security posture.
   5
   6 Handling Sensitive Data
   7 -----------------------
   8 Given that libkmip is an ISO C11 implementation of a key management protocol,
   9 the most sensitive aspect of the library is its handling of memory containing
  10 cryptographic material. All memory allocation and deallocation routines
  11 explicitly zero memory to prevent inadvertent leaks of sensitive data. This
  12 approach relies on the use of the standard ``memset_s`` function
  13 (see `memset_s`_) included in C11 Annex K. If ``memset_s`` is unavailable at
  14 build time, memory clearing is done through a volatile function pointer to
  15 prevent the optimizer from optimizing away the clearing operation.
  16
  17 .. warning::
  18    Despite the precautions taken here, it is possible that your build system
  19    will still optimize away the memory clearing operation. If this occurs,
  20    sensitive cryptographic material will be left behind in memory during and
  21    after application execution. Examine your application binary directly to
  22    determine if this is true for your setup.
  23
  24 Other security concerns, such as locking memory pages, are left up to the
  25 parent application and are not the domain of libkmip.
  26
  27 Reporting a Security Issue
  28 --------------------------
  29 Please do not report security issues to the normal GitHub project issue
  30 tracker. Contact the project maintainers directly via email to report
  31 and discuss security issues.
  32
  33 When reporting a security issue, please include as much detail as possible.
  34 This includes a high-level description of the issue, information on how to
  35 cause or reproduce the issue, and any details on specific portions of the
  36 project code base related to the issue.
  37
  38 Once you have submitted an issue, you should receive an acknowledgement.
  39 Depending upon the severity of the issue, the project maintainers will
  40 respond to collect additional information and work with you to address the
  41 security issue. If applicable, a new library subrelease will be produced
  42 across all actively supported releases to address and fix the issue.
  43
  44 .. _`memset_s`: https://en.cppreference.com/w/c/string/byte/memset