Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement secure data management #46

Closed
ionut-arm opened this issue Mar 13, 2020 · 2 comments · Fixed by #128
Closed

Implement secure data management #46

ionut-arm opened this issue Mar 13, 2020 · 2 comments · Fixed by #128
Assignees
@hug-dev
Labels
bug Something isn't working security Issues related to the security and privacy of the service
Milestone
Parsec production...

Comments

@ionut-arm
Copy link
Member

Currently all data passed to/through the library is released as-is once it is dropped. We should ideally clean up all the objects we use and all input we get from clients.

See parallaxsecond/parsec#122 for more details.
@ionut-arm ionut-arm added the bug Something isn't working label Mar 13, 2020
@hug-dev hug-dev added this to the Parsec production ready milestone Aug 7, 2020
@hug-dev hug-dev added the security Issues related to the security and privacy of the service label Aug 7, 2020
@paulhowardarm
Copy link

What work is required here over and above parallaxsecond/parsec#122 ?

@ionut-arm
Copy link
Member Author

What work is required here over and above parallaxsecond/parsec#122 ?

parallaxsecond/parsec#122 only covers the Parsec service side of things. This covers the whole of the TSS crate, but for the Parsec issue we can go and make the changes specific to us.

This was referenced Sep 2, 2020
Merged
Merged
@hug-dev hug-dev self-assigned this Sep 3, 2020
tgonzalezorlandoarm pushed a commit to tgonzalezorlandoarm/rust-tss-esapi that referenced this issue Mar 14, 2024
@hug-dev
Merge pull request parallaxsecond#46 from hug-dev/daemon
98bde16 
Add a compile-time option for a daemon binary
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hug-dev hug-dev

Labels
bug Something isn't working security Issues related to the security and privacy of the service
Projects
None yet
Milestone
Parsec production ready
Development

Successfully merging a pull request may close this issue.

Add zeroing to SensitiveData hug-dev/rust-tss-esapi
3 participants
@hug-dev @paulhowardarm @ionut-arm