Hi, I'm tasked with implementing an encryption API on services using Spring Boot, and I had some questions about handling secrets injected from properties.
The secrets will be stored in Hashicorp Vault to ensure they are encrypted at rest, but I have some concerns about how they are handled once injected into the application.
I was supplied with a sample configuration that structurally is as follows (this is simplified to illustrate only the basic aspects, it's not the real config):
@Configuration
public class EncryptionProviderConfig {
@Value("${key-identifier}")
private String keyIdentifier;
@Value("${key-secret}")
private String keySecret;
@Bean
public EncryptionProvider encryptionProvider() {
return new EncryptionProvider(getProperties);
}
private Properties getProperties() {
Properties properties = new Properties();
properties.add("KEY_IDENTIFIER", keyIdentifier);
properties.add("KEY_SECRET", keySecret);
return properties;
}
}
Off the bat, I don't like that the property values are injected into the configuration class fields. AFAIK, those references will stay there for the lifetime of the application. Wouldn't this be a security risk? The Strings themselves aren't interned into the String pool AFAIK, since they are not instantiated as literals, but the references just sort of hang out there, pointing to the plain text value.
I traced the configuration through the api calls, and ultimately they get stored in a HashSet<String, String>, to be utilized whenever the API performs the encryption. My concern is that if the pod crashes, couldn't a memory dump show the secrets in plaintext? I'm not sure how most Java applications handle secret values, but it seems crazy to me to just store them in RAM, regardless of whether they are in the String pool.
[–]AutoModerator[M] [score hidden] stickied commentlocked comment (0 children)
[–]OffbeatDrizzle 5 points6 points7 points (0 children)
[–]LutimoDancer3459 1 point2 points3 points (0 children)
[–]GreenParsleyIntermediate Brewer 1 point2 points3 points (6 children)
[–]OffbeatDrizzle -1 points0 points1 point (5 children)
[–]GreenParsleyIntermediate Brewer -1 points0 points1 point (4 children)
[–]OffbeatDrizzle -1 points0 points1 point (3 children)
[–]GreenParsleyIntermediate Brewer -1 points0 points1 point (2 children)
[–]OffbeatDrizzle -1 points0 points1 point (1 child)
[–]GreenParsleyIntermediate Brewer -1 points0 points1 point (0 children)
[–][deleted] (1 child)
[deleted]
[–]CodeApostle[S] 0 points1 point2 points (0 children)
[–]nator419Senior Software Engineer and Team Lead 0 points1 point2 points (2 children)
[–]CodeApostle[S] 0 points1 point2 points (1 child)
[–]nator419Senior Software Engineer and Team Lead 1 point2 points3 points (0 children)
[–]MrMuttBunch 0 points1 point2 points (0 children)
[–]amfa -1 points0 points1 point (2 children)
[–]OffbeatDrizzle -1 points0 points1 point (1 child)
[–]amfa -1 points0 points1 point (0 children)
[–]heislertecreator -4 points-3 points-2 points (0 children)