oidc-agent
  • Introduction
  • Quickstart
  • Migrating to oidc-agent 5
  • Installation
    • Linux
    • MacOS
    • Windows
  • Configuration
    • oidc-agent Directory
    • General Configuration
    • Custom Request Parameter
    • Configuration of Providers
    • oidc-agent Integration
    • Agent Forwarding
  • Usage
    • oidc-agent
      • Starting oidc-agent
      • General Usage
      • Detailed Information About All Options
    • oidc-agent-service
    • oidc-keychain
      • General Usage
      • Detailed Information About All Options
    • oidc-gen
      • General Usage
      • Detailed Information About All Options
      • Integrate With Different Providers
        • B2Access
        • EGI
        • Elixir
        • Google
        • HBP
        • Helmholtz AAI
        • IAM (INDIGO/DEEP)
        • KIT
        • Any Other Provider
        • Known Issues
        • Client Configuration Values
    • oidc-add
      • General Usage
      • Detailed Information About All Options
    • oidc-token
      • General Usage
      • Detailed Information About All Options
    • oidc-tokensh
      • General Usage
      • Detailed Information About All Options
    • Other Applications Using oidc-agent
    • Tips
    • oidc-agent-server
  • Windows
    • Installation
  • MAC OS
    • State of Feature Support
    • Installation
  • Security
    • Privilege Separation & Architecture
    • Account Configuration Files
    • Credentials
    • Memory
    • Agent Locking
    • Communication
    • Encryption Passwords
    • Autounload (Lifetime)
    • User Confirmation
    • Tracing
    • seccomp
    • Final Note
  • API
    • liboidc-agent4
    • liboidcagent-go
    • liboidcagent-py
    • IPC-API
Powered by GitBook
On this page
  1. Security

Memory

PreviousCredentialsNextAgent Locking

Last updated 1 year ago

Programming in C always requires caution when it comes to memory security. Because we handle sensitive data, we decided to clear all allocated memory before freeing it. To do this we wrote our own memory allocator (wrapper) and a custom free. By clearing all allocated memory and not only the parts known to be sensitive we ensure that all sensitive data is overwritten before freed. (Even if there is a refresh token as part of a server response.) Sensitive data on the stack is explicitly overwritten after usage.

Refresh tokens and client credentials are the most sensitive information that have to be kept in memory by oidc-agent for the whole time. To make it harder for an attacker to extract this information from the agent, it is obfuscated when not being used. The password used for obfuscation is dynamically generated when the agent starts. Additional encryption is applied when the agent is locked (see ).

Agent Locking