0

I am implementing encryption/decryption of logs, and came across a sample code on another SO question that used the node crypto library. In the code, its mentioned that the buffers storing the plaintext and cipher key need to be cleared after the encryption / decryption process so that it doesn't "linger in the memory".

I understand this concept, but how does one clear a buffer? I've tried searching on SO and the official node documentation for buffer object, but I couldn't find much. So far, I've considered: setting the variable to null trigger Node's garbage collection, or using Buffer.fill().

Thanks for any help!

Daruul
  • 35
  • 1
  • 8
  • 2
    `Buffer.fill()` is how you clear a buffer if you're using an actual Buffer object. Setting the variable to `null` will trigger garbage collection (if nobody else has a reference to it), but that does still allow the data to sit in memory until that memory is reused which is what the sample code is trying to avoid. – jfriend00 Oct 19 '21 at 07:00
  • Oh so after returning the buffer object, I just have to call `Buffer.fill()` and the sensitive data will be replaced with the random character instead, thereby "clearing" it? – Daruul Oct 19 '21 at 07:25
  • No. Did you look at the [doc](https://nodejs.org/api/buffer.html#buffer_buf_fill_value_offset_end_encoding) for `buffer.fill()`? It fills the buffer with a character of your choosing (many developers choose `0`), overwriting prior data. – jfriend00 Oct 19 '21 at 07:27
  • Yep, I think I also meant what you just said, but just phrased poorly ;-; In essence, overwrite the buffer's previous data with a random character like 0 using `fill(0)` right? – Daruul Oct 19 '21 at 07:36
  • Yes, that would be it. More detailed help would require seeing the actual code. – jfriend00 Oct 19 '21 at 08:01

0 Answers0