Enclave secrets may be safely stored outside the enclave boundary after such secrets are properly sealed. However, there are certain instances where a secret, such as the seal key, needs to be disposed of inside the enclave. The enclave writer must use the
memset_s()function to clear any variable that contained secret data. The use of this function guarantees that the compiler will not optimize away the write to memory intended by this function call and thus ensuring the secret data is cleared. Using
memset_s()is especially important when secret data is stored in a dynamically allocated buffer. After such a buffer is freed it could be reallocated and its previous contents, if they are not erased, may be leaked outside the enclave.
The implementation of
memset_s()is not performance optimized so the use of
memset()is appropriate to initialize buffers and clear buffers that do not contain secret data.