Clean memory in JCE implementations of private key and secret key

XMLWordPrintable

    • Type: Bug
    • Resolution: Won't Fix
    • Priority: P3
    • None
    • Affects Version/s: 8
    • Component/s: security-libs
    • None

      The java.security.PrivateKey and javax.crypto.SecretKey classes extend the javax.security.auth.Destroyable interface (since JDK-6263419)

      Modify implementation classes in JCE to make use of the Destroyable interface by zeroing sensitive
      key material when it is no longer required.

            Assignee:
            Unassigned
            Reporter:
            Vincent Ryan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: