-
Enhancement
-
Resolution: Unresolved
-
P4
-
None
-
11
-
generic
-
generic
A DESCRIPTION OF THE PROBLEM :
CipherSpi.bufferCrypt creates temporary byte[] arrays if input/output buffer is direct. Depending on combination it could leave array with plaintext to be garbage collected. API user has no control over zeroing those data to minimize memory scraping attack vector.
To override this behaviour user could use Cipher with byte[] based methods. However JSSE implementation of TLS uses ByteBuffer methods. It results in leaving HTTP requests with sensitive data on the heap.
I'm not sure weather JCE guaranties cleaning memory upon operations finish, so I put it as feature request instead of bug. Nevertheless it would be a good idea to zeroing those buffers. IMO performance hit would be negligible.
CipherSpi.bufferCrypt creates temporary byte[] arrays if input/output buffer is direct. Depending on combination it could leave array with plaintext to be garbage collected. API user has no control over zeroing those data to minimize memory scraping attack vector.
To override this behaviour user could use Cipher with byte[] based methods. However JSSE implementation of TLS uses ByteBuffer methods. It results in leaving HTTP requests with sensitive data on the heap.
I'm not sure weather JCE guaranties cleaning memory upon operations finish, so I put it as feature request instead of bug. Nevertheless it would be a good idea to zeroing those buffers. IMO performance hit would be negligible.
- links to
-
Review
openjdk/jdk/9158