Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8286423

Destroy password protection in the example code in KeyStore

    XMLWordPrintable

    Details

      Description

      The password protection should be destroyed in the example code in KeyStore specification. Otherwise, applications may just copy and past the code, and forget the requirement for password protection clean up.

          KeyStore.ProtectionParameter protParam =
              new KeyStore.PasswordProtection(password);
      + try {
              // get my private key
              KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
                  ks.getEntry("privateKeyAlias", protParam);
              PrivateKey myPrivateKey = pkEntry.getPrivateKey();

              // save my secret key
              javax.crypto.SecretKey mySecretKey;
              KeyStore.SecretKeyEntry skEntry =
                  new KeyStore.SecretKeyEntry(mySecretKey);
              ks.setEntry("secretKeyAlias", skEntry, protParam);

              // store away the keystore
              try (FileOutputStream fos = new FileOutputStream("newKeyStoreName")) {
                  ks.store(fos, password);
              }
      + } finally {
      + protParam.destroy();
      + }

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              xuelei Xuelei Fan
              Reporter:
              xuelei Xuelei Fan
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: