[8] Code review request for 6263419: No way to clean the memory for a java.security.Key
Sean Mullan
sean.mullan at oracle.com
Tue Jan 22 13:30:33 PST 2013
I don't think you should add the @since 1.8 tags on the Destroyable
methods, since they are not new, you are just adding a default
implementation.
As an aside, we should file an RFE to add a default method for
SecretKey.getFormat that returns "RAW" (since this is what should always
be returned).
--Sean
On 01/22/2013 04:17 PM, Vincent Ryan wrote:
> Last call on this. And an updated webrev containing a minor javadoc
> change to the Implementer's Note in PrivateKey and SecretKey.
>
> Webrev: http://cr.openjdk.java.net/~vinnie/6263419/webrev.01/
>
> Thanks.
>
>
> On 17/01/2013 17:04, Vincent Ryan wrote:
>> Hello,
>>
>> Please review the fix for 6263419. It introduces a mechanism to destroy
>> the sensitive data associated with private keys and secret keys. It is
>> a component of the JEP-166 delivery.
>>
>> Webrev: http://cr.openjdk.java.net/~vinnie/6263419/webrev.00/
>>
>> Implementers of JCE security providers can override the default method
>> implementations in the Destroyable interface to allow applications to
>> take advantage of this new facility. We intend to update our key
>> implementation classes soon.
>>
>> Thanks.
>
More information about the security-dev
mailing list