[8] Code review request for 6263419: No way to clean the memory for a java.security.Key
Vincent Ryan
vincent.x.ryan at oracle.com
Tue Jan 22 13:52:07 PST 2013
On 22/01/2013 21:30, Sean Mullan wrote:
> I don't think you should add the @since 1.8 tags on the Destroyable
> methods, since they are not new, you are just adding a default
> implementation.
Removed tags.
>
> As an aside, we should file an RFE to add a default method for
> SecretKey.getFormat that returns "RAW" (since this is what should always
> be returned).
>
Filed.
> --Sean
>
>
> On 01/22/2013 04:17 PM, Vincent Ryan wrote:
>> Last call on this. And an updated webrev containing a minor javadoc
>> change to the Implementer's Note in PrivateKey and SecretKey.
>>
>> Webrev: http://cr.openjdk.java.net/~vinnie/6263419/webrev.01/
>>
>> Thanks.
>>
>>
>> On 17/01/2013 17:04, Vincent Ryan wrote:
>>> Hello,
>>>
>>> Please review the fix for 6263419. It introduces a mechanism to destroy
>>> the sensitive data associated with private keys and secret keys. It is
>>> a component of the JEP-166 delivery.
>>>
>>> Webrev: http://cr.openjdk.java.net/~vinnie/6263419/webrev.00/
>>>
>>> Implementers of JCE security providers can override the default method
>>> implementations in the Destroyable interface to allow applications to
>>> take advantage of this new facility. We intend to update our key
>>> implementation classes soon.
>>>
>>> Thanks.
>>
>
More information about the security-dev
mailing list