RFR: 8208583: Better management of internal KeyStore buffers

Seán Coffey sean.coffey at oracle.com
Tue Jul 31 19:11:38 UTC 2018

Looking to improve management of internal buffers in KeyStore. The 
com.sun.crypto.provider.KeyProtector class uses the PBEKey class to 
protect some keys. Buffers can be freed up earlier if the caller takes 
responsibility for lifecycle of PBEKey object. (hence no reliance on 
Cleaner). Some other minor improvements made while visiting this area.

Other improvements in sun.security.provider.KeyProtector where I believe 
the password buffer can be managed by the caller.  I only found 2 
instances of where this class is used.



More information about the security-dev mailing list