RFR: 8282038: CipherSpi.bufferCrypt leaves plaintext copy on the heap
Weijun Wang
weijun at openjdk.java.net
Wed Jun 15 20:02:13 UTC 2022
On Wed, 15 Jun 2022 19:37:31 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Clearing buffers and temporary arrays to avoid data leaks in cipher operations.
>
> src/java.base/share/classes/com/sun/crypto/provider/GCTR.java line 242:
>
>> 240: dst.put(in, 0, processed);
>> 241: } finally {
>> 242: Arrays.fill(in, (byte)0);
>
> The same handling should be applied to the 'out' buffer allocated on line 177 assuming the idea is to not leaving copies of user data lying around on the heap. Recovered text may contain the same bytes as plain text, so arguably the same handling should be applied to both input/output?
Seems so. BTW, I was using a test-driven programming model and have not observed a leak here. I'll see if I can trigger one.
-------------
PR: https://git.openjdk.org/jdk/pull/9158
More information about the security-dev
mailing list