-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "Matthew" == Matthew Sackman <matthew@xxxxxxxxxxxxx> writes: Matthew> On Mon, Apr 12, 2004 at 12:44:23PM -0700, Casey Marshall Matthew> wrote: >> >>>>> "Matthew" == Matthew Sackman <matthew@xxxxxxxxxxxxx> writes: Matthew> You can't guarentee that that'll work. A heavily optimised Matthew> JVM may well see that the char array is never accessed after Matthew> the zeroing so therefore it's unnecessary to execute that Matthew> code. At a guess, I think live variable analysis will show Matthew> that such code is unnecessary (in terms of the JVM bothering Matthew> to execute it). >> But still, allowing for the possibility of erasure is, IMHO, a >> good idea. Hoping that someone doesn't optimize all the security >> out of our library is about all we can do ;) Matthew> Well yes and no. It is about all you can do but it's Matthew> dangerous to do it: i) You may introduce bugs in doing it. Matthew> ii) You increase code complexity and decrease readability. Matthew> iii) You have far more likelihood of very different Matthew> behaviours on different JVMs. iv) Other people reading the Matthew> code may not realise that such code is not guarenteed to run Matthew> and may rely on it - ie you're setting a bad example. v) Matthew> Speed sells. A lot of people think that Java has performance Matthew> issues and if you're going to write a JVM then you're going Matthew> to do well if you can advertise it as being the fastest JVM Matthew> available. Ie the optimisations you make to your JVM will Matthew> affect its market penetration and inversely affect the Matthew> security of programs which rely on non-optimising JVMs. What I would probably do is introduce some new classes, e.g. public final class Password { private final char[] password; public Password (char[]); public char[] getPassword(); public void destroy(); } Which makes more sense than a char array, and even kind of makes more sense than a String. The sensitive data is immutable, but erasable, and it is wrapped in an object that is sensible for it's purpose. There's also the javax.security.auth.Destroyable interface, which any JVM worth it's salt should be written to respect. - -- Casey Marshall || csm@xxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.7 <http://mailcrypt.sourceforge.net/> iD8DBQFAewz4gAuWMgRGsWsRAnRAAJ9ie3a8EJYmhYMIPCPotLv6nxvBZQCcCGvG ZV2gP1JAhbS8UMiPSy4uzHI= =qCZs -----END PGP SIGNATURE----- _______________________________________________ gnu-crypto-discuss mailing list gnu-crypto-discuss@xxxxxxx http://mail.nongnu.org/mailman/listinfo/gnu-crypto-discuss