[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google
  Web www.spinics.net

Re: [GNU Crypto] Passwords Immutable?



On Mon, Apr 12, 2004 at 02:41:14PM -0700, Casey Marshall wrote:
> What I would probably do is introduce some new classes, e.g.
> 
> public final class Password {
>   private final char[] password;
>   public Password (char[]);
>   public char[] getPassword();
>   public void destroy();
> }
> 
> Which makes more sense than a char array, and even kind of makes more
> sense than a String. The sensitive data is immutable, but erasable,
> and it is wrapped in an object that is sensible for it's purpose.
> 
> There's also the javax.security.auth.Destroyable interface, which any
> JVM worth it's salt should be written to respect.

And now in 1.5 there's java.security.KeyStore.PasswordProtection which
does everything that's needed. So I would simply use that and state that
there are significant security concerns with using the crypto library
with any JVM which doesn't implement version 1.5 or higher.

I really don't see the point in writing code which is most likely to
provide no additional security especially considering how rapid the
switch to 1.5 will probably be. So I'd just use the PasswordProtection
class if available and not bother if it's not.

Matthew
-- 
Matthew Sackman

BOFH excuse #415:
Maintenance window broken


_______________________________________________
gnu-crypto-discuss mailing list
gnu-crypto-discuss@xxxxxxx
http://mail.nongnu.org/mailman/listinfo/gnu-crypto-discuss

[Home]     [Gnu Classpath]     [Linux Kernel]     [Linux Cryptography]     [Fedora]     [Fedora Directory]     [Red Hat Development]     [Red Hat 9 Bible]     [Fedora Bible]     [Red Hat 9]     [Network Security Reading]

  Powered by Linux