| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Casey Marshall wrote: > I think in general this sort of class will be useful, too. The idea > behind it being that if the programmer forgets that he has these keys > in memory, they will be wiped out after too long a timeout, in hope > that the memory there would not have been swapped to disk. Disk swapping. Yes. That's another issue :). > Bryan> In any event, in this light, resetMechanism is probably not the > Bryan> best place to put the constructor. > > Bryan> So now that you mention it, why not destroy the password as > Bryan> soon as possible? It's not needed beyond initialization is > Bryan> it?, so once that's done, perhaps that'd be the time to call > Bryan> the destructor. Looks like that would be right after or within > Bryan> sendPublicKey. > > I would say yes. Destroying sensitive data as soon as possible should > be the rule. And since going this far, it would probably be a good idea to add some sort of shut down hook(s), and/or try/finally sections -- as centralized as possible -- wouldn't it? That is, the preceeding covers "carelessness", but does not cover variable lifetime, normal program flow. For instance, SRPClient could, in the calling program, go out of scope before an ExpirableObject's timer went off. However, I don't suppose there's any way to cover cleaning up after an object, or being notified when it goes out of scope (or is there?), but there is at least the facility of program shutdown hooks. I don't discount from any of this, the Java SASL interface dispose method, eventhough it's only good if the programmer calls it. Centralized clean-up code would make it easy to include whatever clean-up here (despose) as well though. Bryan - -- What is a poet? An unhappy man who hides deep anguish in his heart, but whose lips are so formed that when the sigh and cry pass through them, it sounds like lovely music. - (Soren Kierkegaard - Either/Or) http://www.wecs.com/content.htm This signature file is generated by Pick-a-Tag ! Written by Jeroen van Vaarsel http://www.google.com/search?hl=en&ie=ISO-8859-1&q=pick-a-tag -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (MingW32) - GPGrelay v0.94 iD8DBQFAiZmo8CguVNZ0FHARAq+kAJ46B+I8rhg8R0rTfVTDKRwhCN6FVQCeI8/q /qlVoJxLuL5q/KvI08L+8zo= =IUUT -----END PGP SIGNATURE----- _______________________________________________ gnu-crypto-discuss mailing list gnu-crypto-discuss@xxxxxxx http://mail.nongnu.org/mailman/listinfo/gnu-crypto-discuss
[Home] [Gnu Classpath] [Linux Kernel] [Linux Cryptography] [Fedora] [Fedora Directory] [Red Hat Development] [Red Hat 9 Bible] [Fedora Bible] [Red Hat 9] [Network Security Reading]
|