changeset 12703:521f330bda2f

8172525: Improve key keying case Reviewed-by: mullan
author igerasim
date Wed, 24 May 2017 19:57:48 -0700
parents fae4ad1bd8f7
children 48b5477d2f57
files src/share/classes/com/sun/crypto/provider/DESKey.java src/share/classes/com/sun/crypto/provider/DESedeKey.java src/share/classes/com/sun/crypto/provider/PBEKey.java src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java
diffstat 4 files changed, 29 insertions(+), 21 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/com/sun/crypto/provider/DESKey.java	Wed May 24 17:35:54 2017 +0100
+++ b/src/share/classes/com/sun/crypto/provider/DESKey.java	Wed May 24 19:57:48 2017 -0700
@@ -76,7 +76,7 @@
         DESKeyGenerator.setParityBit(this.key, 0);
     }
 
-    public byte[] getEncoded() {
+    public synchronized byte[] getEncoded() {
         // Return a copy of the key, rather than a reference,
         // so that the key data cannot be modified from outside
         return this.key.clone();
@@ -151,9 +151,11 @@
      */
     protected void finalize() throws Throwable {
         try {
-            if (this.key != null) {
-                java.util.Arrays.fill(this.key, (byte)0x00);
-                this.key = null;
+            synchronized (this) {
+                if (this.key != null) {
+                    java.util.Arrays.fill(this.key, (byte)0x00);
+                    this.key = null;
+                }
             }
         } finally {
             super.finalize();
--- a/src/share/classes/com/sun/crypto/provider/DESedeKey.java	Wed May 24 17:35:54 2017 +0100
+++ b/src/share/classes/com/sun/crypto/provider/DESedeKey.java	Wed May 24 19:57:48 2017 -0700
@@ -78,7 +78,7 @@
         DESKeyGenerator.setParityBit(this.key, 16);
     }
 
-    public byte[] getEncoded() {
+    public synchronized byte[] getEncoded() {
         return this.key.clone();
     }
 
@@ -152,9 +152,11 @@
      */
     protected void finalize() throws Throwable {
         try {
-            if (this.key != null) {
-                java.util.Arrays.fill(this.key, (byte)0x00);
-                this.key = null;
+            synchronized (this) {
+                if (this.key != null) {
+                    java.util.Arrays.fill(this.key, (byte)0x00);
+                    this.key = null;
+                }
             }
         } finally {
             super.finalize();
--- a/src/share/classes/com/sun/crypto/provider/PBEKey.java	Wed May 24 17:35:54 2017 +0100
+++ b/src/share/classes/com/sun/crypto/provider/PBEKey.java	Wed May 24 19:57:48 2017 -0700
@@ -72,7 +72,7 @@
         type = keytype;
     }
 
-    public byte[] getEncoded() {
+    public synchronized byte[] getEncoded() {
         return this.key.clone();
     }
 
@@ -147,9 +147,11 @@
      */
     protected void finalize() throws Throwable {
         try {
-            if (this.key != null) {
-                java.util.Arrays.fill(this.key, (byte)0x00);
-                this.key = null;
+            synchronized (this) {
+                if (this.key != null) {
+                    java.util.Arrays.fill(this.key, (byte)0x00);
+                    this.key = null;
+                }
             }
         } finally {
             super.finalize();
--- a/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java	Wed May 24 17:35:54 2017 +0100
+++ b/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java	Wed May 24 19:57:48 2017 -0700
@@ -190,7 +190,7 @@
         return key;
     }
 
-    public byte[] getEncoded() {
+    public synchronized byte[] getEncoded() {
         return key.clone();
     }
 
@@ -202,7 +202,7 @@
         return iterCount;
     }
 
-    public char[] getPassword() {
+    public synchronized char[] getPassword() {
         return passwd.clone();
     }
 
@@ -264,13 +264,15 @@
      */
     protected void finalize() throws Throwable {
         try {
-            if (this.passwd != null) {
-                java.util.Arrays.fill(this.passwd, '0');
-                this.passwd = null;
-            }
-            if (this.key != null) {
-                java.util.Arrays.fill(this.key, (byte)0x00);
-                this.key = null;
+            synchronized (this) {
+                if (this.passwd != null) {
+                    java.util.Arrays.fill(this.passwd, '0');
+                    this.passwd = null;
+                }
+                if (this.key != null) {
+                    java.util.Arrays.fill(this.key, (byte)0x00);
+                    this.key = null;
+                }
             }
         } finally {
             super.finalize();