javax.security.auth.Destroyable

Michael StJohns mstjohns at comcast.net
Fri Jun 14 10:40:18 PDT 2013


That's what I get for pawing around in the JDK7 code instead of the JDK8 code... 

I'm surprised this is a sub interface to private key etc rather than just having this added to the sun implementations.    Doing it this way isn't backwards compatible and is going to blow up a number of other providers.  Also, there are keys where you really can't destroy them without physically destroying the container.

In any event - thanks!

Mike





At 01:17 PM 6/14/2013, Vincent Ryan wrote:
>Thanks Mike. Both those classes were extended, as you suggest, for JDK 8:
>  <http://hg.openjdk.java.net/jdk8/jdk8/jdk/rev/8ee6d45348ba>http://hg.openjdk.java.net/jdk8/jdk8/jdk/rev/8ee6d45348ba
>
>A separate effort is also underway to enhance the classes that implement
>SecretKey and PrivateKey.
>
>Applications may first check whether a key class is an instance of Destroyable
>or they may call the key's destroy method and handle the possible exception.
>
>
>On 14 Jun 2013, at 17:42, Michael StJohns wrote:
>
>>Generic questions for possible future work:
>>
>>As a general guideline, would it make sense to add javax.security.auth.Destroyable to the set of interfaces for SecretKey and PrivateKey implementation objects where possible?
>>
>>Should the methods that use secret and private keys check to see if those keys implement the Destroyable interface to see if they should call isDestroyed() from that interface prior to using the key?
>>
>>Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/security-dev/attachments/20130614/29ec359f/attachment.html 


More information about the security-dev mailing list