Feature #3121

migrate secrets handling to unmanaged C code for more reliable zeroizing

Added by abeluck almost 4 years ago.

Status:NewStart date:03/25/2014
Priority:NormalDue date:
Assignee:-% Done:


Target version:0.2


With our Wiper class, we currently make a good attempt, using reflection, to wipe sensitive data inside the JVM. But due to memory relocation during garbage collection in the JVM, we can't be sure copies of data haven't been made inadvertently.

To solve this we can create C helpers that manage sensitive data in real memory. NIO Direct Byte Buffers might be useful here.

Also available in: Atom PDF