如何从内存中“调零"出Java中的AES SecretKeySpec密钥 [英] how to 'Zero out' from memory an AES SecretKeySpec Key in Java
问题描述
我正在使用
SecretKeySpec(byte[] key, String algorithm)
生成一个Key对象.
加密某些内容后,我想从内存中删除密钥.
After I encrypt something, I want to remove the Key from memory.
我可以删除所有对Key的引用,但这不能保证Key不会在内存中浮动.
I can remove all references to the Key, but that does not guarantee that the key is not floating somewhere in memory.
我可以将用于生成密钥的byte []数组清零",但是如何清零或刷新实际的密钥存储器.
I can "zero out" the byte[] array that I used to generate the Key, but how can I zero out or flush the actual Key memory.
推荐答案
在Java 7以下版本中似乎没有做到这一点的方法,但是Java 8已通过添加来解决此问题.可销毁的界面.
There doesn't appear to be a way to do this in Java versions up to 7, but it has been fixed for Java 8 by adding the Destroyable interface.
请参见 https://bugs.openjdk.java.net/browse/JDK-6263419
通过增强java.security.PrivateKey和javax.crypto.SecretKey类来扩展javax.security.auth.Destroyable接口.
Addess this requirement by enhancing java.security.PrivateKey and javax.crypto.SecretKey classes to extend the javax.security.auth.Destroyable interface.
但是,请注意以下注释:
However, note the comments:
清除BigInteger或byte []引用并不能保证敏感信息从内存中消失了.操作系统的虚拟内存可能已交换到磁盘,例如,留下一个复制到本地硬盘上.此外,Java运行时VM可能会本身具有信息的多个内部副本.
clearing out a BigInteger or byte[] reference doesn't guarantee that the sensitive information is gone from memory. The operating system's virtual memory may have been swapped to disk, for example, leaving a copy on the local hard drive. In addition, the Java runtime VM may itself have multiple internal copies of the information.
还请注意,将原始字节数组清零不会清除SecretKeySpec,因为它获取字节数组的副本
Note also that zeroing out the original byte array will NOT clear the SecretKeySpec, because it takes a copy of the byte array in its constructor.
However, you might be able to get access to the SecretKeySpec copy of the byte array (even though it is private) using Java Reflection to change the access to that field.
这篇关于如何从内存中“调零"出Java中的AES SecretKeySpec密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
