Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear passphrase bytes after use #609

Merged
merged 1 commit into from
Jul 1, 2020
Merged

Conversation

fmeum
Copy link
Contributor

@fmeum fmeum commented Jun 25, 2020

Mimics the behavior of decrypt() in PKCS5KeyFile.java.

@hierynomus
Copy link
Owner

The behaviour is correct, but let's add a test that this doesn't get lost!

Mimics the behavior of `decrypt()` in `PKCS5KeyFile.java`.
@fmeum
Copy link
Contributor Author

fmeum commented Jun 26, 2020

I integrated checks for wiped passphrase bytes into the custom mock password finder I implemented for a previous PR. Note that the correct wiping of the intermediate buffers cannot be tested that way.

@hierynomus hierynomus merged commit 7bde5c1 into hierynomus:master Jul 1, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants