ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1849164 - /webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java
Date Tue, 18 Dec 2018 11:20:23 GMT
Author: coheigea
Date: Tue Dec 18 11:20:23 2018
New Revision: 1849164

URL: http://svn.apache.org/viewvc?rev=1849164&view=rev
Log:
Destroying a secret key after we're done with it

Modified:
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java

Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java?rev=1849164&r1=1849163&r2=1849164&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java
(original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java
Tue Dec 18 11:20:23 2018
@@ -41,6 +41,7 @@ package org.apache.wss4j.common.derivedK
 
 import javax.crypto.Mac;
 import javax.crypto.spec.SecretKeySpec;
+import javax.security.auth.DestroyFailedException;
 
 import org.apache.wss4j.common.ext.WSSecurityException;
 
@@ -49,6 +50,9 @@ import java.security.NoSuchAlgorithmExce
 
 public class P_SHA1 implements DerivationAlgorithm {
 
+    private static final org.slf4j.Logger LOG =
+        org.slf4j.LoggerFactory.getLogger(P_SHA1.class);
+
     @Override
     public byte[] createKey(byte[] secret, byte[] seed, int offset, long length)
             throws WSSecurityException {
@@ -101,6 +105,12 @@ public class P_SHA1 implements Derivatio
             offset += tocpy;
             bytesRequired -= tocpy;
         }
+
+        try {
+            key.destroy();
+        } catch (DestroyFailedException e) {
+            LOG.debug("Error destroying key: {}", e.getMessage());
+        }
         return out;
     }
 }



Mime
View raw message