/** * Returns a new copy of this object that is backed by its own char array. Closing the new instance has no effect on the instance it * was created from. This is useful for APIs which accept a char array and you want to be safe about the API potentially modifying the * char array. For example: * * <pre> * try (SecureString copy = secureString.clone()) { * // pass thee char[] to a external API * PasswordAuthentication auth = new PasswordAuthentication(username, copy.getChars()); * ... * } * </pre> */ @Override public synchronized SecureString clone() { ensureNotClosed(); return new SecureString(Arrays.copyOf(chars, chars.length)); }
@Override public synchronized char charAt(int index) { ensureNotClosed(); return chars[index]; }
@Override SecureString getFallback(Settings settings) { if (fallback != null) { return fallback.get(settings); } return new SecureString(new char[0]); // this means "setting does not exist" } }
@Override public synchronized int length() { ensureNotClosed(); return chars.length; }
@Override public synchronized SecureString getString(String setting) { ensureOpen(); Entry entry = entries.get().get(setting); if (entry == null || entry.type != EntryType.STRING) { throw new IllegalArgumentException("Secret setting " + setting + " is not a string"); } ByteBuffer byteBuffer = ByteBuffer.wrap(entry.bytes); CharBuffer charBuffer = StandardCharsets.UTF_8.decode(byteBuffer); return new SecureString(charBuffer.array()); }
/** * Returns a new copy of this object that is backed by its own char array. Closing the new instance has no effect on the instance it * was created from. This is useful for APIs which accept a char array and you want to be safe about the API potentially modifying the * char array. For example: * * <pre> * try (SecureString copy = secureString.clone()) { * // pass thee char[] to a external API * PasswordAuthentication auth = new PasswordAuthentication(username, copy.getChars()); * ... * } * </pre> */ @Override public synchronized SecureString clone() { ensureNotClosed(); return new SecureString(Arrays.copyOf(chars, chars.length)); }
/** * Returns the underlying char[]. This is a dangerous operation as the array may be modified while it is being used by other threads * or a consumer may modify the values in the array. For safety, it is preferable to use {@link #clone()} and pass its chars to the * consumer when the chars are needed multiple times. */ public synchronized char[] getChars() { ensureNotClosed(); return chars; }
public void setString(String setting, String value) { ensureOpen(); secureStrings.put(setting, new SecureString(value.toCharArray())); settingNames.add(setting); }
/** * Returns a new copy of this object that is backed by its own char array. Closing the new instance has no effect on the instance it * was created from. This is useful for APIs which accept a char array and you want to be safe about the API potentially modifying the * char array. For example: * * <pre> * try (SecureString copy = secureString.clone()) { * // pass thee char[] to a external API * PasswordAuthentication auth = new PasswordAuthentication(username, copy.getChars()); * ... * } * </pre> */ @Override public synchronized SecureString clone() { ensureNotClosed(); return new SecureString(Arrays.copyOf(chars, chars.length)); }
/** Constant time equality to avoid potential timing attacks. */ @Override public synchronized boolean equals(Object o) { ensureNotClosed(); if (this == o) return true; if (o == null || o instanceof CharSequence == false) return false; CharSequence that = (CharSequence) o; if (chars.length != that.length()) { return false; } int equals = 0; for (int i = 0; i < chars.length; i++) { equals |= chars[i] ^ that.charAt(i); } return equals == 0; }
@Override SecureString getFallback(Settings settings) { if (fallback != null) { return fallback.get(settings); } return new SecureString(new char[0]); // this means "setting does not exist" } }
/** * Returns a new copy of this object that is backed by its own char array. Closing the new instance has no effect on the instance it * was created from. This is useful for APIs which accept a char array and you want to be safe about the API potentially modifying the * char array. For example: * * <pre> * try (SecureString copy = secureString.clone()) { * // pass thee char[] to a external API * PasswordAuthentication auth = new PasswordAuthentication(username, copy.getChars()); * ... * } * </pre> */ @Override public synchronized SecureString clone() { ensureNotClosed(); return new SecureString(Arrays.copyOf(chars, chars.length)); }
@Override public synchronized int length() { ensureNotClosed(); return chars.length; }
@Override SecureString getFallback(Settings settings) { if (fallback != null) { return fallback.get(settings); } return new SecureString(new char[0]); // this means "setting does not exist" } };
@Override public synchronized int length() { ensureNotClosed(); return chars.length; }
@Override SecureString getFallback(Settings settings) { if (fallback != null) { return fallback.get(settings); } return new SecureString(new char[0]); // this means "setting does not exist" } }
@Override public synchronized char charAt(int index) { ensureNotClosed(); return chars[index]; }
@Override public synchronized SecureString getString(String setting) { ensureOpen(); Entry entry = entries.get().get(setting); if (entry == null || entry.type != EntryType.STRING) { throw new IllegalArgumentException("Secret setting " + setting + " is not a string"); } ByteBuffer byteBuffer = ByteBuffer.wrap(entry.bytes); CharBuffer charBuffer = StandardCharsets.UTF_8.decode(byteBuffer); return new SecureString(charBuffer.array()); }
/** * Returns the underlying char[]. This is a dangerous operation as the array may be modified while it is being used by other threads * or a consumer may modify the values in the array. For safety, it is preferable to use {@link #clone()} and pass its chars to the * consumer when the chars are needed multiple times. */ public synchronized char[] getChars() { ensureNotClosed(); return chars; }
@Override public synchronized SecureString getString(String setting) { ensureOpen(); Entry entry = entries.get().get(setting); if (entry == null || entry.type != EntryType.STRING) { throw new IllegalArgumentException("Secret setting " + setting + " is not a string"); } ByteBuffer byteBuffer = ByteBuffer.wrap(entry.bytes); CharBuffer charBuffer = StandardCharsets.UTF_8.decode(byteBuffer); return new SecureString(charBuffer.array()); }