private void encryptChars(char[] chars) { byte[] clearBytes = null; try { clearBytes = SecurityUtil.charsToBytes(chars); encryptBytes(clearBytes); } finally { SecurityUtil.clear(clearBytes); } }
private void encryptChars(char[] chars) { byte[] clearBytes = null; try { clearBytes = SecurityUtil.charsToBytes(chars); encryptBytes(clearBytes); } finally { SecurityUtil.clear(clearBytes); } }
private void encryptChars(char [] chars) { byte [] clearBytes = null; try { clearBytes = SecurityUtil.charsToBytes(chars); encryptBytes(clearBytes); } finally { SecurityUtil.clear(clearBytes); } }
/** * Computes the base 64 encoded SHA1 hash of the input. * * @param input The input chars * @return the hash */ public static String computeBase64SHA1Hash(char[] input) { // convert the char [] to bytes. I know there are utility methods for doing this, but I don't // know what sort of buffering they use. because it is possibly sensitive data, we do this in line so // that we can clear out our bytes after we are done. byte[] bytes = null; try { bytes = SecurityUtil.charsToBytes(input); return SecurityUtil.computeBase64SHA1Hash(bytes); } finally { // clear the possibly sensitive bytes out SecurityUtil.clear(bytes); // no need to clear "data" since it is now just a hash } }
/** * Computes the base 64 encoded SHA1 hash of the input. * * @param input The input chars * @return the hash */ public static String computeBase64SHA1Hash(char[] input) { // convert the char [] to bytes. I know there are utility methods for doing this, but I don't // know what sort of buffering they use. because it is possibly sensitive data, we do this in line so // that we can clear out our bytes after we are done. byte[] bytes = null; try { bytes = SecurityUtil.charsToBytes(input); return SecurityUtil.computeBase64SHA1Hash(bytes); } finally { // clear the possibly sensitive bytes out SecurityUtil.clear(bytes); // no need to clear "data" since it is now just a hash } }
/** * Computes the base 64 encoded SHA1 hash of the input * @param input The input chars * @return the hash */ public static String computeBase64SHA1Hash(char [] input) { //convert the char [] to bytes. I know there //are utility methods for doing this, but I don't //know what sort of buffering they use. because it //is possibly sensitive data, we do this in line so //that we can clear out our bytes after we are done. byte [] bytes = null; try { bytes = SecurityUtil.charsToBytes(input); return SecurityUtil.computeBase64SHA1Hash(bytes); } finally { //clear the possibly sensitive bytes out SecurityUtil.clear(bytes); //no need to clear "data" since it is now just a hash } }
@Override public void serialize(final Object object, final ObjectEncoder encoder) { final GuardedString val = (GuardedString) object; val.access((final char[] clearChars) -> { byte[] encryptedBytes = null; byte[] clearBytes = null; try { clearBytes = SecurityUtil.charsToBytes(clearChars); encryptedBytes = EncryptorFactory.getInstance().getDefaultEncryptor().encrypt(clearBytes); encoder.writeByteArrayContents(encryptedBytes); } finally { SecurityUtil.clear(encryptedBytes); SecurityUtil.clear(clearBytes); } }); }
@Override public void serialize(final Object object, final ObjectEncoder encoder) { final GuardedString val = (GuardedString) object; val.access((final char[] clearChars) -> { byte[] encryptedBytes = null; byte[] clearBytes = null; try { clearBytes = SecurityUtil.charsToBytes(clearChars); encryptedBytes = EncryptorFactory.getInstance().getDefaultEncryptor().encrypt(clearBytes); encoder.writeByteArrayContents(encryptedBytes); } finally { SecurityUtil.clear(encryptedBytes); SecurityUtil.clear(clearBytes); } }); }