admin管理员组文章数量:1336289
I am writing a custom Java SecretKey implementation that supports destruction and is thread-safe. Please see my code below:
public class DSecretKey implements SecretKey, KeySpec {
final String algorithm;
final byte[] key;
final AtomicBoolean destroyed = new AtomicBoolean(false);
public DSecretKey(byte[] key, String algorithm) {
Asserts.notNull(key);
this.key = key.clone(); this.algorithm = algorithm;
}
@Override
public String getAlgorithm() { return this.algorithm; }
@Override
public String getFormat() { return "RAW"; }
@Override
public byte[] getEncoded() {
if (isDestroyed()) throw new IllegalStateException("The key is destroyed.");
return this.key.clone();
}
@Override
public boolean isDestroyed() { return this.destroyed.get(); }
@Override
public void destroy() throws DestroyFailedException {
if (this.destroyedpareAndSet(false, true)) {
CryptoUtils.clear(this.key);
}
}
}
As you can see, I am using AtomicBoolean to manage the destroyed state of the key.
Question: Should I not use AtomicBoolean and instead use a boolean data type with synchronized, volatile or a Java Lock in this case? Which method is better?
Note: The key can be used/reused concurrently.
I am writing a custom Java SecretKey implementation that supports destruction and is thread-safe. Please see my code below:
public class DSecretKey implements SecretKey, KeySpec {
final String algorithm;
final byte[] key;
final AtomicBoolean destroyed = new AtomicBoolean(false);
public DSecretKey(byte[] key, String algorithm) {
Asserts.notNull(key);
this.key = key.clone(); this.algorithm = algorithm;
}
@Override
public String getAlgorithm() { return this.algorithm; }
@Override
public String getFormat() { return "RAW"; }
@Override
public byte[] getEncoded() {
if (isDestroyed()) throw new IllegalStateException("The key is destroyed.");
return this.key.clone();
}
@Override
public boolean isDestroyed() { return this.destroyed.get(); }
@Override
public void destroy() throws DestroyFailedException {
if (this.destroyedpareAndSet(false, true)) {
CryptoUtils.clear(this.key);
}
}
}
As you can see, I am using AtomicBoolean to manage the destroyed state of the key.
Question: Should I not use AtomicBoolean and instead use a boolean data type with synchronized, volatile or a Java Lock in this case? Which method is better?
Note: The key can be used/reused concurrently.
Share edited Nov 19, 2024 at 19:28 LHA asked Nov 19, 2024 at 18:20 LHALHA 9,6778 gold badges55 silver badges91 bronze badges1 Answer
Reset to default 2The problem your implementation is facing is that getEncoded() is not thread safe. During the time between the call to isDestroyed() and key.clone() another thread could call destroy() and the returned key would be all empty, which is not what the implementation is supposed to do.
Since an instance of your class is after construction in an initialized state it can only go to a destroyed state. Then you could implement the method as:
@Override
public byte[] getEncoded() {
byte[] clonedKey = this.key.clone();
if (isDestroyed()) throw new IllegalStateException("The key is destroyed.");
return clonedKey;
}
This way round you can be sure that only a non-destroyed value is returned from the method.
本文标签: cryptographyImplement a Java SecretKey that supports destruction and is threadsafeStack Overflow
版权声明:本文标题:cryptography - Implement a Java SecretKey that supports destruction and is thread-safe - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742406568a2468942.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论