You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2020/06/08 08:59:47 UTC
[ws-wss4j] branch master updated: Removing destroy calls for
private keys
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git
The following commit(s) were added to refs/heads/master by this push:
new 69541ed Removing destroy calls for private keys
69541ed is described below
commit 69541ed3b2987f2cfec4fa697f7077a862993ae5
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Jun 8 09:59:24 2020 +0100
Removing destroy calls for private keys
---
.../org/apache/wss4j/common/saml/SamlAssertionWrapper.java | 7 -------
.../main/java/org/apache/wss4j/dom/message/WSSecSignature.java | 10 ----------
.../org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java | 7 -------
.../java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java | 9 ---------
4 files changed, 33 deletions(-)
diff --git a/ws-security-common/src/main/java/org/apache/wss4j/common/saml/SamlAssertionWrapper.java b/ws-security-common/src/main/java/org/apache/wss4j/common/saml/SamlAssertionWrapper.java
index b894a73..c1f3471 100644
--- a/ws-security-common/src/main/java/org/apache/wss4j/common/saml/SamlAssertionWrapper.java
+++ b/ws-security-common/src/main/java/org/apache/wss4j/common/saml/SamlAssertionWrapper.java
@@ -593,13 +593,6 @@ public class SamlAssertionWrapper {
// add the signature to the assertion
setSignature(signature, signatureDigestAlgorithm);
-
- // Clean the private key from memory
- try {
- privateKey.destroy();
- } catch (javax.security.auth.DestroyFailedException ex) {
- LOG.debug("Error destroying private key: {}", ex.getMessage());
- }
}
/**
diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
index 90d3a39..34917f9 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
@@ -27,7 +27,6 @@ import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
-import javax.security.auth.Destroyable;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dom.DOMCryptoContext;
@@ -621,15 +620,6 @@ public class WSSecSignature extends WSSecSignatureBase {
signatureValue = sig.getSignatureValue().getValue();
- // Clean the private key from memory
- if (key instanceof Destroyable) {
- try {
- ((Destroyable)key).destroy();
- } catch (javax.security.auth.DestroyFailedException ex) {
- LOG.debug("Error destroying private key: {}", ex.getMessage());
- }
- }
-
cleanup();
} catch (Exception ex) {
LOG.error(ex.getMessage(), ex);
diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
index 464433f..bd5f339 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
@@ -226,13 +226,6 @@ public class EncryptedKeyProcessor implements Processor {
decryptedBytes = getAsymmetricDecryptedBytes(data, data.getWsDocInfo(), encryptedKeyTransportMethod,
encryptedEphemeralKey, refList,
elem, privateKey);
-
- // Clean the private key from memory
- try {
- privateKey.destroy();
- } catch (javax.security.auth.DestroyFailedException ex) {
- LOG.debug("Error destroying private key: {}", ex.getMessage());
- }
}
List<WSDataRef> dataRefs = decryptDataRefs(refList, data.getWsDocInfo(), decryptedBytes, data);
diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
index cd9de18..c905bbd 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
@@ -23,7 +23,6 @@ import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.List;
-import javax.security.auth.Destroyable;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.XMLSignContext;
@@ -534,14 +533,6 @@ public class WSSecSignatureSAML extends WSSecSignature {
signatureValue = sig.getSignatureValue().getValue();
- // Clean the private key from memory
- if (key instanceof Destroyable) {
- try {
- ((Destroyable)key).destroy();
- } catch (javax.security.auth.DestroyFailedException ex) {
- LOG.debug("Error destroying private key: {}", ex.getMessage());
- }
- }
} catch (Exception ex) {
LOG.error(ex.getMessage(), ex);
throw new WSSecurityException(