You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2018/12/19 10:34:34 UTC
svn commit: r1849289 -
/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
Author: coheigea
Date: Wed Dec 19 10:34:33 2018
New Revision: 1849289
URL: http://svn.apache.org/viewvc?rev=1849289&view=rev
Log:
Cleaning a secret key in another location
Modified:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java?rev=1849289&r1=1849288&r2=1849289&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java Wed Dec 19 10:34:33 2018
@@ -25,6 +25,7 @@ import java.util.List;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
+import javax.security.auth.DestroyFailedException;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.crypto.Crypto;
@@ -242,6 +243,14 @@ public class WSSecEncrypt extends WSSecE
encryptor.setWsDocInfo(getWsDocInfo());
List<String> encDataRefs =
encryptor.doEncryption(keyInfo, secretKeySpec, getSymmetricEncAlgorithm(), references, attachmentEncryptedDataElements);
+
+ // Clean the secret key from memory now that we're done with it
+ try {
+ secretKeySpec.destroy();
+ } catch (DestroyFailedException e) {
+ LOG.debug("Error destroying key: {}", e.getMessage());
+ }
+
if (encDataRefs.isEmpty()) {
return null;
}