JDK-8228414 : KeyStore.PrivateKeyEntry and KeyStore.SecretKeyEntry should implement Destroyable
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 11,13
  • Priority: P4
  • Status: Resolved
  • Resolution: Won't Fix
  • Submitted: 2019-07-16
  • Updated: 2022-06-13
  • Resolved: 2022-06-13
Related Reports
Relates :  
JDK-8158689 - java.security.KeyPair should implement Destroyable
Description
A DESCRIPTION OF THE PROBLEM :
Similar to JDK-8158689

KeyStore.PrivateKeyEntry and KeyStore.SecretKeyEntry contain a Destroyable, but do not themselves implement Destroyable.


CUSTOMER SUBMITTED WORKAROUND :
Retrieve the key and destroy it

secretKeyEntry.getSecretKey().destroy()
Comments
These classes only hold references to the Destroyable objects. Unlike other APIs that implement Destroyable, they do not have their own copy of sensitive data. Thus, I don't think it is necessary for these APIs to implement Destroyable.
13-06-2022