JDK-8275823 : java.security.KeyPair should implement Destroyable
  • Type: CSR
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P3
  • Status: Draft
  • Resolution: Unresolved
  • Submitted: 2021-10-22
  • Updated: 2021-10-22
Related Reports
CSR :  
JDK-8158689 - java.security.KeyPair should implement Destroyable
Description
Summary
-------

java.security.KeyPair should implement Destroyable to destroying the internal private key

Problem
-------

With java.security.KeyPair not implementing the Destroyable interface, this requires a user to get the private key from KeyPair and call destroy operations on that key.  That is not user-friendly as a public API key class that contain Destroyable field should also implement Destroyable.

Solution
--------
Instead of a multi-step process of getting the privateKey from the KeyPair class to call Destroyable methods on the privateKey, with KeyPair implementing Destroyable.  This allows the user to call Destroyable methods on KeyPair to destroy the private key.

The public key does not implement Destroyable as it is not a secret.

Specification
-------------
    -public final class KeyPair implements java.io.Serializable {
    +public final class KeyPair implements Serializable, Destroyable {


    + /**
    +  * Check if the private key has been destroyed.
    +  *
    +  * @return true is if the private key has been destroyed.
    +  *
    +  * @since 18
    +  */
    + public boolean isDestroyed() {
     ...
    + /**
    +  * Call to destroy the private key in this key pair. DestroyFailedException
    +  * will be thrown if the private key object does not implement a destroy
    +  * method.
    +  *
    +  * @throws DestroyFailedException if the destroy operation fails or there is
    +  * no underlying destroy method.
    +  *
    +  * @since 18
    +  */
    + public void destroy() throws DestroyFailedException {