JDK-8303613 : EdECPrivateKey should support Destroyable.destroy()
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version: 17
  • Priority: P4
  • Status: Open
  • Resolution: Unresolved
  • OS: generic
  • CPU: generic
  • Submitted: 2023-03-03
  • Updated: 2025-05-19
Related Reports
Relates :  
JDK-8228429 - Destroyed PBEKey behaves incorrectly
Relates :  
JDK-8160206 - SecretKeySpec should implement destroy()
Description
A DESCRIPTION OF THE PROBLEM :
Elliptic curve private keys, e.g. implementations of EdECPrivateKey like EdDSAPrivateKeyImpl implement the Destroyable interface by deriving from PrivateKey.

Unfortunately they provide no implementation of the destroy() method, thus reverting to the default implementation of the Destroyable interface (throwing an DestroyFailedException).

It would be great if calling destroy() would zero the array holding the sensitive data.
Comments
Moved to JDK for further evaluations.
03-03-2023