1 /* 2 * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @modules java.base/com.sun.crypto.provider:+open 27 * @run main/othervm DESKeyCleanupTest 28 * @summary Verify that key storage is cleared 29 */ 30 31 import java.lang.ref.PhantomReference; 32 import java.lang.ref.Reference; 33 import java.lang.ref.ReferenceQueue; 34 import java.lang.reflect.Field; 35 import java.util.Arrays; 36 37 import javax.crypto.KeyGenerator; 38 import javax.crypto.SecretKey; 39 40 /** 41 * Test that the array holding the key bytes is cleared when it is 42 * no longer referenced by the key. 43 */ 44 45 public class DESKeyCleanupTest { 46 47 private final static String SunJCEProvider = "SunJCE"; 48 main(String[] args)49 public static void main(String[] args) throws Exception { 50 testCleanupSecret("DES"); 51 testCleanupSecret("DESede"); 52 } 53 testCleanupSecret(String algorithm)54 static void testCleanupSecret(String algorithm) throws Exception { 55 KeyGenerator desGen = KeyGenerator.getInstance(algorithm, SunJCEProvider); 56 SecretKey key = desGen.generateKey(); 57 58 // Break into the implementation to observe the key byte array. 59 Class<?> keyClass = key.getClass(); 60 Field keyField = keyClass.getDeclaredField("key"); 61 keyField.setAccessible(true); 62 byte[] array = (byte[])keyField.get(key); 63 64 byte[] zeros = new byte[array.length]; 65 do { 66 // Wait for array to be cleared; if not cleared test will timeout 67 System.out.printf("%s array: %s%n", algorithm, Arrays.toString(array)); 68 key = null; 69 System.gc(); // attempt to reclaim the key 70 } while (Arrays.compare(zeros, array) != 0); 71 System.out.printf("%s array: %s%n", algorithm, Arrays.toString(array)); 72 73 Reference.reachabilityFence(key); // Keep key alive 74 Reference.reachabilityFence(array); // Keep array alive 75 } 76 } 77 78 79