1 /*
2  * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.
8  *
9  * This code is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12  * version 2 for more details (a copy is included in the LICENSE file that
13  * accompanied this code).
14  *
15  * You should have received a copy of the GNU General Public License version
16  * 2 along with this work; if not, write to the Free Software Foundation,
17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20  * or visit www.oracle.com if you need additional information or have any
21  * questions.
22  */
23 
24 /*
25  * @test
26  * @modules java.base/com.sun.crypto.provider:+open
27  * @run main/othervm DESKeyCleanupTest
28  * @summary Verify that key storage is cleared
29  */
30 
31 import java.lang.ref.PhantomReference;
32 import java.lang.ref.Reference;
33 import java.lang.ref.ReferenceQueue;
34 import java.lang.reflect.Field;
35 import java.util.Arrays;
36 
37 import javax.crypto.KeyGenerator;
38 import javax.crypto.SecretKey;
39 
40 /**
41  * Test that the array holding the key bytes is cleared when it is
42  * no longer referenced by the key.
43  */
44 
45 public class DESKeyCleanupTest {
46 
47     private final static String SunJCEProvider = "SunJCE";
48 
main(String[] args)49     public static void main(String[] args) throws Exception {
50         testCleanupSecret("DES");
51         testCleanupSecret("DESede");
52     }
53 
testCleanupSecret(String algorithm)54     static void testCleanupSecret(String algorithm) throws Exception {
55         KeyGenerator desGen = KeyGenerator.getInstance(algorithm, SunJCEProvider);
56         SecretKey key = desGen.generateKey();
57 
58         // Break into the implementation to observe the key byte array.
59         Class<?> keyClass = key.getClass();
60         Field keyField = keyClass.getDeclaredField("key");
61         keyField.setAccessible(true);
62         byte[] array = (byte[])keyField.get(key);
63 
64         byte[] zeros = new byte[array.length];
65         do {
66             // Wait for array to be cleared;  if not cleared test will timeout
67             System.out.printf("%s array: %s%n", algorithm, Arrays.toString(array));
68             key = null;
69             System.gc();        // attempt to reclaim the key
70         } while (Arrays.compare(zeros, array) != 0);
71         System.out.printf("%s array: %s%n", algorithm, Arrays.toString(array));
72 
73         Reference.reachabilityFence(key); // Keep key alive
74         Reference.reachabilityFence(array); // Keep array alive
75     }
76 }
77 
78 
79