This week's book giveaway is in the Other Languages forum.
We're giving away four copies of Rust Web Development and have Bastian Gruber on-line!
See this thread for details.
Win a copy of Rust Web Development this week in the Other Languages forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Rob Spoor
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Tim Moores
  • Jesse Silverman
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Frits Walraven

SecureString Class in Java

 
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I'd been asked by several people around about the equivalent to SecureString Class (as in .NET) in Java. Is there one, that behaves like SecureString Class, or can be by any means simulate one?

- Clarence
 
Bartender
Posts: 11445
19
Android Google Web Toolkit Mac Eclipse IDE Ubuntu Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What does a SecureString class do?
 
Clarence J M Tauro
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
SecureString Class represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed.

http://msdn.microsoft.com/en-us/library/system.security.securestring.aspx

You know what, even I have never worked on .NET, but I wanted to clarify as lot and lot of people ask me about this.
 
Sheriff
Posts: 22567
122
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don't get its purpose. It may be secure, until you need to read it. The only way to do that is call ToString to turn it into a String - and that's not secure anymore. You might as well use a char[] in Java. That's never stored in the String pool and is therefore used when a "secure" String is needed. It's used for java.io.Console, JPasswordField and java.net.PasswordAuthentication.
 
Clarence J M Tauro
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you actually look at the SecureString class, It says the data cannot be captured using some memory capturing tools as well.
JPasswordField.. etc, merely echoes the data in a different way.
 
Ranch Hand
Posts: 423
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Rob Prime wrote:I don't get its purpose. It may be secure, until you need to read it.


This is precisely its purpose - it stays secure when program does not need it.
If someone does a heapdump and analyse its content, secured string stays secure.
If program (for example an applet running on user machine) stores passwords in memory using strings,
it is very easy to discover them in java using standard JDK tools available to download for everyone.

 
Clarence J M Tauro
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thats right.!! Now how do I implement one like it? I have searched across and could not find one, atleast not in the standard APIs..
 
Rob Spoor
Sheriff
Posts: 22567
122
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Because there is no such thing in Java (yet?).
 
Clarence J M Tauro
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Agreed! Now how can I simulate one like it?
 
Rancher
Posts: 43027
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It would involve storing the encrypted string in a byte[], and only decrypting it when it gets accessed (or whenever the contents of the string are altered, and then re-encrypting it). Any intermediate cleartext should be stored in local variables, not instance variables.
 
Clarence J M Tauro
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Ulf Dittmer wrote:It would involve storing the encrypted string in a byte[], and only decrypting it when it gets accessed (or whenever the contents of the string are altered, and then re-encrypting it). Any intermediate cleartext should be stored in local variables, not instance variables.



Ok Ulf, But I doubt this would be the way, how SecureString is implemented in .NET.
 
Ulf Dittmer
Rancher
Posts: 43027
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Not sure what you mean. You asked how to implement it, and what I described is one way to do that. What does it matter what .Net does?

You can always check out what Mono does - it's open source, after all.
 
Rob Spoor
Sheriff
Posts: 22567
122
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Without using native code, the byte[] is just as vulnerable as using a char[]. When you decode it because you need to add text to it, although briefly, the "secure" text will be fully visible in memory.
With native code it is possible to secure memory regions (although I don't remember how). That's what you'll need in the end.
 
Clarence J M Tauro
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Well, if we have access to the char/byte array which is actually storing the string, (which actually would be a part of a class, say SString), then we can apply some block encryption algorithm on it, say DES or AES. So, even if our string gets captured, it is encrypted, and hence safe!!

However, in that case, we must keep the "Encryption Key" at a memory location, which is "Relatively Safe", may be in Kernel space (but I don't think it’s possible in Java to specify a specific memory location for a variable).

Frankly speaking, no idea! I never needed to assign a specific memory location to a Java variable.

Ah..!! Again, I am Stuck..!!


Ulf Dittmer wrote:What does it matter what .Net does?



He he.. ;-) It doesn't.
 
Rob Spoor
Sheriff
Posts: 22567
122
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Clarence J M Tauro wrote:Well, if we have access to the char/byte array which is actually storing the string, (which actually would be a part of a class, say SString), then we can apply some block encryption algorithm on it, say DES or AES. So, even if our string gets captured, it is encrypted, and hence safe!!


But to add something you need to decrypt the current contents first, then add to it, then encrypt it again.
 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Let me tell you a little story to prove a point.

A clever man travelled the world with a jar making money from a particular bet that he made with those he came across. The man would fill his jar up with rocks and ask onlookers put their money in for double the return when they thought his jar was full. When the rocks piled to the top of the jar, most of the crowd would place their bets and think themselves a winner whilst others would look on in curiosity. To their disappointment the man would pull out some smaller stones, place them on top and give it a little shake till they fell in between the others. A few others make their bets then only to watch the man tip a handful of sand into the jar and still manage to fit more in. By now there seems to be no more free room in the jar and the lucky few left think they have it in the bag. But surprisingly, the man picks up his drinking water and tips the last few mouthfuls into the supposedly full jar. By now the man has become much the richer and he continues on to the next unsuspecting crowd.

If tl;dr, the point is there will always be a vulnerable window of opportunity in any security context. The idea is how small is small enough for your requirements.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic