SecureString.java

  1. package org.flasby.crypto;

  3. import java.lang.ref.Cleaner;
  4. import java.security.SecureRandom;
  5. import java.util.Arrays;

  7. /**
  8.  * This is not a string but a CharSequence that can be cleared of its memory. Important for handling
  9.  * passwords. Represents text that should be kept confidential, such as by deleting it from memory
  10.  * when no longer needed or garbaged collected.
  11.  *
  12.  * <p>Modified from an original post in stackoverflow by Melloware who modified something from
  13.  * OWASP.
  14.  */
  15. public final class SecureString implements CharSequence, AutoCloseable {

  17.   private static final Cleaner CLEANER = Cleaner.create();
  18.   private final Cleaner.Cleanable cleanable;
  19.   private final State state;

  21.   private static class State implements Runnable {
  22.     private final int[] chars;
  23.     private final int[] pad;
  24.     private boolean cleared = false;

  26.     /**
  27.      * Randomly pad the characters to not store the real character in memory.
  28.      *
  29.      * @param start start of the {@code CharSequence}
  30.      * @param length length of the {@code CharSequence}
  31.      * @param characters the {@code CharSequence} to scramble
  32.      */
  33.     State(final int start, final int length, final CharSequence characters) {
  34.       pad = new int[length];
  35.       chars = new int[length];
  36.       for (int i = start; i < length; i++) {
  37.         final char charAt = characters.charAt(i);
  38.         pad[i] = random.nextInt();
  39.         chars[i] = pad[i] ^ charAt;
  40.       }
  41.     }

  43.     public char charAt(final int i) {
  44.       return (char) (pad[i] ^ chars[i]);
  45.     }

  47.     public int length() {
  48.       return chars.length;
  49.     }

  51.     public void run() {
  52.       // Native resource deallocation happens here.
  53.       Arrays.fill(chars, '0');
  54.       Arrays.fill(pad, 0);
  55.       cleared = true;
  56.     }
  57.   }

  59.   private static final SecureRandom random = new SecureRandom();

  61.   public SecureString(final CharSequence original) {
  62.     this(0, original.length(), original);
  63.   }

  65.   public SecureString(final int start, final int end, final CharSequence original) {
  66.     state = new State(start, (end - start), original);
  67.     cleanable = CLEANER.register(this, state);
  68.   }

  70.   @Override
  71.   public char charAt(final int i) {
  72.     return state.charAt(i);
  73.   }

  75.   @Override
  76.   public int length() {
  77.     return state.length();
  78.   }

  80.   @Override
  81.   public CharSequence subSequence(final int start, final int end) {
  82.     return new SecureString(start, end, this);
  83.   }

  85.   /**
  86.    * Convert array back to String but not using toString(). See toString() docs below. Calling
  87.    * should be avoided as it leaves passwords in memory which can't be cleared.
  88.    */
  89.   public String asString() {
  90.     if (state.cleared) throw new NullPointerException("SecureString is cleared, check your code");
  91.     final char[] value = new char[length()];
  92.     for (int i = 0; i < value.length; i++) {
  93.       value[i] = charAt(i);
  94.     }
  95.     return new String(value);
  96.   }

  98.   /** Manually clear the underlying array holding the characters */
  99.   public void clear() {
  100.     state.run();
  101.   }

  103.   /**
  104.    * Protect against using this class in log statements.
  105.    *
  106.    * <p>{@inheritDoc}
  107.    */
  108.   @Override
  109.   public String toString() {
  110.     return "Secure:XXXXX";
  111.   }

  113.   @Override
  114.   public void close() {
  115.     cleanable.clean();
  116.   }
  117. }
Created with JaCoCo 0.8.12.202403310830