使用 char 数组而不是 String
[英]Using char array instead of String
问题描述
We have a security recommendation to use char array instead of String while storing password and later clear the char array.
我们有一个安全建议,即在存储密码时使用 char 数组而不是 String,然后清除 char 数组。 But the problem is, some of the jars accept string as an argument.但问题是,一些 jars 接受字符串作为参数。
For Example, org.apache.http.auth.UsernamePasswordCredentials needs two string arguments;例如,org.apache.http.auth.UsernamePasswordCredentials 需要两个字符串 arguments; One for password and one for username.一个用于密码,一个用于用户名。 Now, how do I call this function without creating a string for password现在,如何在不创建密码字符串的情况下调用此 function
httpClient.getCredentialsProvider().setCredentials(
new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
new UsernamePasswordCredentials(user.getUsername(), new String(user
.getPassword())));
How do I resolve this.我该如何解决这个问题。 Is there any way where i can store the password.有什么办法可以存储密码。 I understand that String is immutable and it is not recommended to store passwords in String.我了解 String 是不可变的,不建议将密码存储在 String 中。 So what is the alternate I can do那么我能做的替代方案是什么
1 个解决方案
解决方案1
0 2019-09-24 07:33:24
So the reason the security recommendation is to store the password as a character array is because, unlike arrays, Strings are immutable .所以安全建议将密码存储为字符数组的原因是,与 arrays 不同,字符串是不可变的。 This basically means once you've created the String it's in memory, even if you overwrote it, until such time that the garbage collection removes it.这基本上意味着一旦你创建了字符串,它就在 memory 中,即使你覆盖了它,直到垃圾收集将它删除。 This means that a another process can dump memory (before the GC runs) and potentially get your password.这意味着另一个进程可以转储 memory(在 GC 运行之前)并可能获取您的密码。 With Arrays on the other hand you can go and specifically overwrite the array and no other process will be able to get it.另一方面,使用 Arrays 可以 go 并专门覆盖数组,其他进程将无法获得它。
With an array, you can explicitly wipe the data after you're done with it.使用数组,您可以在完成后显式擦除数据。 You can overwrite the array with anything you like, and the password won't be present anywhere in the system, even before garbage collection.你可以用你喜欢的任何东西覆盖数组,密码不会出现在系统的任何地方,甚至在垃圾收集之前。
Had a look at org.apache.http.auth.UsernamePasswordCredentials and the UsernamePasswordCredentials only supports String .看看org.apache.http.auth.UsernamePasswordCredentials和UsernamePasswordCredentials只支持String 。 So potentially I would just store the password as a char array as per your security recommendation and then just convert it to String when calling this class.因此,我可能会根据您的安全建议将密码存储为字符数组,然后在调用此 class 时将其转换为字符串。 Then if you that paranoid, dispose the class once your done with it and immediately run the GC (this may run up your memory usage).然后,如果您偏执,请在完成后处理 class 并立即运行 GC(这可能会占用您的 memory 使用量)。
Also, if security is such a serious concern then your administrators should look at other alternatives, such as disabling core dumps .此外,如果安全问题如此严重,那么您的管理员应该考虑其他替代方案,例如禁用核心转储。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.