[Cryptography] Heartbleed and fundamental crypto programming practices
Viktor Dukhovni
cryptography at dukhovni.org
Sat Apr 12 17:58:43 EDT 2014
On Sat, Apr 12, 2014 at 04:43:35PM -0400, Kevin W. Wall wrote:
> And with a bit more work, one could even extend this technique
> to find and alter Strings that are declared 'private' within a
> given class. You would just have to pass in an Object and the
> name of the field you wanted to alter. (Left as an exercise for the
> reader.)
>
> public static void changeString(String original, String replacement)
> {
> try {
> Field value = String.class.getDeclaredField("value");
> value.setAccessible(true);
> value.set(original, replacement.toCharArray());
> Field count = String.class.getDeclaredField("count");
> count.setAccessible(true);
> count.set(original, replacement.length());
> } catch (Exception ex) {
> ; // ignore
> }
> }
This is a profound failure to understand the kind mutability required
to securely erase sensitive data from memory. Just because one
can mutate values seen by users of an object's interface, does NOT
mean that the underlying memory has been overwritten.
--
Viktor.
More information about the cryptography
mailing list