[Cryptography] Heartbleed and fundamental crypto programming practices
ianG
iang at iang.org
Fri Apr 11 09:57:54 EDT 2014
On 10/04/2014 07:15 am, Jerry Leichter wrote:
> ...Also, since String's are immutable in Java, you have the problem that even if you know you've got sensitive data you no longer need stored in a String ... there's nothing you can do to get rid of it.)
That problem - exactly, does anyone know a solution in Java to cleansing
Strings?
(I write the password, etc code in byte[] but sometimes one has to have
a String, such as asking the user for some input, .. like a password.)
iang
More information about the cryptography
mailing list