Re: [GNU Crypto] Passwords Immutable?

[Casey Marshall]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Bryan" == Bryan Hoover <address@hidden> writes:

Bryan> So there may be a couple of minor implementation questions:

Bryan> 1.  Should Password make a copy?

I think it should in the constructor, and probably a (byte[],int,int)
constructor should be added.

Bryan> 2.  Should SRPClient this.password be char[] or Password?

I'd say Password, because if Password.destroy() is called we wouldn't
want a variable to change on us without notice.

Bryan> Finally, I wasn't sure whether to throw an exception on
Bryan> password access attempts subsequent to calling destroy().  I do
Bryan> not.

Probably an `IllegalStateException' is appropriate when getPassword is
called on a destroyed object. It's arguably better then letting code
use erased passwords, and failing in difficult-to-understand ways.

Bryan> Sorry so wordy.

Bryan> Feel free to use or not -- though I hope you will.  I can also
Bryan> add the code to pivot (and whatever else) relative to which
Bryan> password property use if you want to go with the additional
Bryan> property option for compatibility.  I had fun doing it, and
Bryan> will use it in my compile.

We'd need copyright assignment in order to include these patches. But
this is a really simple thing to do, so I can implement this myself.
That is, of course, unless you have a desire to contribute more ;)

- -- 
Casey Marshall || address@hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.7 <http://mailcrypt.sourceforge.net/>

iD8DBQFAfbIrgAuWMgRGsWsRAjvEAJoD/i9gXcuJJhR3ROOOtwAJiTiwVACdHDLy
TS50QYsRlWhWcKIKQVgF4so=
=L6mt
-----END PGP SIGNATURE-----