I use BigIntegers to store my public and private keys for RSA encryption. Lately I found out that Strings are not safe to store passwords due to them being immutable. Do BigIntegers have the same volnurability?
Currently im refactoring my code so user keys are stored in char arrays instead of Strings when sent from one part of the app to another. I need to know if making BigInteger objects from these char arrays is safe for the users data, or if I need to change that part of my app's functionality as well.
CodePudding user response:
You could make an argument for preferring byte[]
over BigInteger
for the same reason that char[]
might be preferred over String
.
For background, you should read Jon Skeet's answer explaining why some people recommend using char[]
rather than String
for storing passwords. The short version is that arrays, being mutable, can be overwritten after use. In theory this immediately removes the sensitive data from memory. Meanwhile, strings are only removed from memory by the garbage collector, which might not run immediately. This means that the value sits around in memory for a while, which may or may not be a problem.
Like a String
, a BigInteger
is an object that contains an array which it prevents you from mutating. That means you can't clear out the array yourself, and have to wait for the garbage collector to free it.
If you think this is a concern, it would make sense to store your keys in byte arrays and explicitly overwrite the arrays with zeros (or any other data) after use. As for whether it's really important, I defer to the existing answers and comments in the linked question.