-1

Do they use some secure data erasure procedure like Bruce Schneier's algorithm, Peter Gutmann's Algorithm or other pattern?

Mark Rotteveel
  • 100,966
  • 191
  • 140
  • 197
Aska
  • 63
  • 1
  • 7
  • What keystore implmentation? keytool just delegates entry deletion to `KeyStoreSpi#engineDeleteEntry(...)` – rkosegi Jul 22 '21 at 07:03
  • I was thinking about JKS. Is this (or should it be) part of the specification? – Aska Jul 22 '21 at 07:39
  • I cannot find something special in the source code (https://github.com/AdoptOpenJDK/openjdk-jdk11/blob/19fb8f93c59dfd791f62d41f332db9e306bc1422/src/java.base/share/classes/java/security/KeyStore.java#L1246) – Aska Jul 22 '21 at 08:01
  • Well, that's not the place where erasure would happen. It would happen in the SPI implementation code. – Stephen C Jul 22 '21 at 08:07
  • 1
    I'm curious as to what security benefit you think that would provide inside an encrypted container? – Hopey One Jul 22 '21 at 08:08
  • @HopeyOne, you are totally right. I forgot about the fact that the keystore is encrypted. It doesn't seem that data erasure procedures are relevant here. – Aska Jul 22 '21 at 08:30

1 Answers1

1

Firstly, that's not where any erasure code would be. It would actually be in (or around) the com.sun.crypto.provider.JceKeyStore class. That is the built-in implementation of the KeyStoreSpi used by keytool, etcetera.

But looking at those, I think that the answer is No.

In fact, the engineDeleteEntry method is just manipulating an in-memory copy of the keystore. There are separate methods for loading and storing the in-memory keystore. These just operate on InputStream and OutputStream ... and don't do anything special to erase the previous copy of the file.

That leaves us with keytool itself as a place where erasure could possibly happen happen. And it doesn't. It simply opens a FileOutputStream and writes the new (encrypted) keystore contents to the output file.

But as others have noted, there is little value in erasing the old copy of the file ... given that a keystore stored in an encrypted form.

Stephen C
  • 698,415
  • 94
  • 811
  • 1,216
  • I think the last part, that there is no value of erasing old copies is the most important one. As I replied to @HopeyOne as well, I forgot about the fact that the keystore is encrypted. It doesn't seem that data erasure procedures are relevant here. Thank you guys! – Aska Jul 22 '21 at 11:06