Skip to content

Parse JSON without leaking sensitive data to String instances

License

Notifications You must be signed in to change notification settings

bannmann/whisperjson

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

WhisperJson

Parse JSON without leaking sensitive data to String instances


Maven Central javadoc
Github Actions Quality Gate Status

Introduction

When dealing with credentials in Java, established practice is to use character arrays instead of String instances. This way, one can wipe their contents so that they don't linger in memory longer than needed.

Unfortunately, for login or signup operations in REST APIs, commonly used JSON parsers pose an obstacle to this: they always create String instances for any JSON string property - even when you use an object mapping facility to map it to a char[] field.

WhisperJson takes a different approach: it only creates objects when necessary. Parsing an InputStream, Reader or character array results in a SafeJson object which wipes the JSON source text from memory when it is closed. Additionally, SafeJson does not allow access to JSON string properties via String instances, but only via character arrays (which the calling code can wipe after use) or instances of the specialized SensitiveText class (which implements AutoCloseable).

For details, see the latest Javadoc.

Acknowledgements

WhisperJson's parser is based on flatjson which pioneered the use of an "overlay" of indexes to access the underlying JSON source text on demand. Also, the majority of WhisperJson's unit tests stem from flatjson.

About

Parse JSON without leaking sensitive data to String instances

Resources

License

Stars

Watchers

Forks

Languages

  • Java 100.0%