Add README and SecureBuffer memory locking

This commit is contained in:
Oracle 2026-04-29 19:13:48 +02:00
parent bc1a7a8952
commit 7c6642085f
Signed by: Oracle
SSH key fingerprint: SHA256:x4/RtnjUyuHkdvmwNDsWSfcfF1V5PNr3OpriZqOvCX8
7 changed files with 829 additions and 143 deletions

View file

@ -15,7 +15,7 @@ mvn test -Dtest=ClassName # single test class
- **`SecureCompletionClient`** — low-level client: key mgmt, HTTP, encryption, decryption
- **`SecureChatCompletion`** — high-level OpenAI-compatible surface (`create()`, `acreate()`)
- **`Constants`** — all protocol/crypto constants (version, algorithms, timeouts)
- **`SecureMemory`** — Java 25 FFM `SecureBuffer` for locked/zeroed memory
- **`SecureMemory`** — Java 25 FFM `SecureBuffer` for locked/zeroed memory. Use `try-with-resources` for all sensitive cryptographic material (AES keys, private RSA keys, IVs, nonce, plaintext bytes) to guarantee zeroing on scope exit.
- **`errors/`** — 9 exception classes, all `extends Exception` (checked), all `extends APIError`
- **`util/`** — `Pass2Key` (PBKDF2 + AES-GCM), `PEMConverter`, `Splitter`
- **`EncryptedRequest`** — wire format model with Gson `@SerializedName` annotations
@ -26,6 +26,14 @@ mvn test -Dtest=ClassName # single test class
- `SecureMemory.unlock()` — always returns `false`
- `SecureMemory.initMemoryLocking()` — always returns `false`
## Security — SecureBuffer Usage
- **High security application** — all sensitive cryptographic material must use `SecureBuffer` with `try-with-resources`
- Wrap AES key bytes, private RSA key bytes, IVs, nonces, and plaintext bytes in `SecureBuffer`
- Pattern: `try (SecureBuffer buf = SecureMemory.secureByteArray(sensitiveBytes)) { ... }`
- Never store raw `byte[]` for sensitive material on the heap longer than necessary
- After encryption/decryption, zero and discard AES keys and plaintext immediately
## Dependencies
- **Gson** (2.13.2) — JSON serialization, in `pom.xml`