Update docs

infeo · infeo · commit 76e0568f64d2 · 2025-01-09T12:26:15.000+01:00
diff --git a/src/main/java/org/cryptomator/integrations/keychain/KeychainAccessProvider.java b/src/main/java/org/cryptomator/integrations/keychain/KeychainAccessProvider.java
@@ -33,6 +33,8 @@ static Stream<KeychainAccessProvider> get() {
 
 	/**
 	 * Associates a passphrase with a given key.
+	 * <p>
+	 * Note: Caller is responsible for zeroing the passphrase array after use.
 	 *
 	 * @param key        Key used to retrieve the passphrase via {@link #loadPassphrase(String)}.
 	 * @param passphrase The secret to store in this keychain.
@@ -47,6 +49,8 @@ default void storePassphrase(String key, CharSequence passphrase) throws Keychai
 
 	/**
 	 * Associates a passphrase with a given key and a name for that key.
+	 * <p>
+	 * Note: Caller is responsible for zeroing the passphrase array after use.
 	 *
 	 * @param key         Key used to retrieve the passphrase via {@link #loadPassphrase(String)}.
 	 * @param displayName The according name to the key. That's the name of the vault displayed in the UI.
@@ -62,12 +66,14 @@ default void storePassphrase(String key, @Nullable String displayName, CharSeque
 
 	/**
 	 * Associates a passphrase with a given key and a name for that key.
+	 * <p>
+	 * Note: Caller is responsible for zeroing the passphrase array after use.
 	 *
-	 * @param key         Key used to retrieve the passphrase via {@link #loadPassphrase(String)}.
-	 * @param displayName The according name to the key. That's the name of the vault displayed in the UI.
-	 *                    It's passed to the keychain as an additional information about the vault besides the key.
-	 *                    The parameter does not need to be unique or be checked by the keychain.
-	 * @param passphrase  The secret to store in this keychain.
+	 * @param key                     Key used to retrieve the passphrase via {@link #loadPassphrase(String)}.
+	 * @param displayName             The according name to the key. That's the name of the vault displayed in the UI.
+	 *                                It's passed to the keychain as an additional information about the vault besides the key.
+	 *                                The parameter does not need to be unique or be checked by the keychain.
+	 * @param passphrase              The secret to store in this keychain.
 	 * @param requireOsAuthentication Defines, whether the user needs to authenticate to store a passphrase.
 	 *                                The authentication mechanism is provided by the operating system dependent
 	 *                                implementations of this API.
@@ -93,6 +99,8 @@ default void storePassphrase(String key, @Nullable String displayName, CharSeque
 
 	/**
 	 * Updates a passphrase with a given key. Noop, if there is no item for the given key.
+	 * <p>
+	 * Note: Caller is responsible for zeroing the passphrase array after use.
 	 *
 	 * @param key        Unique key previously used while {@link #storePassphrase(String, String, CharSequence)}  storing a passphrase}.
 	 * @param passphrase The secret to be updated in this keychain.
@@ -107,6 +115,8 @@ default void changePassphrase(String key, CharSequence passphrase) throws Keycha
 
 	/**
 	 * Updates a passphrase with a given key and stores a name for that key. Noop, if there is no item for the given key.
+	 * <p>
+	 * Note: Caller is responsible for zeroing the passphrase array after use.
 	 *
 	 * @param key         Unique key previously used while {@link #storePassphrase(String, String, CharSequence)}  storing a passphrase}.
 	 * @param displayName The according name to the key. That's the name of the vault displayed in the UI.
