Refactor IDisposable implementations

7 files changed, 53 insertions, 20 deletions

diff --git a/crypto/src/pqc/crypto/bike/BikeKemGenerator.cs b/crypto/src/pqc/crypto/bike/BikeKemGenerator.cs
index 280bb6474..51efbd67d 100644
--- a/crypto/src/pqc/crypto/bike/BikeKemGenerator.cs
+++ b/crypto/src/pqc/crypto/bike/BikeKemGenerator.cs
@@ -31,7 +31,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Bike
             return new SecretWithEncapsulationImpl(Arrays.CopyOfRange(K, 0, parameters.DefaultKeySize / 8), c01);
         }
 
-        private class SecretWithEncapsulationImpl
+        private sealed class SecretWithEncapsulationImpl
             : ISecretWithEncapsulation
         {
             private volatile bool hasBeenDestroyed = false;
@@ -62,10 +62,11 @@ namespace Org.BouncyCastle.Pqc.Crypto.Bike
             {
                 if (!hasBeenDestroyed)
                 {
-                    hasBeenDestroyed = true;
                     Arrays.Clear(sessionKey);
                     Arrays.Clear(cipher_text);
+                    hasBeenDestroyed = true;
                 }
+                GC.SuppressFinalize(this);
             }
 
             public bool IsDestroyed()
diff --git a/crypto/src/pqc/crypto/crystals/kyber/KyberKEMGenerator.cs b/crypto/src/pqc/crypto/crystals/kyber/KyberKEMGenerator.cs
index 394890838..b8667162a 100644
--- a/crypto/src/pqc/crypto/crystals/kyber/KyberKEMGenerator.cs
+++ b/crypto/src/pqc/crypto/crystals/kyber/KyberKEMGenerator.cs
@@ -60,10 +60,11 @@ namespace Org.BouncyCastle.Pqc.Crypto.Crystals.Kyber
             {
                 if (!m_hasBeenDestroyed)
                 {
-                    m_hasBeenDestroyed = true;
                     Arrays.Clear(m_sessionKey);
                     Arrays.Clear(m_cipherText);
+                    m_hasBeenDestroyed = true;
                 }
+                GC.SuppressFinalize(this);
             }
 
             internal bool IsDestroyed()
diff --git a/crypto/src/pqc/crypto/hqc/HqcKemGenerator.cs b/crypto/src/pqc/crypto/hqc/HqcKemGenerator.cs
index 53f59be16..aa5718d0f 100644
--- a/crypto/src/pqc/crypto/hqc/HqcKemGenerator.cs
+++ b/crypto/src/pqc/crypto/hqc/HqcKemGenerator.cs
@@ -35,7 +35,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Hqc
             return new SecretWithEncapsulationImpl(K, cipherText);
         }
 
-        private class SecretWithEncapsulationImpl : ISecretWithEncapsulation
+        private sealed class SecretWithEncapsulationImpl : ISecretWithEncapsulation
         {
             private volatile bool hasBeenDestroyed;
 
@@ -65,10 +65,11 @@ namespace Org.BouncyCastle.Pqc.Crypto.Hqc
             {
                 if (!hasBeenDestroyed)
                 {
-                    hasBeenDestroyed = true;
                     Arrays.Clear(sessionKey);
                     Arrays.Clear(cipher_text);
+                    hasBeenDestroyed = true;
                 }
+                GC.SuppressFinalize(this);
             }
 
             public bool IsDestroyed()
diff --git a/crypto/src/pqc/crypto/ntru/NtruEncapsulation.cs b/crypto/src/pqc/crypto/ntru/NtruEncapsulation.cs
index b00fbef31..1cf12a096 100644
--- a/crypto/src/pqc/crypto/ntru/NtruEncapsulation.cs
+++ b/crypto/src/pqc/crypto/ntru/NtruEncapsulation.cs
@@ -6,7 +6,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Ntru
     /// <summary>
     /// Encapsulated secret encapsulated by NTRU.
     /// </summary>
-    internal class NtruEncapsulation : ISecretWithEncapsulation
+    internal sealed class NtruEncapsulation : ISecretWithEncapsulation
     {
         private readonly byte[] _sharedKey;
         private readonly byte[] _ciphertext;
@@ -27,6 +27,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Ntru
                 Array.Clear(_ciphertext, 0, _ciphertext.Length);
                 _hasBeenDestroyed = true;
             }
+            GC.SuppressFinalize(this);
         }
 
         public byte[] GetSecret()
diff --git a/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKemGenerator.cs b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKemGenerator.cs
index d7c52e357..fc43f31d8 100644
--- a/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKemGenerator.cs
+++ b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKemGenerator.cs
@@ -24,6 +24,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
             return new NtruLPRimeKemGenerator.SecretWithEncapsulationImpl(sessionKey, cipherText);
         }
 
+        // TODO[api] private sealed
         public class SecretWithEncapsulationImpl : ISecretWithEncapsulation
         {
             private volatile bool hasBeenDestroyed = false;
@@ -50,14 +51,23 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
 
             public void Dispose()
             {
-                if (!hasBeenDestroyed)
+                Dispose(disposing: true);
+                GC.SuppressFinalize(this);
+            }
+
+            protected virtual void Dispose(bool disposing)
+            {
+                if (disposing)
                 {
-                    hasBeenDestroyed = true;
-                    Arrays.Clear(sessionKey);
-                    Arrays.Clear(cipherText);
+                    if (!hasBeenDestroyed)
+                    {
+                        Arrays.Clear(sessionKey);
+                        Arrays.Clear(cipherText);
+                        hasBeenDestroyed = true;
+                    }
                 }
             }
-            
+
             public bool IsDestroyed()
             {
                 return hasBeenDestroyed;
diff --git a/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKemGenerator.cs b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKemGenerator.cs
index 43ca38b09..b7f777623 100644
--- a/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKemGenerator.cs
+++ b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKemGenerator.cs
@@ -24,6 +24,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
             return new NtruLPRimeKemGenerator.SecretWithEncapsulationImpl(sessionKey, cipherText);
         }
 
+        // TODO[api] private sealed
         public class SecretWithEncapsulationImpl : ISecretWithEncapsulation
         {
             private volatile bool hasBeenDestroyed = false;
@@ -50,14 +51,23 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
 
             public void Dispose()
             {
-                if (!hasBeenDestroyed)
+                Dispose(disposing: true);
+                GC.SuppressFinalize(this);
+            }
+
+            protected virtual void Dispose(bool disposing)
+            {
+                if (disposing)
                 {
-                    hasBeenDestroyed = true;
-                    Arrays.Clear(sessionKey);
-                    Arrays.Clear(cipherText);
+                    if (!hasBeenDestroyed)
+                    {
+                        Arrays.Clear(sessionKey);
+                        Arrays.Clear(cipherText);
+                        hasBeenDestroyed = true;
+                    }
                 }
             }
-            
+
             public bool IsDestroyed()
             {
                 return hasBeenDestroyed;
diff --git a/crypto/src/pqc/crypto/utils/SecretWithEncapsulationImpl.cs b/crypto/src/pqc/crypto/utils/SecretWithEncapsulationImpl.cs
index c4d3eb44f..5c41b36cd 100644
--- a/crypto/src/pqc/crypto/utils/SecretWithEncapsulationImpl.cs
+++ b/crypto/src/pqc/crypto/utils/SecretWithEncapsulationImpl.cs
@@ -35,11 +35,20 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities
 
         public void Dispose()
         {
-            if (!hasBeenDestroyed)
+            Dispose(disposing: true);
+            GC.SuppressFinalize(this);
+        }
+
+        protected virtual void Dispose(bool disposing)
+        {
+            if (disposing)
             {
-                hasBeenDestroyed = true;
-                Arrays.Clear(sessionKey);
-                Arrays.Clear(cipher_text);
+                if (!hasBeenDestroyed)
+                {
+                    Arrays.Clear(sessionKey);
+                    Arrays.Clear(cipher_text);
+                    hasBeenDestroyed = true;
+                }
             }
         }