I would use a direct ByteBuffer. The memory this uses is not copied around and is only in one place for the life of the ByteBuffer. BTW don't use clear() as this just resets the position. You can overwrite it with
bb.clear();
while(bb.remaining() >= 8) bb.putLong(0);
while(bb.remaining() > 0) bb.put((byte) 0);
Is the stack any more secure from these types of attacks than the heap?
I wouldn't think so.
Are there any pure Java mechanisms to perform a stack-to-stack copy between two different stack frames in a manner that would be useful to this problem?
You could store the secret as one or two long
s.
If not, would the JVM even support this type of operation in bytecode?
The byte code is designed to support Java and does very little more than what you can do in Java.
I'm just interested in whether it's possible, whether it actually accomplishes my goals, and what kinds of heroics it would take to make it happen
Use a direct ByteBuffer as I have suggested. ;)