[security-dev 00038]: JCE webrev requested...

Brad Wetmore Bradford.Wetmore at Sun.COM
Tue Jan 8 18:15:55 PST 2008


Valerie,

Here's that PBE memory leak bug which was calling "new SunJCE" for every
PBE key created.

      Fixed 6578538: com.sun.crypto.provider.SunJCE instance leak using
KRB5 and LoginContext

I had the option to either fix by:

      Mac.getInstance(alg)

or

      Mac.getInstance(alg, "SunJCE");

Decided to go with the former, as Hmac1Sha1 should be standard across impls.

I'm attaching the webrev in case external folks want to see, I'll send
you the internal link separately.

This will be backported.

Brad

-------------- next part --------------
A non-text attachment was scrubbed...
Name: webrev.zip
Type: application/x-zip-compressed
Size: 54127 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/security-dev/attachments/20080108/7b86ae20/webrev.zip 


More information about the security-dev mailing list