RFR: 8258915: Temporary buffer cleanup [v5]
Valerie Peng
valeriep at openjdk.java.net
Thu Feb 4 15:22:44 UTC 2021
On Thu, 28 Jan 2021 16:12:58 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Clean up temporary byte array, char array, and keyspec around keys and passwords.
>>
>> No new regression test.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> cleanups for key generations
src/java.base/share/classes/com/sun/crypto/provider/AESCrypt.java line 690:
> 688: limit = ROUNDS*4;
> 689:
> 690: // store the expanded sub keys into 'sessionK'
Update the comment with "erase the previous values in sessionK or other similar wording.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2070
More information about the security-dev
mailing list