RFR: 8258915: Temporary buffer cleanup [v2]
Valerie Peng
valeriep at openjdk.java.net
Fri Jan 22 07:14:20 UTC 2021
On Thu, 21 Jan 2021 16:23:21 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Clean up temporary byte array, char array, and keyspec around keys and passwords.
>>
>> No new regression test.
>
> Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>
> - rsa
> - Merge
> - 8258915: More temporary buffer cleanup
>
> 8258915: More temporary buffer cleanup
src/java.base/share/classes/com/sun/crypto/provider/PBKDF2Core.java line 163:
> 161: }
> 162: Arrays.fill(encoding, (byte)0);
> 163: spec.clearPassword();
nit: move to inside the if-check block above?
src/java.base/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java line 163:
> 161: }
> 162: Arrays.fill(encoding, (byte)0);
> 163: spec.clearPassword();
same nit: move to inside of the if-check block.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2070
More information about the security-dev
mailing list