RFR: 8255557: Decouple GCM from CipherCore [v3]

Anthony Scarpino ascarpino at openjdk.java.net
Thu May 20 23:34:35 UTC 2021


On Tue, 18 May 2021 20:33:22 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

>> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   cleanup
>
> src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 133:
> 
>> 131:             throw new InvalidKeyException("The key must be " +
>> 132:                 keySize + " bytes");
>> 133:         }
> 
> Set the keyValue to all 0s before throwing exception, i.e. try-finally.

If the key is not valid and never used, I don't see why it needs to be cleared.

-------------

PR: https://git.openjdk.java.net/jdk/pull/4072


More information about the security-dev mailing list