RFR: 8301553: Support Password-Based Cryptography in SunPKCS11 [v3]
Martin Balao
mbalao at openjdk.org
Thu May 18 20:16:01 UTC 2023
On Wed, 17 May 2023 18:57:41 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>>
>> - Rebase fix after JDK-8306033. Replace called functions with their new names.
>> - 8301553: Support Password-Based Cryptography in SunPKCS11 (iteration #1)
>>
>> Co-authored-by: Francisco Ferrari <fferrari at redhat.com>
>> Co-authored-by: Martin Balao <mbalao at redhat.com>
>> - 8301553: Support Password-Based Cryptography in SunPKCS11
>>
>> Co-authored-by: Francisco Ferrari <fferrari at redhat.com>
>> Co-authored-by: Martin Balao <mbalao at redhat.com>
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java line 362:
>
>> 360: session = token.getObjSession();
>> 361: CK_MECHANISM ckMech;
>> 362: char[] password = keySpec.getPassword();
>
> Should clear out "password" afterwards.
Good
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java line 391:
>
>> 389: }
>> 390:
>> 391: char[] encPassword;
>
> Same, clear out "encPassword" afterwards.
Good
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1198258848
PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1198260824
More information about the security-dev
mailing list