RFR: 8301553: Support Password-Based Cryptography in SunPKCS11 [v3]
Martin Balao
mbalao at openjdk.org
Thu May 18 20:30:58 UTC 2023
On Wed, 17 May 2023 19:00:47 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>>
>> - Rebase fix after JDK-8306033. Replace called functions with their new names.
>> - 8301553: Support Password-Based Cryptography in SunPKCS11 (iteration #1)
>>
>> Co-authored-by: Francisco Ferrari <fferrari at redhat.com>
>> Co-authored-by: Martin Balao <mbalao at redhat.com>
>> - 8301553: Support Password-Based Cryptography in SunPKCS11
>>
>> Co-authored-by: Francisco Ferrari <fferrari at redhat.com>
>> Co-authored-by: Martin Balao <mbalao at redhat.com>
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java line 444:
>
>> 442: int keyLength = 0;
>> 443: if ("RAW".equalsIgnoreCase(pbeKey.getFormat())) {
>> 444: byte[] encoded = pbeKey.getEncoded();
>
> Should clear out "encoded" afterwards.
Good
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java line 450:
>
>> 448: }
>> 449: int ic = pbeKey.getIterationCount();
>> 450: char[] pwd = pbeKey.getPassword();
>
> Should clear out "pwd" afterwards.
Good
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1198271443
PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1198273022
More information about the security-dev
mailing list