RFR: 8301553: Support Password-Based Cryptography in SunPKCS11 [v3]
Martin Balao
mbalao at openjdk.org
Sat May 20 01:25:29 UTC 2023
On Wed, 17 May 2023 19:08:26 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>>
>> - Rebase fix after JDK-8306033. Replace called functions with their new names.
>> - 8301553: Support Password-Based Cryptography in SunPKCS11 (iteration #1)
>>
>> Co-authored-by: Francisco Ferrari <fferrari at redhat.com>
>> Co-authored-by: Martin Balao <mbalao at redhat.com>
>> - 8301553: Support Password-Based Cryptography in SunPKCS11
>>
>> Co-authored-by: Francisco Ferrari <fferrari at redhat.com>
>> Co-authored-by: Martin Balao <mbalao at redhat.com>
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java line 562:
>
>> 560: } else if (algorithm.equalsIgnoreCase("DES")) {
>> 561: if (keySpec instanceof DESKeySpec desKeySpec) {
>> 562: byte[] keyBytes = desKeySpec.getKey();
>
> Would be nice to clear out "keyBytes" afterwards. Same goes for the other "keyBytes" in the same method.
Good
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1199516764
More information about the security-dev
mailing list