RFR: 8301553: Support Password-Based Cryptography in SunPKCS11 [v5]
Martin Balao
mbalao at openjdk.org
Wed May 24 20:29:15 UTC 2023
On Wed, 24 May 2023 19:56:54 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request incrementally with one additional commit since the last revision:
>>
>> 8301553: Support Password-Based Cryptography in SunPKCS11 (iteration #3)
>>
>> Co-authored-by: Francisco Ferrari <fferrari at redhat.com>
>> Co-authored-by: Martin Balao <mbalao at redhat.com>
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java line 517:
>
>> 515: @Override
>> 516: public char[] getPassword() {
>> 517: return password.clone();
>
> Would you consider throw IllegalStateException if password is cleared? This would help flag the wrong usage case of calling getPassword() after the password has been cleared.
Sounds good
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1204725201
More information about the security-dev
mailing list