RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]
Valerie Peng
valeriep at openjdk.org
Thu May 8 18:07:58 UTC 2025
On Wed, 7 May 2025 05:00:57 GMT, Bradford Wetmore <wetmore at openjdk.org> wrote:
>> Yes, it'd be nice. I reopened https://bugs.openjdk.org/browse/JDK-8160206 and we can address this separately.
>
> Or in the meantime:
>
> } finally {
> // Best effort
> if (eae_prk instanceof SecretKeySpec s) {
> SharedSecrets.getJavaxCryptoSpecAccess()
> .clearSecretKeySpec(s);
> } else {
> try {
> eae_prk.destroy();
> } catch (DestroyFailedException e) {
> // swallow
> }
> }
> }
Sounds good, thanks for the suggestion.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24393#discussion_r2080206394
More information about the security-dev
mailing list