RFR: 8343232: PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v10]
Sean Mullan
mullan at openjdk.org
Tue Sep 30 18:50:10 UTC 2025
On Mon, 29 Sep 2025 03:45:38 GMT, Mark Powers <mpowers at openjdk.org> wrote:
>> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
>
> Mark Powers has updated the pull request incrementally with one additional commit since the last revision:
>
> another day another iteration
src/java.base/share/classes/sun/security/util/PBKDF2Parameters.java line 71:
> 69: * </pre>
> 70: */
> 71: final public class PBKDF2Parameters {
`public` should be before `final`. For reference, see the last sentence of https://docs.oracle.com/javase/specs/jls/se25/html/jls-8.html#jls-8.1.1
src/java.base/share/classes/sun/security/util/PBKDF2Parameters.java line 151:
> 149: */
> 150: public byte[] getSalt() {
> 151: return this.salt.clone();
I don't think you need to return a clone here as you are just using it internally and not mutating it or exposing it to applications that could modify it. I'll double-check as I review the rest of the code.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2392478165
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2392519199
More information about the security-dev
mailing list