I've been looking further at how private/temporary buffers are used in
cipher/keystore management and identified some more areas that could
benefit with a more aggressive nulling out of contents.
I've been testing through use of stepping through debugging sessions
while setting/getting keys and capturing process memory via tooling like
gcore.
JBS report : https://bugs.openjdk.java.net/browse/JDK-8209129
webrev :
http://cr.openjdk.java.net/~coffeys/webrev.8209129.v1/webrev/index.html
TCK and regression tests are green.
regards,
Sean.
