On Wed, 17 May 2023 19:00:47 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Martin Balao has updated the pull request with a new target base due to a >> merge or a rebase. The pull request now contains three commits: >> >> - Rebase fix after JDK-8306033. Replace called functions with their new >> names. >> - 8301553: Support Password-Based Cryptography in SunPKCS11 (iteration #1) >> >> Co-authored-by: Francisco Ferrari <fferr...@redhat.com> >> Co-authored-by: Martin Balao <mba...@redhat.com> >> - 8301553: Support Password-Based Cryptography in SunPKCS11 >> >> Co-authored-by: Francisco Ferrari <fferr...@redhat.com> >> Co-authored-by: Martin Balao <mba...@redhat.com> > > src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java > line 444: > >> 442: int keyLength = 0; >> 443: if ("RAW".equalsIgnoreCase(pbeKey.getFormat())) { >> 444: byte[] encoded = pbeKey.getEncoded(); > > Should clear out "encoded" afterwards. Good > src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java > line 450: > >> 448: } >> 449: int ic = pbeKey.getIterationCount(); >> 450: char[] pwd = pbeKey.getPassword(); > > Should clear out "pwd" afterwards. Good ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1198271443 PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1198273022