On Fri, 3 Oct 2025 20:53:34 GMT, Weijun Wang <[email protected]> wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> more review comments from Weijun and Sean
>
> src/java.base/share/classes/sun/security/pkcs12/MacData.java line 209:
>
>> 207: }
>> 208: } finally {
>> 209: destroyPBEKey(pbeKey);
>
> The `PBEKeySpec` object created in both cases should also be cleaned up by
> calling `keySpec.clearPassword()`.
The password in `PBKDF2KeyImpl` is not cleaned. It does have a `clear` method
but no `destroy`. Consider adding a `destroy` to it.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2404131005
