On Wed, 1 Apr 2026 11:56:58 GMT, Ferenc Rakoczi <[email protected]> wrote:
> Clearing memory that might contain data from which secrets can be computed > during ML-KEM key generation, encapsulation and decapsulation as requested in > https://datatracker.ietf.org/doc/draft-sfluhrer-cfrg-ml-kem-security-considerations/ > . src/java.base/share/classes/com/sun/crypto/provider/ML_KEM.java line 703: > 701: encodePoly12(keyGenTHat[i], pkEncoded, i * ((ML_KEM_N * 12) > / 8)); > 702: encodePoly12(keyGenSHat[i], skEncoded, i * ((ML_KEM_N * 12) > / 8)); > 703: Arrays.fill(keyGenEHat[i], (short) 0); I now understand why this is not necessary. Since `mlKemMatrixVectorMuladd` mutates the 3rd argument and returns it, is it better to change the return value to `void` to make it clearer? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/30533#discussion_r3148323950
