On Tue, 28 Apr 2026 14:32:51 GMT, Ferenc Rakoczi <[email protected]> wrote:
>> Clearing memory that might contain data from which secrets can be computed >> during ML-KEM key generation, encapsulation and decapsulation as requested >> in >> https://datatracker.ietf.org/doc/draft-sfluhrer-cfrg-ml-kem-security-considerations/ >> . > > Ferenc Rakoczi has updated the pull request incrementally with one additional > commit since the last revision: > > Changes in response to comments. src/java.base/share/classes/com/sun/crypto/provider/ML_KEM.java line 737: > 735: byte[] prfSeed = new byte[sigma.length + 1]; > 736: System.arraycopy(sigma, 0, prfSeed, 0, sigma.length); > 737: Arrays.fill(sigma, (byte)0); This does not looks right to me. The method should not cleanup an input. The input does not belong to the method. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/30533#discussion_r3155653096
