On Wed, 17 May 2023 18:57:41 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Martin Balao has updated the pull request with a new target base due to a >> merge or a rebase. The pull request now contains three commits: >> >> - Rebase fix after JDK-8306033. Replace called functions with their new >> names. >> - 8301553: Support Password-Based Cryptography in SunPKCS11 (iteration #1) >> >> Co-authored-by: Francisco Ferrari <fferr...@redhat.com> >> Co-authored-by: Martin Balao <mba...@redhat.com> >> - 8301553: Support Password-Based Cryptography in SunPKCS11 >> >> Co-authored-by: Francisco Ferrari <fferr...@redhat.com> >> Co-authored-by: Martin Balao <mba...@redhat.com> > > src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java > line 362: > >> 360: session = token.getObjSession(); >> 361: CK_MECHANISM ckMech; >> 362: char[] password = keySpec.getPassword(); > > Should clear out "password" afterwards. Good > src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java > line 391: > >> 389: } >> 390: >> 391: char[] encPassword; > > Same, clear out "encPassword" afterwards. Good ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1198258848 PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1198260824
