On Sat, 6 Feb 2021 14:40:04 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> Clean up temporary byte array, char array, and keyspec around keys and >> passwords. >> >> No new regression test. > > Weijun Wang has updated the pull request incrementally with one additional > commit since the last revision: > > materials src/java.base/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java line 186: > 184: serverMacKey = new SecretKeySpec(tmp, "Mac"); > 185: > 186: Arrays.fill(tmp, (byte)0); It looks like you can use the SecretKeySpec(byte[], int, int, String) to simplify the code at line 175-186. Essentially, the code block does: clientMacKey = new SecretKeySpec(keyBlock, ofs, macLength, "Mac"); ofs += macLength; serverMacKey = new SecretKeySpec(keyBlock, ofs, macLength, "Mac"); ------------- PR: https://git.openjdk.java.net/jdk/pull/2070
