On Fri, 25 Apr 2025 10:40:47 GMT, Daniel Jeliński <djelin...@openjdk.org> wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Undo the special workaround for JSSE in PKCS11 HKDF impl.
>
> src/java.base/share/classes/com/sun/crypto/provider/DHKEM.java line 260:
>
>> 258: if (eae_prk instanceof SecretKeySpec s) {
>> 259: SharedSecrets.getJavaxCryptoSpecAccess()
>> 260: .clearSecretKeySpec(s);
>
> I wish we could use `s.destroy()` here instead.
Yes, it'd be nice. I reopened https://bugs.openjdk.org/browse/JDK-8160206 and
we can address this separately.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24393#discussion_r2060697742
