openjdk-1.8.0/8285516-clearPassword-should-be-called-in-a-finally-.patch

From 42884748f75ef4ea6e0cc8e537c831cb258961f8 Mon Sep 17 00:00:00 2001
Subject: 8285516: clearPassword should be called in a finally try block

---
 .../share/classes/sun/security/pkcs12/PKCS12KeyStore.java | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
index 0457b1e5c..63e0afc2a 100644
--- a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
+++ b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
@@ -837,14 +837,14 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
     {
         SecretKey skey = null;
 
+        PBEKeySpec keySpec = new PBEKeySpec(password);
         try {
-            PBEKeySpec keySpec = new PBEKeySpec(password);
             SecretKeyFactory skFac = SecretKeyFactory.getInstance("PBE");
             skey = skFac.generateSecret(keySpec);
-            keySpec.clearPassword();
         } catch (Exception e) {
-           throw new IOException("getSecretKey failed: " +
-                                 e.getMessage(), e);
+            throw new IOException("getSecretKey failed: " + e.getMessage(), e);
+        } finally {
+            keySpec.clearPassword();
         }
         return skey;
     }
-- 
2.22.0
I88WQT: Fix crash in JNI's GetDoubleArrayRegion and SetDoubleArrayRegion 2023-10-25 17:18:42 +08:00			`From 42884748f75ef4ea6e0cc8e537c831cb258961f8 Mon Sep 17 00:00:00 2001`
			`Subject: 8285516: clearPassword should be called in a finally try block`

			`---`
			`.../share/classes/sun/security/pkcs12/PKCS12KeyStore.java \| 8 ++++----`
			`1 file changed, 4 insertions(+), 4 deletions(-)`

			`diff --git a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java`
			`index 0457b1e5c..63e0afc2a 100644`
			`--- a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java`
			`+++ b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java`
			`@@ -837,14 +837,14 @@ public final class PKCS12KeyStore extends KeyStoreSpi {`
			`{`
			`SecretKey skey = null;`

			`+ PBEKeySpec keySpec = new PBEKeySpec(password);`
			`try {`
			`- PBEKeySpec keySpec = new PBEKeySpec(password);`
			`SecretKeyFactory skFac = SecretKeyFactory.getInstance("PBE");`
			`skey = skFac.generateSecret(keySpec);`
			`- keySpec.clearPassword();`
			`} catch (Exception e) {`
			`- throw new IOException("getSecretKey failed: " +`
			`- e.getMessage(), e);`
			`+ throw new IOException("getSecretKey failed: " + e.getMessage(), e);`
			`+ } finally {`
			`+ keySpec.clearPassword();`
			`}`
			`return skey;`
			`}`
			`--`
			`2.22.0`