[PATCH] Crypto EC - avoids possible memset compiler optimisation

Langer, Christoph christoph.langer at sap.com
Mon Jan 8 14:48:06 UTC 2018

Hi David,

I think you should rather post this on the security-dev mailing list.

As for attachments, this is always critical. Don't know whether security-dev will accept it. You could paste the diff in textual form into your mail or create a webrev.

Best regards

-----Original Message-----
From: jdk-dev [mailto:jdk-dev-bounces at openjdk.java.net] On Behalf Of David CARLIER
Sent: Montag, 8. Januar 2018 15:12
To: jdk-dev at openjdk.java.net
Subject: [PATCH] Crypto EC - avoids possible memset compiler optimisation


Here a little patch proposal which is usually relevant in cryptographics
matters. Usually memset/bzero/... is used to clear private structures but
the compiler can possibly optimize those calls but with this change we can
unsure sensitive data is properly zero'ed using if possible native calls or
memory fence.

Kind regards.

Note : Messages get rejected all the time on core-libs-dev mailing list.

More information about the jdk-dev mailing list