Overall, it looks good. Just some minor suggestions, mostly for
clarification purposes.
* SecureChannel.java : clearAppletKeySlotData
- would appreciate comments describing the content and format expected in the input "data"
- maybe a positive debug message after the successful cleanup (as negative result is non-fatal regardless)
* PKCS11Obj.java : getKeyIndexList
- please add high level comment to tell what this does
- how about go with the convention and assign a String method for debug messages?
- I couldn't figure out why the code needs to traverse the cert
objects while it has no interest in them; I don't think it hurts
though; I'm okay with it if you decide to leave it in.
- One question: if TPSBuffer data ends up not having anything add to it, will this reference blow up? data.toHexString()
Conditional ACK.
thanks,
Christina
Author: Jack Magne <jmagne@dhcp-16-206.sjc.redhat.com> Date: Fri Dec 16 16:25:48 2016 -0800 Ticket #2569: Token memory not wiped after key deletion This is the dogtag upstream side of the TPS portion of this ticket. This fix also involves an applet fix, handled in another bug.
_______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel