The backport of JDK-6383200 to OpenJDK 7 wrongly adds two public methods to javax.crypto.spec.PBEParameterSpec:


     /**
+ * Constructs a parameter set for password-based encryption as defined in
+ * the PKCS #5 standard.
+ *
+ * @param salt the salt. The contents of <code>salt</code> are copied
+ * to protect against subsequent modification.
+ * @param iterationCount the iteration count.
+ * @param paramSpec the cipher algorithm parameter specification.
+ * @exception NullPointerException if <code>salt</code> is null.
+ *
+ * @since 1.8
+ */
+ public PBEParameterSpec(byte[] salt, int iterationCount,
+ AlgorithmParameterSpec paramSpec) {
+ this.salt = salt.clone();
+ this.iterationCount = iterationCount;
+ this.paramSpec = paramSpec;
+ }
+
+ /**
+ * Returns the cipher algorithm parameter specification.
+ *
+ * @return the parameter specification, or null if none was set.
+ *
+ * @since 1.8
+ */
+ public AlgorithmParameterSpec getParameterSpec() {
+ return this.paramSpec;
+ }
 }

This need to be made private and accessed via SharedSecrets instead.