Disable best-effort memory cleaner for MasterSecrets.

The best-effort memory cleaning logic for MasterSecrets
is no longer accurate, since they are being passed through
both Binder calls as well as Intents, blurring whether an
activity is using a MasterSecret which is a reference to
shared memory in the KeyCachingService or not.
This commit is contained in:
Moxie Marlinspike 2011-12-21 01:36:50 -05:00
parent 8a6a1a5f03
commit 6bd229b8a1

View File

@ -34,30 +34,43 @@ import android.util.Log;
public class MemoryCleaner { public class MemoryCleaner {
// XXX This is basically not happening for now.
// The problem is that now secrets are moving
// through both Intents and binder calls, which
// means sometimes they're shared memory and sometimes
// they're not. We're going to need to do a lot more
// work in order to accurately keep track of when to
// wipe this within an Activity lifecycle. =(
public static void clean(MasterSecret masterSecret) { public static void clean(MasterSecret masterSecret) {
try { // if (masterSecret == null)
SecretKeySpec cipherKey = masterSecret.getEncryptionKey(); // return;
SecretKeySpec macKey = masterSecret.getMacKey(); //
// try {
Field keyField = SecretKeySpec.class.getDeclaredField("key"); // SecretKeySpec cipherKey = masterSecret.getEncryptionKey();
keyField.setAccessible(true); // SecretKeySpec macKey = masterSecret.getMacKey();
//
byte[] cipherKeyField = (byte[]) keyField.get(cipherKey); // Field keyField = SecretKeySpec.class.getDeclaredField("key");
byte[] macKeyField = (byte[]) keyField.get(macKey); // keyField.setAccessible(true);
//
Arrays.fill(cipherKeyField, (byte)0x00); // byte[] cipherKeyField = (byte[]) keyField.get(cipherKey);
Arrays.fill(macKeyField, (byte)0x00); // byte[] macKeyField = (byte[]) keyField.get(macKey);
//
} catch (NoSuchFieldException nsfe) { // Arrays.fill(cipherKeyField, (byte)0x00);
Log.w("MemoryCleaner", nsfe); // Arrays.fill(macKeyField, (byte)0x00);
} catch (IllegalArgumentException e) { //
Log.w("MemoryCleaner", e); // } catch (NoSuchFieldException nsfe) {
} catch (IllegalAccessException e) { // Log.w("MemoryCleaner", nsfe);
Log.w("MemoryCleaner", e); // } catch (IllegalArgumentException e) {
} // Log.w("MemoryCleaner", e);
// } catch (IllegalAccessException e) {
// Log.w("MemoryCleaner", e);
// }
} }
public static void clean(String string) { public static void clean(String string) {
if (string == null)
return;
try { try {
Field charArrayField = String.class.getDeclaredField("value"); Field charArrayField = String.class.getDeclaredField("value");
charArrayField.setAccessible(true); charArrayField.setAccessible(true);