luckyimnotanigger/Aegis
1
0
Fork 0
mirror of https://github.com/beemdevelopment/Aegis.git synced 2025-05-14 22:12:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Don't try to zero out sensitive memory

Browse source 
Perhaps revisit this later
This commit is contained in:
Alexander Bakker 2018-02-13 21:01:27 +01:00
parent 317e42ed4c
commit a778cd5661
10 changed files with 8 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

14
app/src/main/java/me/impy/aegis/crypto/CryptoUtils.java
View file

@ -44,10 +44,7 @@ public class CryptoUtils {
public static SecretKey deriveKey(char[] password, byte[] salt, int n, int r, int p) throws NoSuchAlgorithmException, InvalidKeySpecException {
byte[] bytes = toBytes(password);
byte[] keyBytes = SCrypt.generate(bytes, salt, n, r, p, CRYPTO_KEY_SIZE);
zero(bytes);
SecretKey key = new SecretKeySpec(keyBytes, 0, keyBytes.length, "AES");
zero(keyBytes);
return key;
return new SecretKeySpec(keyBytes, 0, keyBytes.length, "AES");
}
public static Cipher createCipher(SecretKey key, int opmode) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException {
@ -102,7 +99,6 @@ public class CryptoUtils {
byte[] bytes = key.getEncoded();
hash.update(bytes);
CryptoUtils.zero(bytes);
return hash.digest();
}
@ -127,14 +123,6 @@ public class CryptoUtils {
return data;
}
public static void zero(char[] data) {
Arrays.fill(data, '\0');
}
public static void zero(byte[] data) {
Arrays.fill(data, (byte) 0);
}
private static byte[] toBytes(char[] chars) {
CharBuffer charBuf = CharBuffer.wrap(chars);
ByteBuffer byteBuf = Charset.forName("UTF-8").encode(charBuf);