setRandomInBuffer : clear tempByteArray content
This commit is contained in:
ylecollen
parent
2593c69a8a
commit
da2e1c5902
1 changed files with 100 additions and 95 deletions
|
|
@ -50,9 +50,6 @@ bool setRandomInBuffer(JNIEnv *env, uint8_t **aBuffer2Ptr, size_t aRandomSize)
|
||||||
|
|
||||||
bool secureRandomSucceeds = false;
|
bool secureRandomSucceeds = false;
|
||||||
|
|
||||||
// clear the buffer
|
|
||||||
memset(*aBuffer2Ptr, 0, bufferLen);
|
|
||||||
|
|
||||||
// use the secureRandom class
|
// use the secureRandom class
|
||||||
jclass cls = env->FindClass("java/security/SecureRandom");
|
jclass cls = env->FindClass("java/security/SecureRandom");
|
||||||
|
|
||||||
|
|
@ -71,12 +68,19 @@ bool setRandomInBuffer(JNIEnv *env, uint8_t **aBuffer2Ptr, size_t aRandomSize)
|
||||||
{
|
{
|
||||||
env->CallVoidMethod(newObj, nextByteMethod, tempByteArray);
|
env->CallVoidMethod(newObj, nextByteMethod, tempByteArray);
|
||||||
|
|
||||||
jbyte* buffer = env->GetByteArrayElements(tempByteArray,0);
|
jbyte* buffer = env->GetByteArrayElements(tempByteArray, NULL);
|
||||||
|
|
||||||
if (buffer)
|
if (buffer)
|
||||||
{
|
{
|
||||||
memcpy(*aBuffer2Ptr, buffer, bufferLen);
|
memcpy(*aBuffer2Ptr, buffer, bufferLen);
|
||||||
secureRandomSucceeds = true;
|
secureRandomSucceeds = true;
|
||||||
|
|
||||||
|
// clear tempByteArray to hide sensitive data.
|
||||||
|
memset(buffer, 0, bufferLen);
|
||||||
|
env->SetByteArrayRegion(tempByteArray, 0, bufferLen, buffer);
|
||||||
|
|
||||||
|
// ensure that the buffer is released
|
||||||
|
env->ReleaseByteArrayElements(tempByteArray, buffer, JNI_ABORT);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -113,6 +117,7 @@ bool setRandomInBuffer(JNIEnv *env, uint8_t **aBuffer2Ptr, size_t aRandomSize)
|
||||||
|
|
||||||
retCode = true;
|
retCode = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
return retCode;
|
return retCode;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue