cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Don't explicitly clear PIN when verifying admin PIN.

Browse Source 
The PIN is cleared anyway when the Passphrase object holding the PIN is
freed.
This commit is contained in:
Christian Hagau
2021-04-02 00:00:00 +00:00
parent 663fb1259f
commit 178e7856b2
1 changed files with 0 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java
View File

@@ -414,7 +414,6 @@ public class SecurityTokenConnection {
// delete secrets from memory // delete secrets from memory
Arrays.fill(pin, (byte) 0); Arrays.fill(pin, (byte) 0);
Arrays.fill(transformedPin, (byte) 0); Arrays.fill(transformedPin, (byte) 0);
adminPin.removeFromMemory();
ResponseApdu response = communicate(verifyPw3Command); ResponseApdu response = communicate(verifyPw3Command);
if (!response.isSuccess()) { if (!response.isSuccess()) {