Add a finalizer to LockscreenCredential to wipe the LSKF on GC

Adds a finalizer to the `LockscreenCredential` class, which calls the `zeroize` method to zeroize the LSKF `byte[]`. This ensures that `LockscreenCredential` objects that were not closed still have their data wiped when they are garbage collected. This is part of an effort to remove instances of the LSKF available in a RAMdump. Bug: 320392352 Test: atest com.android.server.locksettings Change-Id: Id7f1f102cdaa182659e2632bdaf81bd2c46d0f86
author: Ellen Arteca <emarteca@google.com> 2024-04-25 20:46:05 +0000
committer: Ellen Arteca <emarteca@google.com> 2024-04-25 22:52:55 +0000
commit: 08d389fc62208afb1737e1a2c88e6c0b847d0f61 (patch)
tree: d31b9af0284aa60a98a57a26071844ad339ac82a
parent: 4857d7011dead69039771c5b05807615e859fa1c (diff)
download: base-08d389fc62208afb1737e1a2c88e6c0b847d0f61.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/core/java/com/android/internal/widget/LockscreenCredential.java b/core/java/com/android/internal/widget/LockscreenCredential.java
index 18d5f6db6ac9..54b9a225f944 100644
--- a/core/java/com/android/internal/widget/LockscreenCredential.java
+++ b/core/java/com/android/internal/widget/LockscreenCredential.java
@@ -386,6 +386,11 @@ public class LockscreenCredential implements Parcelable, AutoCloseable {
     }
 
     @Override
+    public void finalize() {
+        zeroize();
+    }
+
+    @Override
     public int hashCode() {
         // Effective Java — Always override hashCode when you override equals
         return Objects.hash(mType, Arrays.hashCode(mCredential), mHasInvalidChars);
author	Ellen Arteca <emarteca@google.com>	2024-04-25 20:46:05 +0000
committer	Ellen Arteca <emarteca@google.com>	2024-04-25 22:52:55 +0000
commit	08d389fc62208afb1737e1a2c88e6c0b847d0f61 (patch)
tree	d31b9af0284aa60a98a57a26071844ad339ac82a
parent	4857d7011dead69039771c5b05807615e859fa1c (diff)
download	base-08d389fc62208afb1737e1a2c88e6c0b847d0f61.tar.gz