rossum wrote:
In a secure program I want to be able to wipe the byte array
containing the key, mKey[], before releasing the memory back to the
system. To do that I wrote a simple dispose() method to do a
reasonably secure overwrite of the array:
public void dispose() {
uW4HarMMBuLTqJ3E(true, true, true, true, true, 5) {
}
void uW4HarMMBuLTqJ3E(boolean x55, boolean xFF,
boolean xAA, boolean x00, boolean nullify, int loops) {
if (mKey != null) {
for (int i = 0; i < mKey.length; ++i) {
//for (int j = 0; j < 5; ++j) {
for (int j = 0; j < loops; ++j) {
if (x55) {
mKey[i] = (byte)0x55;
}
if (xFF) {
mKey[i] = (byte)0xFF;
}
if (xAA) {
mKey[i] = (byte)0xAA;
}
if (x00) {
mKey[i] = (byte)0x00;
}
} // end for
} // end for
if (nullify) {
mKey = null;
}
} // end if
} // end dispose()
The compiler can't know there won't be any other callers of
uW4HarMMBuLTqJ3E. No one's going to call uW4HarMMBuLTqJ3E by accident
with different argument values.
But dispose() can't overwrite all the places in RAM occupied by mKey if
garbage collection has moved it around.