Mitigate LSKF leaks in RecoverableKeyStoreManager This CL clears a local variable `byte[]` storing a copy of the LSKF, to avoid it being present in a RAMdump. Bug: 320392352 Test: build Change-Id: I3781ad8c0a15b7761820a21413cb870e01794c37

commit: 562ea6037ef28ecf7ceae78d22b132aff4f94dfc [log] [tgz]
author: Ellen Arteca <emarteca@google.com> Tue Apr 23 23:13:05 2024 +0000
committer: Ellen Arteca <emarteca@google.com> Wed Apr 24 23:47:05 2024 +0000
tree: 71315bdd0029a04f3018f9302244c6f5801a332d
parent: 548ee3851e394f9eeac1f105904cba9f2a6f2d10 [diff]
diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java
index e5807e8..54303c0 100644
--- a/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java
+++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java

@@ -1082,7 +1082,8 @@
             int keyguardCredentialsType = lockPatternUtilsToKeyguardType(savedCredentialType);
             try (LockscreenCredential credential =
                     createLockscreenCredential(keyguardCredentialsType, decryptedCredentials)) {
-                // TODO(b/254335492): remove decryptedCredentials
+                Arrays.fill(decryptedCredentials, (byte) 0);
+                decryptedCredentials = null;
                 VerifyCredentialResponse verifyResponse =
                         lockSettingsService.verifyCredential(credential, userId, 0);
                 return handleVerifyCredentialResponse(verifyResponse, userId);
commit	562ea6037ef28ecf7ceae78d22b132aff4f94dfc	[log] [tgz]
author	Ellen Arteca <emarteca@google.com>	Tue Apr 23 23:13:05 2024 +0000
committer	Ellen Arteca <emarteca@google.com>	Wed Apr 24 23:47:05 2024 +0000
tree	71315bdd0029a04f3018f9302244c6f5801a332d
parent	548ee3851e394f9eeac1f105904cba9f2a6f2d10 [diff]