Page MenuHomePhabricator

Fix potential secret key leakage in JNI bindings
Open, HighPublic

Comment copied here:

Just from looking at this diff, it looks like`byteBuff` and seckey are not being explicitly cleaned up before this function exits. Given that Java's GC is "at will" the secret key could be floating around in memory.

If this memory is not being cleaned up somewhere, we may have to zero them out and clear them before exiting. The exact behavior may be impacted by my other question below about memory leaking. If a new object is NOT created, then we need to know the consequences of altering that memory.

Note that this issue may also impact other ECDSA functions in this file as well.

After talking with Amaury and Fabien, we agreed that clearing these values is the best/safest option.

Event Timeline

jasonbcox triaged this task as High priority.Apr 10 2019, 06:12
jasonbcox created this task.