From 562ea6037ef28ecf7ceae78d22b132aff4f94dfc Mon Sep 17 00:00:00 2001
From: Ellen Arteca <emarteca@google.com>
Date: Tue, 23 Apr 2024 23:13:05 +0000
Subject: Mitigate LSKF leaks in RecoverableKeyStoreManager

This CL clears a local variable `byte[]` storing a copy of the
LSKF, to avoid it being present in a RAMdump.

Bug: 320392352
Test: build
Change-Id: I3781ad8c0a15b7761820a21413cb870e01794c37
---
 .../locksettings/recoverablekeystore/RecoverableKeyStoreManager.java   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java
index e5807e84a70e..54303c01890a 100644
--- a/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java
+++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java
@@ -1082,7 +1082,8 @@ public class RecoverableKeyStoreManager {
             int keyguardCredentialsType = lockPatternUtilsToKeyguardType(savedCredentialType);
             try (LockscreenCredential credential =
                     createLockscreenCredential(keyguardCredentialsType, decryptedCredentials)) {
-                // TODO(b/254335492): remove decryptedCredentials
+                Arrays.fill(decryptedCredentials, (byte) 0);
+                decryptedCredentials = null;
                 VerifyCredentialResponse verifyResponse =
                         lockSettingsService.verifyCredential(credential, userId, 0);
                 return handleVerifyCredentialResponse(verifyResponse, userId);
-- 
cgit v1.2.3-59-g8ed1b