setRandomInBuffer : clear tempByteArray content

1 files changed, 102 insertions, 97 deletions

diff --git a/java/android/OlmLibSdk/olm-sdk/src/main/jni/olm_jni_helper.cpp b/java/android/OlmLibSdk/olm-sdk/src/main/jni/olm_jni_helper.cpp
index d2ecce3..3fddf62 100644
--- a/java/android/OlmLibSdk/olm-sdk/src/main/jni/olm_jni_helper.cpp
+++ b/java/android/OlmLibSdk/olm-sdk/src/main/jni/olm_jni_helper.cpp
@@ -29,91 +29,96 @@ using namespace AndroidOlmSdk;
 **/
 bool setRandomInBuffer(JNIEnv *env, uint8_t **aBuffer2Ptr, size_t aRandomSize)
 {
-    bool retCode = false;
-    int bufferLen = aRandomSize*sizeof(uint8_t);
+  bool retCode = false;
+  int bufferLen = aRandomSize*sizeof(uint8_t);
 
-    if(NULL == aBuffer2Ptr)
-    {
-        LOGE("## setRandomInBuffer(): failure - aBuffer=NULL");
-    }
-    else if(0 == aRandomSize)
-    {
-        LOGE("## setRandomInBuffer(): failure - random size=0");
-    }
-    else if(NULL == (*aBuffer2Ptr = (uint8_t*)malloc(bufferLen)))
-    {
-        LOGE("## setRandomInBuffer(): failure - alloc mem OOM");
-    }
-    else
-    {
-        LOGD("## setRandomInBuffer(): randomSize=%lu",static_cast<long unsigned int>(aRandomSize));
+  if(NULL == aBuffer2Ptr)
+  {
+    LOGE("## setRandomInBuffer(): failure - aBuffer=NULL");
+  }
+  else if(0 == aRandomSize)
+  {
+    LOGE("## setRandomInBuffer(): failure - random size=0");
+  }
+  else if(NULL == (*aBuffer2Ptr = (uint8_t*)malloc(bufferLen)))
+  {
+    LOGE("## setRandomInBuffer(): failure - alloc mem OOM");
+  }
+  else
+  {
+    LOGD("## setRandomInBuffer(): randomSize=%lu",static_cast<long unsigned int>(aRandomSize));
 
-        bool secureRandomSucceeds = false;
+    bool secureRandomSucceeds = false;
 
-        // clear the buffer
-        memset(*aBuffer2Ptr, 0, bufferLen);
+    // use the secureRandom class
+    jclass cls = env->FindClass("java/security/SecureRandom");
 
-        // use the secureRandom class
-        jclass cls = env->FindClass("java/security/SecureRandom");
+    if (cls)
+    {
+      jobject newObj = 0;
+      jmethodID constructor = env->GetMethodID(cls, "<init>", "()V");
+      jmethodID nextByteMethod = env->GetMethodID(cls, "nextBytes", "([B)V");
 
-        if (cls)
+      if (constructor)
+      {
+        newObj = env->NewObject(cls, constructor);
+        jbyteArray tempByteArray = env->NewByteArray(bufferLen);
+
+        if (newObj && tempByteArray)
         {
-            jobject newObj = 0;
-            jmethodID constructor = env->GetMethodID(cls, "<init>", "()V");
-            jmethodID nextByteMethod = env->GetMethodID(cls, "nextBytes", "([B)V");
-
-            if (constructor)
-            {
-                newObj = env->NewObject(cls, constructor);
-                jbyteArray tempByteArray = env->NewByteArray(bufferLen);
-
-                if (newObj && tempByteArray)
-                {
-                    env->CallVoidMethod(newObj, nextByteMethod, tempByteArray);
-
-                    jbyte* buffer = env->GetByteArrayElements(tempByteArray,0);
-
-                    if (buffer)
-                    {
-                        memcpy(*aBuffer2Ptr, buffer, bufferLen);
-                        secureRandomSucceeds = true;
-                    }
-                }
-
-                if (tempByteArray)
-                {
-                    env->DeleteLocalRef(tempByteArray);
-                }
-
-                if (newObj)
-                {
-                    env->DeleteLocalRef(newObj);
-                }
-            }
+          env->CallVoidMethod(newObj, nextByteMethod, tempByteArray);
+
+          jbyte* buffer = env->GetByteArrayElements(tempByteArray, NULL);
+
+          if (buffer)
+          {
+            memcpy(*aBuffer2Ptr, buffer, bufferLen);
+            secureRandomSucceeds = true;
+
+            // clear tempByteArray to hide sensitive data.
+            memset(buffer, 0, bufferLen);
+            env->SetByteArrayRegion(tempByteArray, 0, bufferLen, buffer);
+
+            // ensure that the buffer is released
+            env->ReleaseByteArrayElements(tempByteArray, buffer, JNI_ABORT);
+          }
         }
 
-        if (!secureRandomSucceeds)
+        if (tempByteArray)
         {
-            LOGE("## setRandomInBuffer(): SecureRandom failed, use a fallback");
-            struct timeval timeValue;
-            gettimeofday(&timeValue, NULL);
-            srand(timeValue.tv_usec); // init seed
-
-            for(size_t i=0;i<aRandomSize;i++)
-            {
-                (*aBuffer2Ptr)[i] = (uint8_t)(rand()%ACCOUNT_CREATION_RANDOM_MODULO);
-            }
+          env->DeleteLocalRef(tempByteArray);
         }
 
-        // debug purpose
-        /*for(int i = 0; i < aRandomSize; i++)
+        if (newObj)
         {
-            LOGD("## setRandomInBuffer(): randomBuffPtr[%ld]=%d",i, (*aBuffer2Ptr)[i]);
-        }*/
+          env->DeleteLocalRef(newObj);
+        }
+      }
+    }
 
-        retCode = true;
+    if (!secureRandomSucceeds)
+    {
+      LOGE("## setRandomInBuffer(): SecureRandom failed, use a fallback");
+      struct timeval timeValue;
+      gettimeofday(&timeValue, NULL);
+      srand(timeValue.tv_usec); // init seed
+
+      for(size_t i=0;i<aRandomSize;i++)
+      {
+          (*aBuffer2Ptr)[i] = (uint8_t)(rand()%ACCOUNT_CREATION_RANDOM_MODULO);
+      }
     }
-    return retCode;
+
+    // debug purpose
+    /*for(int i = 0; i < aRandomSize; i++)
+    {
+        LOGD("## setRandomInBuffer(): randomBuffPtr[%ld]=%d",i, (*aBuffer2Ptr)[i]);
+    }*/
+
+    retCode = true;
+  }
+
+  return retCode;
 }
 
 
@@ -242,37 +247,37 @@ jlong getUtilityInstanceId(JNIEnv* aJniEnv, jobject aJavaObject)
 */
 jstring javaCStringToUtf8(JNIEnv *env, uint8_t *aCStringMsgPtr, size_t aMsgLength)
 {
-    jstring convertedRetValue = 0;
-    jbyteArray tempByteArray = NULL;
+  jstring convertedRetValue = 0;
+  jbyteArray tempByteArray = NULL;
 
-    if((NULL == aCStringMsgPtr) || (NULL == env))
-    {
-        LOGE("## javaCStringToUtf8(): failure - invalid parameters (null)");
-    }
-    else if(NULL == (tempByteArray=env->NewByteArray(aMsgLength)))
+  if((NULL == aCStringMsgPtr) || (NULL == env))
+  {
+    LOGE("## javaCStringToUtf8(): failure - invalid parameters (null)");
+  }
+  else if(NULL == (tempByteArray=env->NewByteArray(aMsgLength)))
+  {
+    LOGE("## javaCStringToUtf8(): failure - return byte array OOM");
+  }
+  else
+  {
+    env->SetByteArrayRegion(tempByteArray, 0, aMsgLength, (const jbyte*)aCStringMsgPtr);
+
+    // UTF-8 conversion from JAVA
+    jstring strEncode = (env)->NewStringUTF("UTF-8");
+    jclass jClass = env->FindClass("java/lang/String");
+    jmethodID cstor = env->GetMethodID(jClass, "<init>", "([BLjava/lang/String;)V");
+
+    if((0!=jClass) && (0!=jClass) && (0!=strEncode))
     {
-        LOGE("## javaCStringToUtf8(): failure - return byte array OOM");
+      convertedRetValue = (jstring) env->NewObject(jClass, cstor, tempByteArray, strEncode);
+      LOGD(" ## javaCStringToUtf8(): succeed");
+      env->DeleteLocalRef(tempByteArray);
     }
     else
     {
-        env->SetByteArrayRegion(tempByteArray, 0, aMsgLength, (const jbyte*)aCStringMsgPtr);
-
-        // UTF-8 conversion from JAVA
-        jstring strEncode = (env)->NewStringUTF("UTF-8");
-        jclass jClass = env->FindClass("java/lang/String");
-        jmethodID cstor = env->GetMethodID(jClass, "<init>", "([BLjava/lang/String;)V");
-
-        if((0!=jClass) && (0!=jClass) && (0!=strEncode))
-        {
-            convertedRetValue = (jstring) env->NewObject(jClass, cstor, tempByteArray, strEncode);
-            LOGD(" ## javaCStringToUtf8(): succeed");
-            env->DeleteLocalRef(tempByteArray);
-        }
-        else
-        {
-            LOGE(" ## javaCStringToUtf8(): failure - invalid Java references");
-        }
+      LOGE(" ## javaCStringToUtf8(): failure - invalid Java references");
     }
+  }
 
-    return convertedRetValue;
+  return convertedRetValue;
 }