diff options
author | Hubert Chathi <hubert@uhoreg.ca> | 2018-10-12 17:02:51 -0400 |
---|---|---|
committer | Hubert Chathi <hubert@uhoreg.ca> | 2018-10-12 17:02:51 -0400 |
commit | 5cf074d3372f1e189fe410a075013adefabb1aa5 (patch) | |
tree | a72a96fafab69e62b5083cbe1933b4e34e9a72d5 /android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java | |
parent | ac071d9c0d69e4330a06f171e3bddc713ecd97d6 (diff) | |
parent | af86a9a8b899eeb3c1c464cb0c54218acd788fa6 (diff) |
Merge branch 'master' into poljar
Diffstat (limited to 'android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java')
-rw-r--r-- | android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java index da2e963..3c5ce49 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java @@ -25,6 +25,8 @@ import java.io.ObjectInputStream; import java.io.ObjectOutputStream; import java.io.Serializable; +import java.util.Arrays; + /** * Session class used to create Olm sessions in conjunction with {@link OlmAccount} class.<br> * Olm session is used to encrypt data between devices, especially to create Olm group sessions (see {@link OlmOutboundGroupSession} and {@link OlmInboundGroupSession}).<br> @@ -295,7 +297,9 @@ public class OlmSession extends CommonSerializeUtils implements Serializable { OlmMessage encryptedMsgRetValue = new OlmMessage(); try { - byte[] encryptedMessageBuffer = encryptMessageJni(aClearMsg.getBytes("UTF-8"), encryptedMsgRetValue); + byte[] clearMsgBuffer = aClearMsg.getBytes("UTF-8"); + byte[] encryptedMessageBuffer = encryptMessageJni(clearMsgBuffer, encryptedMsgRetValue); + Arrays.fill(clearMsgBuffer, (byte) 0); if (null != encryptedMessageBuffer) { encryptedMsgRetValue.mCipherText = new String(encryptedMessageBuffer, "UTF-8"); @@ -330,7 +334,10 @@ public class OlmSession extends CommonSerializeUtils implements Serializable { } try { - return new String(decryptMessageJni(aEncryptedMsg), "UTF-8"); + byte[] plaintextBuffer = decryptMessageJni(aEncryptedMsg); + String plaintext = new String(plaintextBuffer, "UTF-8"); + Arrays.fill(plaintextBuffer, (byte) 0); + return plaintext; } catch (Exception e) { Log.e(LOG_TAG, "## decryptMessage(): failed " + e.getMessage()); throw new OlmException(OlmException.EXCEPTION_CODE_SESSION_DECRYPT_MESSAGE, e.getMessage()); |