Merge pull request #608 from /issues/607-android-password-destroy

wultra · Jul 25, 2024 · fff34bf · fff34bf
2 parents 174ffbd + ce428f0
commit fff34bf
Showing 1 changed file with 19 additions and 10 deletions.
diff --git a/...rAuthLibrary/src/main/java/io/getlime/security/powerauth/sdk/PowerAuthAuthentication.java b/...rAuthLibrary/src/main/java/io/getlime/security/powerauth/sdk/PowerAuthAuthentication.java
@@ -91,9 +91,26 @@ private static byte[] safeArrayCopy(byte[] original) {
      * Make sure that the sensitive data is always wiped out from the memory.
      */
     protected void finalize() {
-        destroy();
+        releaseSensitiveData(true);
     }
 
+    /**
+     * Release all sensitive data.
+     * @param fromGC If true, then this comes from Garbage Collector, otherwise from application.
+     */
+    private void releaseSensitiveData(boolean fromGC) {
+        if (password != null && !fromGC) {          // Do not destroy Password if request comes from GC
+            password.destroy();
+        }
+        if (useBiometry != null) {
+            Arrays.fill(useBiometry, (byte) 0xCD);  // This may help with the debugging. CD CD CD is more suspicious than 00 00 00
+        }
+        if (overriddenPossessionKey != null) {
+            Arrays.fill(overriddenPossessionKey, (byte) 0xCD);
+        }
+    }
+
+
     // Persist activation
 
     /**
@@ -378,15 +395,7 @@ public byte[] getOverriddenPossessionKey() {
      * After this call, the object becomes unusable for authentication operations.
      */
     public void destroy() {
-        if (password != null) {
-            password.destroy();
-        }
-        if (useBiometry != null) {
-            Arrays.fill(useBiometry, (byte) 0xCD);  // This may help with the debugging. CD CD CD is more suspicious than 00 00 00
-        }
-        if (overriddenPossessionKey != null) {
-            Arrays.fill(overriddenPossessionKey, (byte) 0xCD);
-        }
+        releaseSensitiveData(false);
     }
 
     // Internal interfaces