From 272f5c86957c3caf4b3ed7d59448573914b7b33f Mon Sep 17 00:00:00 2001
From: Niki Roo <niki@nikiroo.be>
Date: Tue, 23 Apr 2019 13:50:45 +0200
Subject: [PATCH] CryptUtils: clear the key array after use

---
 src/be/nikiroo/utils/CryptUtils.java | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/be/nikiroo/utils/CryptUtils.java b/src/be/nikiroo/utils/CryptUtils.java
index fdf0556..681692a 100644
--- a/src/be/nikiroo/utils/CryptUtils.java
+++ b/src/be/nikiroo/utils/CryptUtils.java
@@ -42,7 +42,11 @@ public class CryptUtils {
 	 */
 	public CryptUtils(String key) {
 		try {
-			init(key2key(key));
+			byte[] bytes32 = key2key(key);
+			init(bytes32);
+			for (int i = 0 ; i < bytes32.length ; i++) {
+				bytes32[i] = 0;
+			}
 		} catch (InvalidKeyException e) {
 			// We made sure that the key is correct, so nothing here
 			e.printStackTrace();
@@ -62,6 +66,9 @@ public class CryptUtils {
 	 */
 	public CryptUtils(byte[] bytes32) throws InvalidKeyException {
 		init(bytes32);
+		for (int i = 0 ; i < bytes32.length ; i++) {
+			bytes32[i] = 0;
+		}
 	}
 
 	/**
-- 
2.27.0