Handling Sensitive Data in Memory
Handling Sensitive Data in Memory
Protecting data in memory prevents extraction through memory dumps or debugging.
// Android - Secure memory handling
import java.security.SecureRandom
import java.util.Arrays
class SecureMemoryHandler {
// Secure string that clears itself
class SecureString(private val chars: CharArray) : AutoCloseable {
fun use(block: (CharArray) -> Unit) {
try {
block(chars)
} finally {
clear()
}
}
override fun close() {
clear()
}
private fun clear() {
Arrays.fill(chars, ' ')
}
}
// Secure byte array
class SecureByteArray(private val bytes: ByteArray) : AutoCloseable {
fun use(block: (ByteArray) -> Unit) {
try {
block(bytes)
} finally {
clear()
}
}
override fun close() {
clear()
}
private fun clear() {
val random = SecureRandom()
random.nextBytes(bytes) // Overwrite with random data
Arrays.fill(bytes, 0.toByte())
}
}
// Prevent memory swapping for sensitive data
fun lockMemory(data: ByteArray) {
// Note: Full memory locking requires native code
// This is a simplified example
try {
// Keep reference to prevent garbage collection
Runtime.getRuntime().addShutdownHook(Thread {
Arrays.fill(data, 0.toByte())
})
} catch (e: Exception) {
// Handle error
}
}
}