From 178e7856b26c95e261bf723490b8dadcdc6e96da Mon Sep 17 00:00:00 2001
From: Christian Hagau <ach@hagau.se>
Date: Fri, 2 Apr 2021 00:00:00 +0000
Subject: [PATCH] Don't explicitly clear PIN when verifying admin PIN.

The PIN is cleared anyway when the Passphrase object holding the PIN is
freed.
---
 .../keychain/securitytoken/SecurityTokenConnection.java          | 1 -
 1 file changed, 1 deletion(-)

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java
index c56b8a8e8..513544494 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java
@@ -414,7 +414,6 @@ public class SecurityTokenConnection {
         // delete secrets from memory
         Arrays.fill(pin, (byte) 0);
         Arrays.fill(transformedPin, (byte) 0);
-        adminPin.removeFromMemory();
 
         ResponseApdu response = communicate(verifyPw3Command);
         if (!response.isSuccess()) {