Loading core/java/android/net/Uri.java +5 −7 Original line number Diff line number Diff line Loading @@ -366,7 +366,6 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { public String toSafeString() { String scheme = getScheme(); String ssp = getSchemeSpecificPart(); String authority = null; if (scheme != null) { if (scheme.equalsIgnoreCase("tel") || scheme.equalsIgnoreCase("sip") || scheme.equalsIgnoreCase("sms") || scheme.equalsIgnoreCase("smsto") Loading @@ -385,9 +384,11 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { } } return builder.toString(); } else if (scheme.equalsIgnoreCase("http") || scheme.equalsIgnoreCase("https")) { ssp = null; authority = "//" + getAuthority() + "/..."; } else if (scheme.equalsIgnoreCase("http") || scheme.equalsIgnoreCase("https") || scheme.equalsIgnoreCase("ftp")) { ssp = "//" + ((getHost() != null) ? getHost() : "") + ((getPort() != -1) ? (":" + getPort()) : "") + "/..."; } } // Not a sensitive scheme, but let's still be conservative about Loading @@ -401,9 +402,6 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { if (ssp != null) { builder.append(ssp); } if (authority != null) { builder.append(authority); } return builder.toString(); } Loading core/tests/coretests/src/android/net/UriTest.java +52 −0 Original line number Diff line number Diff line Loading @@ -804,4 +804,56 @@ public class UriTest extends TestCase { assertFalse(Uri.parse("content://com.example/path/path").isPathPrefixMatch( Uri.parse("content://com.example/path%2Fpath"))); } public void testToSafeString() { checkToSafeString("tel:xxxxxx", "tel:Google"); checkToSafeString("tel:xxxxxxxxxx", "tel:1234567890"); checkToSafeString("tEl:xxx.xxx-xxxx", "tEl:123.456-7890"); checkToSafeString("sms:xxxxxx", "sms:123abc"); checkToSafeString("smS:xxx.xxx-xxxx", "smS:123.456-7890"); checkToSafeString("smsto:xxxxxx", "smsto:123abc"); checkToSafeString("SMSTo:xxx.xxx-xxxx", "SMSTo:123.456-7890"); checkToSafeString("mailto:xxxxxxx@xxxxxxx.xxx", "mailto:android@android.com"); checkToSafeString("Mailto:xxxxxxx@xxxxxxx.xxxxxxxxxx", "Mailto:android@android.com/secret"); checkToSafeString("sip:xxxxxxx@xxxxxxx.xxxxxxxx", "sip:android@android.com:1234"); checkToSafeString("sIp:xxxxxxx@xxxxxxx.xxx", "sIp:android@android.com"); checkToSafeString("http://www.android.com/...", "http://www.android.com"); checkToSafeString("HTTP://www.android.com/...", "HTTP://www.android.com"); checkToSafeString("http://www.android.com/...", "http://www.android.com/"); checkToSafeString("http://www.android.com/...", "http://www.android.com/secretUrl?param"); checkToSafeString("http://www.android.com/...", "http://user:pwd@www.android.com/secretUrl?param"); checkToSafeString("http://www.android.com/...", "http://user@www.android.com/secretUrl?param"); checkToSafeString("http://www.android.com/...", "http://www.android.com/secretUrl?param"); checkToSafeString("http:///...", "http:///path?param"); checkToSafeString("http:///...", "http://"); checkToSafeString("http://:12345/...", "http://:12345/"); checkToSafeString("https://www.android.com/...", "https://www.android.com/secretUrl?param"); checkToSafeString("https://www.android.com:8443/...", "https://user:pwd@www.android.com:8443/secretUrl?param"); checkToSafeString("https://www.android.com/...", "https://user:pwd@www.android.com"); checkToSafeString("Https://www.android.com/...", "Https://user:pwd@www.android.com"); checkToSafeString("ftp://ftp.android.com/...", "ftp://ftp.android.com/"); checkToSafeString("ftP://ftp.android.com/...", "ftP://anonymous@ftp.android.com/"); checkToSafeString("ftp://ftp.android.com:2121/...", "ftp://root:love@ftp.android.com:2121/"); checkToSafeString("unsupported://ajkakjah/askdha/secret?secret", "unsupported://ajkakjah/askdha/secret?secret"); checkToSafeString("unsupported:ajkakjah/askdha/secret?secret", "unsupported:ajkakjah/askdha/secret?secret"); } private void checkToSafeString(String expectedSafeString, String original) { assertEquals(expectedSafeString, Uri.parse(original).toSafeString()); } } keystore/java/android/security/AndroidKeyStore.java +9 −11 Original line number Diff line number Diff line Loading @@ -544,17 +544,15 @@ public class AndroidKeyStore extends KeyStoreSpi { args.addInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT, params.getUserAuthenticationValidityDurationSeconds()); } if (params.getKeyValidityStart() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, params.getKeyValidityStart()); } if (params.getKeyValidityForOriginationEnd() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, (params.getKeyValidityStart() != null) ? params.getKeyValidityStart() : new Date(0)); args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME, params.getKeyValidityForOriginationEnd()); } if (params.getKeyValidityForConsumptionEnd() != null) { (params.getKeyValidityForOriginationEnd() != null) ? params.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE)); args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME, params.getKeyValidityForConsumptionEnd()); } (params.getKeyValidityForConsumptionEnd() != null) ? params.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE)); // TODO: Remove this once keymaster does not require us to specify the size of imported key. args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, keyMaterial.length * 8); Loading keystore/java/android/security/KeyStoreKeyGeneratorSpi.java +10 −11 Original line number Diff line number Diff line Loading @@ -23,6 +23,7 @@ import android.security.keymaster.KeymasterDefs; import java.security.InvalidAlgorithmParameterException; import java.security.SecureRandom; import java.security.spec.AlgorithmParameterSpec; import java.util.Date; import javax.crypto.KeyGeneratorSpi; import javax.crypto.SecretKey; Loading Loading @@ -144,17 +145,15 @@ public abstract class KeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { args.addInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT, spec.getUserAuthenticationValidityDurationSeconds()); } if (spec.getKeyValidityStart() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, spec.getKeyValidityStart()); } if (spec.getKeyValidityForOriginationEnd() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, (spec.getKeyValidityStart() != null) ? spec.getKeyValidityStart() : new Date(0)); args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME, spec.getKeyValidityForOriginationEnd()); } if (spec.getKeyValidityForConsumptionEnd() != null) { (spec.getKeyValidityForOriginationEnd() != null) ? spec.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE)); args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME, spec.getKeyValidityForConsumptionEnd()); } (spec.getKeyValidityForConsumptionEnd() != null) ? spec.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE)); if (((purposes & KeyStoreKeyConstraints.Purpose.ENCRYPT) != 0) || ((purposes & KeyStoreKeyConstraints.Purpose.DECRYPT) != 0)) { Loading keystore/java/android/security/KeyStoreSecretKeyFactorySpi.java +22 −5 Original line number Diff line number Diff line Loading @@ -22,6 +22,7 @@ import android.security.keymaster.KeymasterDefs; import java.security.InvalidKeyException; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import java.util.Date; import java.util.Set; import javax.crypto.SecretKey; Loading Loading @@ -112,6 +113,24 @@ public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { throw new InvalidKeySpecException("Unsupported key characteristic", e); } Date keyValidityStart = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ACTIVE_DATETIME); if ((keyValidityStart != null) && (keyValidityStart.getTime() <= 0)) { keyValidityStart = null; } Date keyValidityForOriginationEnd = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME); if ((keyValidityForOriginationEnd != null) && (keyValidityForOriginationEnd.getTime() == Long.MAX_VALUE)) { keyValidityForOriginationEnd = null; } Date keyValidityForConsumptionEnd = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME); if ((keyValidityForConsumptionEnd != null) && (keyValidityForConsumptionEnd.getTime() == Long.MAX_VALUE)) { keyValidityForConsumptionEnd = null; } int swEnforcedUserAuthenticatorIds = keyCharacteristics.swEnforced.getInt(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, 0); int hwEnforcedUserAuthenticatorIds = Loading @@ -126,11 +145,9 @@ public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { return new KeyStoreKeySpec(entryAlias, origin, keySize, KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ACTIVE_DATETIME), KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME), KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME), keyValidityStart, keyValidityForOriginationEnd, keyValidityForConsumptionEnd, purposes, algorithm, padding, Loading Loading
core/java/android/net/Uri.java +5 −7 Original line number Diff line number Diff line Loading @@ -366,7 +366,6 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { public String toSafeString() { String scheme = getScheme(); String ssp = getSchemeSpecificPart(); String authority = null; if (scheme != null) { if (scheme.equalsIgnoreCase("tel") || scheme.equalsIgnoreCase("sip") || scheme.equalsIgnoreCase("sms") || scheme.equalsIgnoreCase("smsto") Loading @@ -385,9 +384,11 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { } } return builder.toString(); } else if (scheme.equalsIgnoreCase("http") || scheme.equalsIgnoreCase("https")) { ssp = null; authority = "//" + getAuthority() + "/..."; } else if (scheme.equalsIgnoreCase("http") || scheme.equalsIgnoreCase("https") || scheme.equalsIgnoreCase("ftp")) { ssp = "//" + ((getHost() != null) ? getHost() : "") + ((getPort() != -1) ? (":" + getPort()) : "") + "/..."; } } // Not a sensitive scheme, but let's still be conservative about Loading @@ -401,9 +402,6 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { if (ssp != null) { builder.append(ssp); } if (authority != null) { builder.append(authority); } return builder.toString(); } Loading
core/tests/coretests/src/android/net/UriTest.java +52 −0 Original line number Diff line number Diff line Loading @@ -804,4 +804,56 @@ public class UriTest extends TestCase { assertFalse(Uri.parse("content://com.example/path/path").isPathPrefixMatch( Uri.parse("content://com.example/path%2Fpath"))); } public void testToSafeString() { checkToSafeString("tel:xxxxxx", "tel:Google"); checkToSafeString("tel:xxxxxxxxxx", "tel:1234567890"); checkToSafeString("tEl:xxx.xxx-xxxx", "tEl:123.456-7890"); checkToSafeString("sms:xxxxxx", "sms:123abc"); checkToSafeString("smS:xxx.xxx-xxxx", "smS:123.456-7890"); checkToSafeString("smsto:xxxxxx", "smsto:123abc"); checkToSafeString("SMSTo:xxx.xxx-xxxx", "SMSTo:123.456-7890"); checkToSafeString("mailto:xxxxxxx@xxxxxxx.xxx", "mailto:android@android.com"); checkToSafeString("Mailto:xxxxxxx@xxxxxxx.xxxxxxxxxx", "Mailto:android@android.com/secret"); checkToSafeString("sip:xxxxxxx@xxxxxxx.xxxxxxxx", "sip:android@android.com:1234"); checkToSafeString("sIp:xxxxxxx@xxxxxxx.xxx", "sIp:android@android.com"); checkToSafeString("http://www.android.com/...", "http://www.android.com"); checkToSafeString("HTTP://www.android.com/...", "HTTP://www.android.com"); checkToSafeString("http://www.android.com/...", "http://www.android.com/"); checkToSafeString("http://www.android.com/...", "http://www.android.com/secretUrl?param"); checkToSafeString("http://www.android.com/...", "http://user:pwd@www.android.com/secretUrl?param"); checkToSafeString("http://www.android.com/...", "http://user@www.android.com/secretUrl?param"); checkToSafeString("http://www.android.com/...", "http://www.android.com/secretUrl?param"); checkToSafeString("http:///...", "http:///path?param"); checkToSafeString("http:///...", "http://"); checkToSafeString("http://:12345/...", "http://:12345/"); checkToSafeString("https://www.android.com/...", "https://www.android.com/secretUrl?param"); checkToSafeString("https://www.android.com:8443/...", "https://user:pwd@www.android.com:8443/secretUrl?param"); checkToSafeString("https://www.android.com/...", "https://user:pwd@www.android.com"); checkToSafeString("Https://www.android.com/...", "Https://user:pwd@www.android.com"); checkToSafeString("ftp://ftp.android.com/...", "ftp://ftp.android.com/"); checkToSafeString("ftP://ftp.android.com/...", "ftP://anonymous@ftp.android.com/"); checkToSafeString("ftp://ftp.android.com:2121/...", "ftp://root:love@ftp.android.com:2121/"); checkToSafeString("unsupported://ajkakjah/askdha/secret?secret", "unsupported://ajkakjah/askdha/secret?secret"); checkToSafeString("unsupported:ajkakjah/askdha/secret?secret", "unsupported:ajkakjah/askdha/secret?secret"); } private void checkToSafeString(String expectedSafeString, String original) { assertEquals(expectedSafeString, Uri.parse(original).toSafeString()); } }
keystore/java/android/security/AndroidKeyStore.java +9 −11 Original line number Diff line number Diff line Loading @@ -544,17 +544,15 @@ public class AndroidKeyStore extends KeyStoreSpi { args.addInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT, params.getUserAuthenticationValidityDurationSeconds()); } if (params.getKeyValidityStart() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, params.getKeyValidityStart()); } if (params.getKeyValidityForOriginationEnd() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, (params.getKeyValidityStart() != null) ? params.getKeyValidityStart() : new Date(0)); args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME, params.getKeyValidityForOriginationEnd()); } if (params.getKeyValidityForConsumptionEnd() != null) { (params.getKeyValidityForOriginationEnd() != null) ? params.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE)); args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME, params.getKeyValidityForConsumptionEnd()); } (params.getKeyValidityForConsumptionEnd() != null) ? params.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE)); // TODO: Remove this once keymaster does not require us to specify the size of imported key. args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, keyMaterial.length * 8); Loading
keystore/java/android/security/KeyStoreKeyGeneratorSpi.java +10 −11 Original line number Diff line number Diff line Loading @@ -23,6 +23,7 @@ import android.security.keymaster.KeymasterDefs; import java.security.InvalidAlgorithmParameterException; import java.security.SecureRandom; import java.security.spec.AlgorithmParameterSpec; import java.util.Date; import javax.crypto.KeyGeneratorSpi; import javax.crypto.SecretKey; Loading Loading @@ -144,17 +145,15 @@ public abstract class KeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { args.addInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT, spec.getUserAuthenticationValidityDurationSeconds()); } if (spec.getKeyValidityStart() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, spec.getKeyValidityStart()); } if (spec.getKeyValidityForOriginationEnd() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, (spec.getKeyValidityStart() != null) ? spec.getKeyValidityStart() : new Date(0)); args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME, spec.getKeyValidityForOriginationEnd()); } if (spec.getKeyValidityForConsumptionEnd() != null) { (spec.getKeyValidityForOriginationEnd() != null) ? spec.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE)); args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME, spec.getKeyValidityForConsumptionEnd()); } (spec.getKeyValidityForConsumptionEnd() != null) ? spec.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE)); if (((purposes & KeyStoreKeyConstraints.Purpose.ENCRYPT) != 0) || ((purposes & KeyStoreKeyConstraints.Purpose.DECRYPT) != 0)) { Loading
keystore/java/android/security/KeyStoreSecretKeyFactorySpi.java +22 −5 Original line number Diff line number Diff line Loading @@ -22,6 +22,7 @@ import android.security.keymaster.KeymasterDefs; import java.security.InvalidKeyException; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import java.util.Date; import java.util.Set; import javax.crypto.SecretKey; Loading Loading @@ -112,6 +113,24 @@ public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { throw new InvalidKeySpecException("Unsupported key characteristic", e); } Date keyValidityStart = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ACTIVE_DATETIME); if ((keyValidityStart != null) && (keyValidityStart.getTime() <= 0)) { keyValidityStart = null; } Date keyValidityForOriginationEnd = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME); if ((keyValidityForOriginationEnd != null) && (keyValidityForOriginationEnd.getTime() == Long.MAX_VALUE)) { keyValidityForOriginationEnd = null; } Date keyValidityForConsumptionEnd = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME); if ((keyValidityForConsumptionEnd != null) && (keyValidityForConsumptionEnd.getTime() == Long.MAX_VALUE)) { keyValidityForConsumptionEnd = null; } int swEnforcedUserAuthenticatorIds = keyCharacteristics.swEnforced.getInt(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, 0); int hwEnforcedUserAuthenticatorIds = Loading @@ -126,11 +145,9 @@ public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { return new KeyStoreKeySpec(entryAlias, origin, keySize, KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ACTIVE_DATETIME), KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME), KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME), keyValidityStart, keyValidityForOriginationEnd, keyValidityForConsumptionEnd, purposes, algorithm, padding, Loading
