Merge "locksettings: consistently use "personalization"" (3329ea3d) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java

+9 −9

Original line number	Diff line number	Diff line
		@@ -99,8 +99,8 @@ public class SyntheticPasswordCrypto {
		return outputStream.toByteArray();
		}

		public static byte[] encrypt(byte[] keyBytes, byte[] personalisation, byte[] message) {
		byte[] keyHash = personalisedHash(personalisation, keyBytes);
		public static byte[] encrypt(byte[] keyBytes, byte[] personalization, byte[] message) {
		byte[] keyHash = personalizedHash(personalization, keyBytes);
		SecretKeySpec key = new SecretKeySpec(Arrays.copyOf(keyHash, AES_KEY_LENGTH),
		KeyProperties.KEY_ALGORITHM_AES);
		try {
		@@ -113,8 +113,8 @@ public class SyntheticPasswordCrypto {
		}
		}

		public static byte[] decrypt(byte[] keyBytes, byte[] personalisation, byte[] ciphertext) {
		byte[] keyHash = personalisedHash(personalisation, keyBytes);
		public static byte[] decrypt(byte[] keyBytes, byte[] personalization, byte[] ciphertext) {
		byte[] keyHash = personalizedHash(personalization, keyBytes);
		SecretKeySpec key = new SecretKeySpec(Arrays.copyOf(keyHash, AES_KEY_LENGTH),
		KeyProperties.KEY_ALGORITHM_AES);
		try {
		@@ -220,17 +220,17 @@ public class SyntheticPasswordCrypto {
		}
		}

		protected static byte[] personalisedHash(byte[] personalisation, byte[]... message) {
		protected static byte[] personalizedHash(byte[] personalization, byte[]... message) {
		try {
		final int PADDING_LENGTH = 128;
		MessageDigest digest = MessageDigest.getInstance("SHA-512");
		if (personalisation.length > PADDING_LENGTH) {
		throw new IllegalArgumentException("Personalisation too long");
		if (personalization.length > PADDING_LENGTH) {
		throw new IllegalArgumentException("Personalization too long");
		}
		// Personalize the hash
		// Pad it to the block size of the hash function
		personalisation = Arrays.copyOf(personalisation, PADDING_LENGTH);
		digest.update(personalisation);
		personalization = Arrays.copyOf(personalization, PADDING_LENGTH);
		digest.update(personalization);
		for (byte[] data : message) {
		digest.update(data);
		}

services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java

+16 −16

Original line number	Diff line number	Diff line
		@@ -129,7 +129,7 @@ public class SyntheticPasswordManager {
		private static final int PASSWORD_TOKEN_LENGTH = 32;
		private static final String TAG = "SyntheticPasswordManager";

		private static final byte[] PERSONALISATION_SECDISCARDABLE = "secdiscardable-transform".getBytes();
		private static final byte[] PERSONALIZATION_SECDISCARDABLE = "secdiscardable-transform".getBytes();
		private static final byte[] PERSONALIZATION_KEY_STORE_PASSWORD = "keystore-password".getBytes();
		private static final byte[] PERSONALIZATION_USER_GK_AUTH = "user-gk-authentication".getBytes();
		private static final byte[] PERSONALIZATION_SP_GK_AUTH = "sp-gk-authentication".getBytes();
		@@ -138,11 +138,11 @@ public class SyntheticPasswordManager {
		private static final byte[] PERSONALIZATION_SP_SPLIT = "sp-split".getBytes();
		private static final byte[] PERSONALIZATION_PASSWORD_HASH = "pw-hash".getBytes();
		private static final byte[] PERSONALIZATION_E0 = "e0-encryption".getBytes();
		private static final byte[] PERSONALISATION_WEAVER_PASSWORD = "weaver-pwd".getBytes();
		private static final byte[] PERSONALISATION_WEAVER_KEY = "weaver-key".getBytes();
		private static final byte[] PERSONALISATION_WEAVER_TOKEN = "weaver-token".getBytes();
		private static final byte[] PERSONALIZATION_WEAVER_PASSWORD = "weaver-pwd".getBytes();
		private static final byte[] PERSONALIZATION_WEAVER_KEY = "weaver-key".getBytes();
		private static final byte[] PERSONALIZATION_WEAVER_TOKEN = "weaver-token".getBytes();
		private static final byte[] PERSONALIZATION_PASSWORD_METRICS = "password-metrics".getBytes();
		private static final byte[] PERSONALISATION_CONTEXT =
		private static final byte[] PERSONALIZATION_CONTEXT =
		"android-synthetic-password-personalization-context".getBytes();

		static class AuthenticationResult {
		@@ -199,9 +199,9 @@ public class SyntheticPasswordManager {
		private byte[] deriveSubkey(byte[] personalization) {
		if (mVersion == SYNTHETIC_PASSWORD_VERSION_V3) {
		return (new SP800Derive(mSyntheticPassword))
		.withContext(personalization, PERSONALISATION_CONTEXT);
		.withContext(personalization, PERSONALIZATION_CONTEXT);
		} else {
		return SyntheticPasswordCrypto.personalisedHash(personalization,
		return SyntheticPasswordCrypto.personalizedHash(personalization,
		mSyntheticPassword);
		}
		}
		@@ -278,7 +278,7 @@ public class SyntheticPasswordManager {
		* AuthenticationToken.mSyntheticPassword for details on what each block means.
		*/
		private void recreate(byte[] escrowSplit0, byte[] escrowSplit1) {
		mSyntheticPassword = bytesToHex(SyntheticPasswordCrypto.personalisedHash(
		mSyntheticPassword = bytesToHex(SyntheticPasswordCrypto.personalizedHash(
		PERSONALIZATION_SP_SPLIT, escrowSplit0, escrowSplit1));
		}

		@@ -920,7 +920,7 @@ public class SyntheticPasswordManager {
		if (isWeaverAvailable()) {
		tokenData.weaverSecret = secureRandom(mWeaverConfig.valueSize);
		tokenData.secdiscardableOnDisk = SyntheticPasswordCrypto.encrypt(tokenData.weaverSecret,
		PERSONALISATION_WEAVER_TOKEN, secdiscardable);
		PERSONALIZATION_WEAVER_TOKEN, secdiscardable);
		} else {
		tokenData.secdiscardableOnDisk = secdiscardable;
		tokenData.weaverSecret = null;
		@@ -1163,7 +1163,7 @@ public class SyntheticPasswordManager {
		return result;
		}
		secdiscardable = SyntheticPasswordCrypto.decrypt(response.getGatekeeperHAT(),
		PERSONALISATION_WEAVER_TOKEN, secdiscardable);
		PERSONALIZATION_WEAVER_TOKEN, secdiscardable);
		}
		byte[] applicationId = transformUnderSecdiscardable(token, secdiscardable);
		result.authToken = unwrapSyntheticPasswordBlob(handle, type, applicationId, 0L, userId);
		@@ -1329,8 +1329,8 @@ public class SyntheticPasswordManager {
		}

		private byte[] transformUnderWeaverSecret(byte[] data, byte[] secret) {
		byte[] weaverSecret = SyntheticPasswordCrypto.personalisedHash(
		PERSONALISATION_WEAVER_PASSWORD, secret);
		byte[] weaverSecret = SyntheticPasswordCrypto.personalizedHash(
		PERSONALIZATION_WEAVER_PASSWORD, secret);
		byte[] result = new byte[data.length + weaverSecret.length];
		System.arraycopy(data, 0, result, 0, data.length);
		System.arraycopy(weaverSecret, 0, result, data.length, weaverSecret.length);
		@@ -1338,8 +1338,8 @@ public class SyntheticPasswordManager {
		}

		private byte[] transformUnderSecdiscardable(byte[] data, byte[] rawSecdiscardable) {
		byte[] secdiscardable = SyntheticPasswordCrypto.personalisedHash(
		PERSONALISATION_SECDISCARDABLE, rawSecdiscardable);
		byte[] secdiscardable = SyntheticPasswordCrypto.personalizedHash(
		PERSONALIZATION_SECDISCARDABLE, rawSecdiscardable);
		byte[] result = new byte[data.length + secdiscardable.length];
		System.arraycopy(data, 0, result, 0, data.length);
		System.arraycopy(secdiscardable, 0, result, data.length, secdiscardable.length);
		@@ -1459,11 +1459,11 @@ public class SyntheticPasswordManager {
		}

		private byte[] passwordTokenToGkInput(byte[] token) {
		return SyntheticPasswordCrypto.personalisedHash(PERSONALIZATION_USER_GK_AUTH, token);
		return SyntheticPasswordCrypto.personalizedHash(PERSONALIZATION_USER_GK_AUTH, token);
		}

		private byte[] passwordTokenToWeaverKey(byte[] token) {
		byte[] key = SyntheticPasswordCrypto.personalisedHash(PERSONALISATION_WEAVER_KEY, token);
		byte[] key = SyntheticPasswordCrypto.personalizedHash(PERSONALIZATION_WEAVER_KEY, token);
		if (key.length < mWeaverConfig.keySize) {
		throw new IllegalArgumentException("weaver key length too small");
		}