Merge "Minor changes to the API to align the choice of password hashing algorithm" into pi-dev

@SystemApi

public final class KeyDerivationParams implements Parcelable {

    private final int mAlgorithm;

    private byte[] mSalt;

    private final byte[] mSalt;

    private final int mDifficulty;

    /** @hide */

    @Retention(RetentionPolicy.SOURCE)

    @IntDef(prefix = {"ALGORITHM_"}, value = {ALGORITHM_SHA256, ALGORITHM_ARGON2ID})

    @IntDef(prefix = {"ALGORITHM_"}, value = {ALGORITHM_SHA256, ALGORITHM_SCRYPT})

    public @interface KeyDerivationAlgorithm {

    }

    /**

     * Salted SHA256

     * Salted SHA256.

     */

    public static final int ALGORITHM_SHA256 = 1;

    /**

     * Argon2ID

     * SCRYPT.

     *

     * @hide

     */

    // TODO: add Argon2ID support.

    public static final int ALGORITHM_ARGON2ID = 2;

    public static final int ALGORITHM_SCRYPT = 2;

    /**

     * Creates instance of the class to to derive key using salted SHA256 hash.

        return new KeyDerivationParams(ALGORITHM_SHA256, salt);

    }

    /**

     * Creates instance of the class to to derive key using the password hashing algorithm SCRYPT.

     *

     * @hide

     */

    public static KeyDerivationParams createScryptParams(@NonNull byte[] salt, int difficulty) {

        return new KeyDerivationParams(ALGORITHM_SCRYPT, salt, difficulty);

    }

    /**

     * @hide

     */

    // TODO: Make private once legacy API is removed

    public KeyDerivationParams(@KeyDerivationAlgorithm int algorithm, @NonNull byte[] salt) {

        this(algorithm, salt, /*difficulty=*/ 0);

    }

    /**

     * @hide

     */

    KeyDerivationParams(@KeyDerivationAlgorithm int algorithm, @NonNull byte[] salt,

            int difficulty) {

        mAlgorithm = algorithm;

        mSalt = Preconditions.checkNotNull(salt);

        mDifficulty = difficulty;

    }

    /**

        return mSalt;

    }

    /**

     * Gets hashing difficulty.

     *

     * @hide

     */

    public int getDifficulty() {

        return mDifficulty;

    }

    public static final Parcelable.Creator<KeyDerivationParams> CREATOR =

            new Parcelable.Creator<KeyDerivationParams>() {

        public KeyDerivationParams createFromParcel(Parcel in) {

    public void writeToParcel(Parcel out, int flags) {

        out.writeInt(mAlgorithm);

        out.writeByteArray(mSalt);

        out.writeInt(mDifficulty);

    }

    /**

    protected KeyDerivationParams(Parcel in) {

        mAlgorithm = in.readInt();

        mSalt = in.createByteArray();

        mDifficulty = in.readInt();

    }

    @Override

        /**

         * The algorithm used to derive cryptographic material from the key and salt. One of

         * {@link android.security.keystore.recovery.KeyDerivationParams#ALGORITHM_SHA256} or

         * {@link android.security.keystore.recovery.KeyDerivationParams#ALGORITHM_ARGON2ID}.

         * {@link android.security.keystore.recovery.KeyDerivationParams#ALGORITHM_SCRYPT}.

         */

        static final String COLUMN_NAME_KEY_DERIVATION_ALGORITHM = "key_derivation_algorithm";