Loading services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java +17 −17 Original line number Original line Diff line number Diff line Loading @@ -116,9 +116,9 @@ public class SyntheticPasswordManager { // 256-bit synthetic password // 256-bit synthetic password private static final byte SYNTHETIC_PASSWORD_LENGTH = 256 / 8; private static final byte SYNTHETIC_PASSWORD_LENGTH = 256 / 8; private static final int PASSWORD_SCRYPT_N = 11; private static final int PASSWORD_SCRYPT_LOG_N = 11; private static final int PASSWORD_SCRYPT_R = 3; private static final int PASSWORD_SCRYPT_LOG_R = 3; private static final int PASSWORD_SCRYPT_P = 1; private static final int PASSWORD_SCRYPT_LOG_P = 1; private static final int PASSWORD_SALT_LENGTH = 16; private static final int PASSWORD_SALT_LENGTH = 16; private static final int PASSWORD_TOKEN_LENGTH = 32; private static final int PASSWORD_TOKEN_LENGTH = 32; private static final String TAG = "SyntheticPasswordManager"; private static final String TAG = "SyntheticPasswordManager"; Loading Loading @@ -308,9 +308,9 @@ public class SyntheticPasswordManager { } } static class PasswordData { static class PasswordData { byte scryptN; byte scryptLogN; byte scryptR; byte scryptLogR; byte scryptP; byte scryptLogP; public int credentialType; public int credentialType; byte[] salt; byte[] salt; // For GateKeeper-based credential, this is the password handle returned by GK, // For GateKeeper-based credential, this is the password handle returned by GK, Loading @@ -319,9 +319,9 @@ public class SyntheticPasswordManager { public static PasswordData create(int passwordType) { public static PasswordData create(int passwordType) { PasswordData result = new PasswordData(); PasswordData result = new PasswordData(); result.scryptN = PASSWORD_SCRYPT_N; result.scryptLogN = PASSWORD_SCRYPT_LOG_N; result.scryptR = PASSWORD_SCRYPT_R; result.scryptLogR = PASSWORD_SCRYPT_LOG_R; result.scryptP = PASSWORD_SCRYPT_P; result.scryptLogP = PASSWORD_SCRYPT_LOG_P; result.credentialType = passwordType; result.credentialType = passwordType; result.salt = secureRandom(PASSWORD_SALT_LENGTH); result.salt = secureRandom(PASSWORD_SALT_LENGTH); return result; return result; Loading @@ -333,9 +333,9 @@ public class SyntheticPasswordManager { buffer.put(data, 0, data.length); buffer.put(data, 0, data.length); buffer.flip(); buffer.flip(); result.credentialType = buffer.getInt(); result.credentialType = buffer.getInt(); result.scryptN = buffer.get(); result.scryptLogN = buffer.get(); result.scryptR = buffer.get(); result.scryptLogR = buffer.get(); result.scryptP = buffer.get(); result.scryptLogP = buffer.get(); int saltLen = buffer.getInt(); int saltLen = buffer.getInt(); result.salt = new byte[saltLen]; result.salt = new byte[saltLen]; buffer.get(result.salt); buffer.get(result.salt); Loading @@ -355,9 +355,9 @@ public class SyntheticPasswordManager { + Integer.BYTES + salt.length + Integer.BYTES + + Integer.BYTES + salt.length + Integer.BYTES + (passwordHandle != null ? passwordHandle.length : 0)); (passwordHandle != null ? passwordHandle.length : 0)); buffer.putInt(credentialType); buffer.putInt(credentialType); buffer.put(scryptN); buffer.put(scryptLogN); buffer.put(scryptR); buffer.put(scryptLogR); buffer.put(scryptP); buffer.put(scryptLogP); buffer.putInt(salt.length); buffer.putInt(salt.length); buffer.put(salt); buffer.put(salt); if (passwordHandle != null && passwordHandle.length > 0) { if (passwordHandle != null && passwordHandle.length > 0) { Loading Loading @@ -1373,8 +1373,8 @@ public class SyntheticPasswordManager { private byte[] computePasswordToken(LockscreenCredential credential, PasswordData data) { private byte[] computePasswordToken(LockscreenCredential credential, PasswordData data) { final byte[] password = credential.isNone() ? DEFAULT_PASSWORD : credential.getCredential(); final byte[] password = credential.isNone() ? DEFAULT_PASSWORD : credential.getCredential(); return scrypt(password, data.salt, 1 << data.scryptN, 1 << data.scryptR, 1 << data.scryptP, return scrypt(password, data.salt, 1 << data.scryptLogN, 1 << data.scryptLogR, PASSWORD_TOKEN_LENGTH); 1 << data.scryptLogP, PASSWORD_TOKEN_LENGTH); } } private byte[] passwordTokenToGkInput(byte[] token) { private byte[] passwordTokenToGkInput(byte[] token) { Loading services/tests/servicestests/src/com/android/server/locksettings/SyntheticPasswordTests.java +12 −12 Original line number Original line Diff line number Diff line Loading @@ -461,18 +461,18 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { @Test @Test public void testPasswordData_serializeDeserialize() { public void testPasswordData_serializeDeserialize() { PasswordData data = new PasswordData(); PasswordData data = new PasswordData(); data.scryptN = 11; data.scryptLogN = 11; data.scryptR = 22; data.scryptLogR = 22; data.scryptP = 33; data.scryptLogP = 33; data.credentialType = CREDENTIAL_TYPE_PASSWORD; data.credentialType = CREDENTIAL_TYPE_PASSWORD; data.salt = PAYLOAD; data.salt = PAYLOAD; data.passwordHandle = PAYLOAD2; data.passwordHandle = PAYLOAD2; PasswordData deserialized = PasswordData.fromBytes(data.toBytes()); PasswordData deserialized = PasswordData.fromBytes(data.toBytes()); assertEquals(11, deserialized.scryptN); assertEquals(11, deserialized.scryptLogN); assertEquals(22, deserialized.scryptR); assertEquals(22, deserialized.scryptLogR); assertEquals(33, deserialized.scryptP); assertEquals(33, deserialized.scryptLogP); assertEquals(CREDENTIAL_TYPE_PASSWORD, deserialized.credentialType); assertEquals(CREDENTIAL_TYPE_PASSWORD, deserialized.credentialType); assertArrayEquals(PAYLOAD, deserialized.salt); assertArrayEquals(PAYLOAD, deserialized.salt); assertArrayEquals(PAYLOAD2, deserialized.passwordHandle); assertArrayEquals(PAYLOAD2, deserialized.passwordHandle); Loading @@ -484,9 +484,9 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { // wire format. // wire format. byte[] serialized = new byte[] { byte[] serialized = new byte[] { 0, 0, 0, 2, /* CREDENTIAL_TYPE_PASSWORD_OR_PIN */ 0, 0, 0, 2, /* CREDENTIAL_TYPE_PASSWORD_OR_PIN */ 11, /* scryptN */ 11, /* scryptLogN */ 22, /* scryptR */ 22, /* scryptLogR */ 33, /* scryptP */ 33, /* scryptLogP */ 0, 0, 0, 5, /* salt.length */ 0, 0, 0, 5, /* salt.length */ 1, 2, -1, -2, 55, /* salt */ 1, 2, -1, -2, 55, /* salt */ 0, 0, 0, 6, /* passwordHandle.length */ 0, 0, 0, 6, /* passwordHandle.length */ Loading @@ -494,9 +494,9 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { }; }; PasswordData deserialized = PasswordData.fromBytes(serialized); PasswordData deserialized = PasswordData.fromBytes(serialized); assertEquals(11, deserialized.scryptN); assertEquals(11, deserialized.scryptLogN); assertEquals(22, deserialized.scryptR); assertEquals(22, deserialized.scryptLogR); assertEquals(33, deserialized.scryptP); assertEquals(33, deserialized.scryptLogP); assertEquals(CREDENTIAL_TYPE_PASSWORD_OR_PIN, deserialized.credentialType); assertEquals(CREDENTIAL_TYPE_PASSWORD_OR_PIN, deserialized.credentialType); assertArrayEquals(PAYLOAD, deserialized.salt); assertArrayEquals(PAYLOAD, deserialized.salt); assertArrayEquals(PAYLOAD2, deserialized.passwordHandle); assertArrayEquals(PAYLOAD2, deserialized.passwordHandle); Loading Loading
services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java +17 −17 Original line number Original line Diff line number Diff line Loading @@ -116,9 +116,9 @@ public class SyntheticPasswordManager { // 256-bit synthetic password // 256-bit synthetic password private static final byte SYNTHETIC_PASSWORD_LENGTH = 256 / 8; private static final byte SYNTHETIC_PASSWORD_LENGTH = 256 / 8; private static final int PASSWORD_SCRYPT_N = 11; private static final int PASSWORD_SCRYPT_LOG_N = 11; private static final int PASSWORD_SCRYPT_R = 3; private static final int PASSWORD_SCRYPT_LOG_R = 3; private static final int PASSWORD_SCRYPT_P = 1; private static final int PASSWORD_SCRYPT_LOG_P = 1; private static final int PASSWORD_SALT_LENGTH = 16; private static final int PASSWORD_SALT_LENGTH = 16; private static final int PASSWORD_TOKEN_LENGTH = 32; private static final int PASSWORD_TOKEN_LENGTH = 32; private static final String TAG = "SyntheticPasswordManager"; private static final String TAG = "SyntheticPasswordManager"; Loading Loading @@ -308,9 +308,9 @@ public class SyntheticPasswordManager { } } static class PasswordData { static class PasswordData { byte scryptN; byte scryptLogN; byte scryptR; byte scryptLogR; byte scryptP; byte scryptLogP; public int credentialType; public int credentialType; byte[] salt; byte[] salt; // For GateKeeper-based credential, this is the password handle returned by GK, // For GateKeeper-based credential, this is the password handle returned by GK, Loading @@ -319,9 +319,9 @@ public class SyntheticPasswordManager { public static PasswordData create(int passwordType) { public static PasswordData create(int passwordType) { PasswordData result = new PasswordData(); PasswordData result = new PasswordData(); result.scryptN = PASSWORD_SCRYPT_N; result.scryptLogN = PASSWORD_SCRYPT_LOG_N; result.scryptR = PASSWORD_SCRYPT_R; result.scryptLogR = PASSWORD_SCRYPT_LOG_R; result.scryptP = PASSWORD_SCRYPT_P; result.scryptLogP = PASSWORD_SCRYPT_LOG_P; result.credentialType = passwordType; result.credentialType = passwordType; result.salt = secureRandom(PASSWORD_SALT_LENGTH); result.salt = secureRandom(PASSWORD_SALT_LENGTH); return result; return result; Loading @@ -333,9 +333,9 @@ public class SyntheticPasswordManager { buffer.put(data, 0, data.length); buffer.put(data, 0, data.length); buffer.flip(); buffer.flip(); result.credentialType = buffer.getInt(); result.credentialType = buffer.getInt(); result.scryptN = buffer.get(); result.scryptLogN = buffer.get(); result.scryptR = buffer.get(); result.scryptLogR = buffer.get(); result.scryptP = buffer.get(); result.scryptLogP = buffer.get(); int saltLen = buffer.getInt(); int saltLen = buffer.getInt(); result.salt = new byte[saltLen]; result.salt = new byte[saltLen]; buffer.get(result.salt); buffer.get(result.salt); Loading @@ -355,9 +355,9 @@ public class SyntheticPasswordManager { + Integer.BYTES + salt.length + Integer.BYTES + + Integer.BYTES + salt.length + Integer.BYTES + (passwordHandle != null ? passwordHandle.length : 0)); (passwordHandle != null ? passwordHandle.length : 0)); buffer.putInt(credentialType); buffer.putInt(credentialType); buffer.put(scryptN); buffer.put(scryptLogN); buffer.put(scryptR); buffer.put(scryptLogR); buffer.put(scryptP); buffer.put(scryptLogP); buffer.putInt(salt.length); buffer.putInt(salt.length); buffer.put(salt); buffer.put(salt); if (passwordHandle != null && passwordHandle.length > 0) { if (passwordHandle != null && passwordHandle.length > 0) { Loading Loading @@ -1373,8 +1373,8 @@ public class SyntheticPasswordManager { private byte[] computePasswordToken(LockscreenCredential credential, PasswordData data) { private byte[] computePasswordToken(LockscreenCredential credential, PasswordData data) { final byte[] password = credential.isNone() ? DEFAULT_PASSWORD : credential.getCredential(); final byte[] password = credential.isNone() ? DEFAULT_PASSWORD : credential.getCredential(); return scrypt(password, data.salt, 1 << data.scryptN, 1 << data.scryptR, 1 << data.scryptP, return scrypt(password, data.salt, 1 << data.scryptLogN, 1 << data.scryptLogR, PASSWORD_TOKEN_LENGTH); 1 << data.scryptLogP, PASSWORD_TOKEN_LENGTH); } } private byte[] passwordTokenToGkInput(byte[] token) { private byte[] passwordTokenToGkInput(byte[] token) { Loading
services/tests/servicestests/src/com/android/server/locksettings/SyntheticPasswordTests.java +12 −12 Original line number Original line Diff line number Diff line Loading @@ -461,18 +461,18 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { @Test @Test public void testPasswordData_serializeDeserialize() { public void testPasswordData_serializeDeserialize() { PasswordData data = new PasswordData(); PasswordData data = new PasswordData(); data.scryptN = 11; data.scryptLogN = 11; data.scryptR = 22; data.scryptLogR = 22; data.scryptP = 33; data.scryptLogP = 33; data.credentialType = CREDENTIAL_TYPE_PASSWORD; data.credentialType = CREDENTIAL_TYPE_PASSWORD; data.salt = PAYLOAD; data.salt = PAYLOAD; data.passwordHandle = PAYLOAD2; data.passwordHandle = PAYLOAD2; PasswordData deserialized = PasswordData.fromBytes(data.toBytes()); PasswordData deserialized = PasswordData.fromBytes(data.toBytes()); assertEquals(11, deserialized.scryptN); assertEquals(11, deserialized.scryptLogN); assertEquals(22, deserialized.scryptR); assertEquals(22, deserialized.scryptLogR); assertEquals(33, deserialized.scryptP); assertEquals(33, deserialized.scryptLogP); assertEquals(CREDENTIAL_TYPE_PASSWORD, deserialized.credentialType); assertEquals(CREDENTIAL_TYPE_PASSWORD, deserialized.credentialType); assertArrayEquals(PAYLOAD, deserialized.salt); assertArrayEquals(PAYLOAD, deserialized.salt); assertArrayEquals(PAYLOAD2, deserialized.passwordHandle); assertArrayEquals(PAYLOAD2, deserialized.passwordHandle); Loading @@ -484,9 +484,9 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { // wire format. // wire format. byte[] serialized = new byte[] { byte[] serialized = new byte[] { 0, 0, 0, 2, /* CREDENTIAL_TYPE_PASSWORD_OR_PIN */ 0, 0, 0, 2, /* CREDENTIAL_TYPE_PASSWORD_OR_PIN */ 11, /* scryptN */ 11, /* scryptLogN */ 22, /* scryptR */ 22, /* scryptLogR */ 33, /* scryptP */ 33, /* scryptLogP */ 0, 0, 0, 5, /* salt.length */ 0, 0, 0, 5, /* salt.length */ 1, 2, -1, -2, 55, /* salt */ 1, 2, -1, -2, 55, /* salt */ 0, 0, 0, 6, /* passwordHandle.length */ 0, 0, 0, 6, /* passwordHandle.length */ Loading @@ -494,9 +494,9 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { }; }; PasswordData deserialized = PasswordData.fromBytes(serialized); PasswordData deserialized = PasswordData.fromBytes(serialized); assertEquals(11, deserialized.scryptN); assertEquals(11, deserialized.scryptLogN); assertEquals(22, deserialized.scryptR); assertEquals(22, deserialized.scryptLogR); assertEquals(33, deserialized.scryptP); assertEquals(33, deserialized.scryptLogP); assertEquals(CREDENTIAL_TYPE_PASSWORD_OR_PIN, deserialized.credentialType); assertEquals(CREDENTIAL_TYPE_PASSWORD_OR_PIN, deserialized.credentialType); assertArrayEquals(PAYLOAD, deserialized.salt); assertArrayEquals(PAYLOAD, deserialized.salt); assertArrayEquals(PAYLOAD2, deserialized.passwordHandle); assertArrayEquals(PAYLOAD2, deserialized.passwordHandle); Loading
