am 6d41504d: Merge "Move frameworks users over to libcore hex encoding API."

* commit '6d41504d2c2111a55a4c06dd6b183318efd7c598': Move frameworks users over to libcore hex encoding API.
2014-12-17 13:39:32 +00:00
parent 68a81bd881 6d41504d2c
commit 681e6df122
2 changed files with 26 additions and 26 deletions
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java
@@ -48,6 +48,9 @@ import android.widget.Button;

 import com.android.internal.R;
 import com.google.android.collect.Lists;
+import java.io.ByteArrayOutputStream;
+import java.nio.charset.StandardCharsets;
+import libcore.util.HexEncoding;

 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
@@ -359,7 +362,7 @@ public class LockPatternUtils {
     */
    public boolean checkPasswordHistory(String password) {
        String passwordHashString = new String(
-                passwordToHash(password, getCurrentOrCallingUserId()));
+                passwordToHash(password, getCurrentOrCallingUserId()), StandardCharsets.UTF_8);
        String passwordHistory = getString(PASSWORD_HISTORY_KEY);
        if (passwordHistory == null) {
            return false;
@@ -860,7 +863,7 @@ public class LockPatternUtils {
                    passwordHistory = "";
                } else {
                    byte[] hash = passwordToHash(password, userHandle);
-                    passwordHistory = new String(hash) + "," + passwordHistory;
+                    passwordHistory = new String(hash, StandardCharsets.UTF_8) + "," + passwordHistory;
                    // Cut it to contain passwordHistoryLength hashes
                    // and passwordHistoryLength -1 commas.
                    passwordHistory = passwordHistory.substring(0, Math.min(hash.length
@@ -1040,34 +1043,30 @@ public class LockPatternUtils {
     * Generate a hash for the given password. To avoid brute force attacks, we use a salted hash.
     * Not the most secure, but it is at least a second level of protection. First level is that
     * the file is in a location only readable by the system process.
+     *
     * @param password the gesture pattern.
+     *
     * @return the hash of the pattern in a byte array.
     */
    public byte[] passwordToHash(String password, int userId) {
        if (password == null) {
            return null;
        }
-        String algo = null;
-        byte[] hashed = null;
+
        try {
            byte[] saltedPassword = (password + getSalt(userId)).getBytes();
-            byte[] sha1 = MessageDigest.getInstance(algo = "SHA-1").digest(saltedPassword);
-            byte[] md5 = MessageDigest.getInstance(algo = "MD5").digest(saltedPassword);
-            hashed = (toHex(sha1) + toHex(md5)).getBytes();
-        } catch (NoSuchAlgorithmException e) {
-            Log.w(TAG, "Failed to encode string because of missing algorithm: " + algo);
-        }
-        return hashed;
-    }
+            byte[] sha1 = MessageDigest.getInstance("SHA-1").digest(saltedPassword);
+            byte[] md5 = MessageDigest.getInstance("MD5").digest(saltedPassword);

-    private static String toHex(byte[] ary) {
-        final String hex = "0123456789ABCDEF";
-        String ret = "";
-        for (int i = 0; i < ary.length; i++) {
-            ret += hex.charAt((ary[i] >> 4) & 0xf);
-            ret += hex.charAt(ary[i] & 0xf);
+            byte[] combined = new byte[sha1.length + md5.length];
+            System.arraycopy(sha1, 0, combined, 0, sha1.length);
+            System.arraycopy(md5, 0, combined, sha1.length, md5.length);
+
+            final char[] hexEncoded = HexEncoding.encode(combined);
+            return new String(hexEncoded).getBytes(StandardCharsets.UTF_8);
+        } catch (NoSuchAlgorithmException e) {
+            throw new AssertionError("Missing digest algorithm: ", e);
        }
-        return ret;
    }

    /**
--- a/services/core/java/com/android/server/MountService.java
+++ b/services/core/java/com/android/server/MountService.java
@@ -76,9 +76,8 @@ import com.android.server.pm.PackageManagerService;
 import com.android.server.pm.UserManagerService;
 import com.google.android.collect.Lists;
 import com.google.android.collect.Maps;
+import libcore.util.HexEncoding;

-import org.apache.commons.codec.binary.Hex;
-import org.apache.commons.codec.DecoderException;
 import org.xmlpull.v1.XmlPullParserException;

 import java.io.File;
@@ -2158,10 +2157,10 @@ class MountService extends IMountService.Stub

    private String toHex(String password) {
        if (password == null) {
-            return new String();
+            return "";
        }
        byte[] bytes = password.getBytes(StandardCharsets.UTF_8);
-        return new String(Hex.encodeHex(bytes));
+        return new String(HexEncoding.encode(bytes));
    }

    private String fromHex(String hexPassword) {
@@ -2169,12 +2168,14 @@ class MountService extends IMountService.Stub
            return null;
        }

+        final byte[] bytes;
        try {
-            byte[] bytes = Hex.decodeHex(hexPassword.toCharArray());
-            return new String(bytes, StandardCharsets.UTF_8);
-        } catch (DecoderException e) {
+            bytes = HexEncoding.decode(hexPassword.toCharArray(), false);
+        } catch (IllegalArgumentException e) {
            return null;
        }
+
+        return new String(bytes, StandardCharsets.UTF_8);
    }

    @Override