Blame - services/core/java/com/android/server/accounts/CryptoHelper.java - platform/frameworks/base

blob: 2ade673523acf25376cd25cfa0994e395e994e37 [file] [log] [blame]

Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	1	package com.android.server.accounts;
				2
				3	import android.annotation.NonNull;
				4	import android.annotation.Nullable;
				5	import android.os.Bundle;
				6	import android.os.Parcel;
				7	import android.util.Log;
				8
				9	import com.android.internal.util.Preconditions;
				10
				11	import java.security.GeneralSecurityException;
				12	import java.security.NoSuchAlgorithmException;
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	13
				14	import javax.crypto.Cipher;
				15	import javax.crypto.KeyGenerator;
				16	import javax.crypto.Mac;
				17	import javax.crypto.SecretKey;
				18	import javax.crypto.spec.IvParameterSpec;
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	19
				20	/**
				21	* A crypto helper for encrypting and decrypting bundle with in-memory symmetric
				22	* key for {@link AccountManagerService}.
				23	*/
				24	/* default */ class CryptoHelper {
				25	private static final String TAG = "Account";
				26
				27	private static final String KEY_CIPHER = "cipher";
				28	private static final String KEY_MAC = "mac";
				29	private static final String KEY_ALGORITHM = "AES";
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	30	private static final String KEY_IV = "iv";
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	31	private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";
				32	private static final String MAC_ALGORITHM = "HMACSHA256";
				33	private static final int IV_LENGTH = 16;
				34
				35	private static CryptoHelper sInstance;
				36	// Keys used for encrypting and decrypting data returned in a Bundle.
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	37	private final SecretKey mEncryptionKey;
				38	private final SecretKey mMacKey;
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	39
				40	/* default */ synchronized static CryptoHelper getInstance() throws NoSuchAlgorithmException {
				41	if (sInstance == null) {
				42	sInstance = new CryptoHelper();
				43	}
				44	return sInstance;
				45	}
				46
				47	private CryptoHelper() throws NoSuchAlgorithmException {
				48	KeyGenerator kgen = KeyGenerator.getInstance(KEY_ALGORITHM);
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	49	mEncryptionKey = kgen.generateKey();
				50	// Use a different key for mac-ing than encryption/decryption.
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	51	kgen = KeyGenerator.getInstance(MAC_ALGORITHM);
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	52	mMacKey = kgen.generateKey();
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	53	}
				54
				55	@NonNull
				56	/* default */ Bundle encryptBundle(@NonNull Bundle bundle) throws GeneralSecurityException {
				57	Preconditions.checkNotNull(bundle, "Cannot encrypt null bundle.");
				58	Parcel parcel = Parcel.obtain();
				59	bundle.writeToParcel(parcel, 0);
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	60	byte[] clearBytes = parcel.marshall();
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	61	parcel.recycle();
				62
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	63	Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
				64	cipher.init(Cipher.ENCRYPT_MODE, mEncryptionKey);
				65	byte[] encryptedBytes = cipher.doFinal(clearBytes);
				66	byte[] iv = cipher.getIV();
				67	byte[] mac = createMac(encryptedBytes, iv);
				68
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	69	Bundle encryptedBundle = new Bundle();
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	70	encryptedBundle.putByteArray(KEY_CIPHER, encryptedBytes);
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	71	encryptedBundle.putByteArray(KEY_MAC, mac);
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	72	encryptedBundle.putByteArray(KEY_IV, iv);
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	73
				74	return encryptedBundle;
				75	}
				76
				77	@Nullable
				78	/* default */ Bundle decryptBundle(@NonNull Bundle bundle) throws GeneralSecurityException {
				79	Preconditions.checkNotNull(bundle, "Cannot decrypt null bundle.");
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	80	byte[] iv = bundle.getByteArray(KEY_IV);
				81	byte[] encryptedBytes = bundle.getByteArray(KEY_CIPHER);
				82	byte[] mac = bundle.getByteArray(KEY_MAC);
				83	if (!verifyMac(encryptedBytes, iv, mac)) {
				84	Log.w(TAG, "Escrow mac mismatched!");
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	85	return null;
				86	}
				87
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	88	IvParameterSpec ivSpec = new IvParameterSpec(iv);
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	89	Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	90	cipher.init(Cipher.DECRYPT_MODE, mEncryptionKey, ivSpec);
				91	byte[] decryptedBytes = cipher.doFinal(encryptedBytes);
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	92
				93	Parcel decryptedParcel = Parcel.obtain();
				94	decryptedParcel.unmarshall(decryptedBytes, 0, decryptedBytes.length);
				95	decryptedParcel.setDataPosition(0);
				96	Bundle decryptedBundle = new Bundle();
				97	decryptedBundle.readFromParcel(decryptedParcel);
				98	decryptedParcel.recycle();
				99	return decryptedBundle;
				100	}
				101
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	102	private boolean verifyMac(@Nullable byte[] cipherArray, @Nullable byte[] iv, @Nullable byte[] macArray)
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	103	throws GeneralSecurityException {
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	104	if (cipherArray == null \|\| cipherArray.length == 0 \|\| macArray == null
				105	\|\| macArray.length == 0) {
				106	if (Log.isLoggable(TAG, Log.VERBOSE)) {
				107	Log.v(TAG, "Cipher or MAC is empty!");
				108	}
				109	return false;
				110	}
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	111	return constantTimeArrayEquals(macArray, createMac(cipherArray, iv));
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	112	}
				113
				114	@NonNull
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	115	private byte[] createMac(@NonNull byte[] cipher, @NonNull byte[] iv) throws GeneralSecurityException {
				116	Mac mac = Mac.getInstance(MAC_ALGORITHM);
				117	mac.init(mMacKey);
				118	mac.update(cipher);
				119	mac.update(iv);
				120	return mac.doFinal();
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	121	}
				122
Carlos Valdivia	766b283	2016-04-06 17:42:51 -0700	[diff] [blame]	123	private static boolean constantTimeArrayEquals(byte[] a, byte[] b) {
				124	if (a == null \|\| b == null) {
				125	return a == b;
				126	}
				127	if (a.length != b.length) {
				128	return false;
				129	}
				130	boolean isEqual = true;
				131	for (int i = 0; i < b.length; i++) {
				132	isEqual &= (a[i] == b[i]);
				133	}
				134	return isEqual;
Sandra Kwan	7881228	2015-11-04 11:19:47 -0800	[diff] [blame]	135	}
				136	}