| Rubin Xu | 3bf722a | 2016-12-15 16:07:38 +0000 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2017 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| Andrew Scull | 507d11c | 2017-05-03 17:19:01 +0100 | [diff] [blame] | 16 | package com.android.server.locksettings; |
| Rubin Xu | 3bf722a | 2016-12-15 16:07:38 +0000 | [diff] [blame] | 17 | |
| Rubin Xu | 7b7424b | 2017-03-31 18:03:20 +0100 | [diff] [blame] | 18 | import android.hardware.weaver.V1_0.IWeaver; |
| 19 | import android.os.RemoteException; |
| Adrian Roos | 7374d3a | 2017-03-31 14:14:53 -0700 | [diff] [blame] | 20 | import android.os.UserManager; |
| Rubin Xu | 3bf722a | 2016-12-15 16:07:38 +0000 | [diff] [blame] | 21 | import android.util.ArrayMap; |
| 22 | |
| 23 | import junit.framework.AssertionFailedError; |
| 24 | |
| 25 | import java.nio.ByteBuffer; |
| 26 | import java.security.NoSuchAlgorithmException; |
| 27 | import java.security.spec.InvalidKeySpecException; |
| 28 | import java.util.Arrays; |
| 29 | |
| 30 | import javax.crypto.SecretKeyFactory; |
| 31 | import javax.crypto.spec.PBEKeySpec; |
| 32 | |
| 33 | public class MockSyntheticPasswordManager extends SyntheticPasswordManager { |
| 34 | |
| Rubin Xu | 16c823e | 2017-06-27 14:44:58 +0100 | [diff] [blame^] | 35 | private FakeGateKeeperService mGateKeeper; |
| Rubin Xu | 7b7424b | 2017-03-31 18:03:20 +0100 | [diff] [blame] | 36 | private IWeaver mWeaverService; |
| Rubin Xu | 3bf722a | 2016-12-15 16:07:38 +0000 | [diff] [blame] | 37 | |
| 38 | public MockSyntheticPasswordManager(LockSettingsStorage storage, |
| Rubin Xu | 16c823e | 2017-06-27 14:44:58 +0100 | [diff] [blame^] | 39 | FakeGateKeeperService gatekeeper, UserManager userManager) { |
| Adrian Roos | 7374d3a | 2017-03-31 14:14:53 -0700 | [diff] [blame] | 40 | super(storage, userManager); |
| Rubin Xu | 3bf722a | 2016-12-15 16:07:38 +0000 | [diff] [blame] | 41 | mGateKeeper = gatekeeper; |
| 42 | } |
| 43 | |
| 44 | private ArrayMap<String, byte[]> mBlobs = new ArrayMap<>(); |
| 45 | |
| 46 | @Override |
| 47 | protected byte[] decryptSPBlob(String blobKeyName, byte[] blob, byte[] applicationId) { |
| 48 | if (mBlobs.containsKey(blobKeyName) && !Arrays.equals(mBlobs.get(blobKeyName), blob)) { |
| 49 | throw new AssertionFailedError("blobKeyName content is overwritten: " + blobKeyName); |
| 50 | } |
| 51 | ByteBuffer buffer = ByteBuffer.allocate(blob.length); |
| 52 | buffer.put(blob, 0, blob.length); |
| 53 | buffer.flip(); |
| 54 | int len; |
| 55 | len = buffer.getInt(); |
| 56 | byte[] data = new byte[len]; |
| 57 | buffer.get(data); |
| 58 | len = buffer.getInt(); |
| 59 | byte[] appId = new byte[len]; |
| 60 | buffer.get(appId); |
| 61 | long sid = buffer.getLong(); |
| 62 | if (!Arrays.equals(appId, applicationId)) { |
| 63 | throw new AssertionFailedError("Invalid application id"); |
| 64 | } |
| 65 | if (sid != 0 && mGateKeeper.getAuthTokenForSid(sid) == null) { |
| 66 | throw new AssertionFailedError("No valid auth token"); |
| 67 | } |
| 68 | return data; |
| 69 | } |
| 70 | |
| 71 | @Override |
| 72 | protected byte[] createSPBlob(String blobKeyName, byte[] data, byte[] applicationId, long sid) { |
| 73 | ByteBuffer buffer = ByteBuffer.allocate(Integer.BYTES + data.length + Integer.BYTES |
| 74 | + applicationId.length + Long.BYTES); |
| 75 | buffer.putInt(data.length); |
| 76 | buffer.put(data); |
| 77 | buffer.putInt(applicationId.length); |
| 78 | buffer.put(applicationId); |
| 79 | buffer.putLong(sid); |
| 80 | byte[] result = buffer.array(); |
| 81 | mBlobs.put(blobKeyName, result); |
| 82 | return result; |
| 83 | } |
| 84 | |
| 85 | @Override |
| 86 | protected void destroySPBlobKey(String keyAlias) { |
| 87 | } |
| 88 | |
| 89 | @Override |
| 90 | protected long sidFromPasswordHandle(byte[] handle) { |
| Rubin Xu | 16c823e | 2017-06-27 14:44:58 +0100 | [diff] [blame^] | 91 | return new FakeGateKeeperService.VerifyHandle(handle).sid; |
| Rubin Xu | 3bf722a | 2016-12-15 16:07:38 +0000 | [diff] [blame] | 92 | } |
| 93 | |
| 94 | @Override |
| 95 | protected byte[] scrypt(String password, byte[] salt, int N, int r, int p, int outLen) { |
| 96 | try { |
| 97 | PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, 10, outLen * 8); |
| 98 | SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); |
| 99 | return f.generateSecret(spec).getEncoded(); |
| 100 | } catch (InvalidKeySpecException | NoSuchAlgorithmException e) { |
| 101 | e.printStackTrace(); |
| 102 | return null; |
| 103 | } |
| 104 | } |
| 105 | |
| Rubin Xu | 7b7424b | 2017-03-31 18:03:20 +0100 | [diff] [blame] | 106 | @Override |
| 107 | protected IWeaver getWeaverService() throws RemoteException { |
| 108 | return mWeaverService; |
| 109 | } |
| 110 | |
| 111 | public void enableWeaver() { |
| 112 | mWeaverService = new MockWeaverService(); |
| 113 | initWeaverService(); |
| 114 | } |
| 115 | |
| Rubin Xu | 3bf722a | 2016-12-15 16:07:38 +0000 | [diff] [blame] | 116 | } |