1 /*
2  * Copyright (C) 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License
15  */
16 
17 package com.android.server.backup.utils;
18 
19 import static com.android.server.backup.BackupManagerService.TAG;
20 
21 import android.util.Slog;
22 
23 import libcore.util.HexEncoding;
24 
25 import java.security.Key;
26 import java.security.NoSuchAlgorithmException;
27 import java.security.spec.InvalidKeySpecException;
28 import java.security.spec.KeySpec;
29 
30 import javax.crypto.SecretKey;
31 import javax.crypto.SecretKeyFactory;
32 import javax.crypto.spec.PBEKeySpec;
33 
34 /**
35  * Passwords related utility methods.
36  */
37 public class PasswordUtils {
38     // Configuration of PBKDF2 that we use for generating pw hashes and intermediate keys
39     public static final int PBKDF2_HASH_ROUNDS = 10000;
40     private static final int PBKDF2_KEY_SIZE = 256;     // bits
41     public static final int PBKDF2_SALT_SIZE = 512;    // bits
42     public static final String ENCRYPTION_ALGORITHM_NAME = "AES-256";
43 
44     /**
45      * Creates {@link SecretKey} instance from given parameters.
46      *
47      * @param algorithm - key generation algorithm.
48      * @param pw - password.
49      * @param salt - salt.
50      * @param rounds - number of rounds to run in key generation.
51      * @return {@link SecretKey} instance or null in case of an error.
52      */
buildPasswordKey(String algorithm, String pw, byte[] salt, int rounds)53     public static SecretKey buildPasswordKey(String algorithm, String pw, byte[] salt, int rounds) {
54         return buildCharArrayKey(algorithm, pw.toCharArray(), salt, rounds);
55     }
56 
57     /**
58      * Generates {@link SecretKey} instance from given parameters and returns it's hex
59      * representation.
60      *
61      * @param algorithm - key generation algorithm.
62      * @param pw - password.
63      * @param salt - salt.
64      * @param rounds - number of rounds to run in key generation.
65      * @return Hex representation of the generated key, or null if generation failed.
66      */
buildPasswordHash(String algorithm, String pw, byte[] salt, int rounds)67     public static String buildPasswordHash(String algorithm, String pw, byte[] salt, int rounds) {
68         SecretKey key = buildPasswordKey(algorithm, pw, salt, rounds);
69         if (key != null) {
70             return byteArrayToHex(key.getEncoded());
71         }
72         return null;
73     }
74 
75     /**
76      * Creates hex string representation of the byte array.
77      */
byteArrayToHex(byte[] data)78     public static String byteArrayToHex(byte[] data) {
79         return HexEncoding.encodeToString(data, true);
80     }
81 
82     /**
83      * Creates byte array from it's hex string representation.
84      */
hexToByteArray(String digits)85     public static byte[] hexToByteArray(String digits) {
86         final int bytes = digits.length() / 2;
87         if (2 * bytes != digits.length()) {
88             throw new IllegalArgumentException("Hex string must have an even number of digits");
89         }
90 
91         byte[] result = new byte[bytes];
92         for (int i = 0; i < digits.length(); i += 2) {
93             result[i / 2] = (byte) Integer.parseInt(digits.substring(i, i + 2), 16);
94         }
95         return result;
96     }
97 
98     /**
99      * Generates {@link SecretKey} instance from given parameters and returns it's checksum.
100      *
101      * Current implementation returns the key in its primary encoding format.
102      *
103      * @param algorithm - key generation algorithm.
104      * @param pwBytes - password.
105      * @param salt - salt.
106      * @param rounds - number of rounds to run in key generation.
107      * @return Hex representation of the generated key, or null if generation failed.
108      */
makeKeyChecksum(String algorithm, byte[] pwBytes, byte[] salt, int rounds)109     public static byte[] makeKeyChecksum(String algorithm, byte[] pwBytes, byte[] salt,
110             int rounds) {
111         char[] mkAsChar = new char[pwBytes.length];
112         for (int i = 0; i < pwBytes.length; i++) {
113             mkAsChar[i] = (char) pwBytes[i];
114         }
115 
116         Key checksum = buildCharArrayKey(algorithm, mkAsChar, salt, rounds);
117         return checksum.getEncoded();
118     }
119 
buildCharArrayKey(String algorithm, char[] pwArray, byte[] salt, int rounds)120     private static SecretKey buildCharArrayKey(String algorithm, char[] pwArray, byte[] salt,
121             int rounds) {
122         try {
123             SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(algorithm);
124             KeySpec ks = new PBEKeySpec(pwArray, salt, rounds, PBKDF2_KEY_SIZE);
125             return keyFactory.generateSecret(ks);
126         } catch (InvalidKeySpecException e) {
127             Slog.e(TAG, "Invalid key spec for PBKDF2!");
128         } catch (NoSuchAlgorithmException e) {
129             Slog.e(TAG, "PBKDF2 unavailable!");
130         }
131         return null;
132     }
133 }
134