Merge "Remove 17 bytes length restriction for vaultHandler." into pi-dev am: d9e1a8fd68

am: a7767c9fcc Change-Id: I7a9c00234159f3873744f2a33dd2d50ec6720ce6
author: Dmitry Dementyev <dementyev@google.com> 2018-03-23 17:55:23 +0000
committer: android-build-merger <android-build-merger@google.com> 2018-03-23 17:55:23 +0000
commit: bdfc53b3acbe5325d6cbedc1cb7a6882b282833c (patch)
tree: a3e8c13dcac571c48a9e35f11b1976cfff30db6d
parent: a762236f51dd4175dc909c8724a1696be6951e85 (diff)
parent: a7767c9fcc476c73c2f3ea4aa1290dc98edafe13 (diff)
2 files changed, 28 insertions, 7 deletions
diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncUtils.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncUtils.java
index a7d32ed268cd..57fb74db076a 100644
--- a/services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncUtils.java
+++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncUtils.java
@@ -61,8 +61,6 @@ public class KeySyncUtils {
     private static final byte[] THM_KF_HASH_PREFIX = "THM_KF_hash".getBytes(StandardCharsets.UTF_8);
 
     private static final int KEY_CLAIMANT_LENGTH_BYTES = 16;
-    private static final int VAULT_PARAMS_LENGTH_BYTES = 94;
-    private static final int VAULT_HANDLE_LENGTH_BYTES = 17;
 
     /**
      * Encrypts the recovery key using both the lock screen hash and the remote storage's public
@@ -298,8 +296,12 @@ public class KeySyncUtils {
      */
     public static byte[] packVaultParams(
             PublicKey thmPublicKey, long counterId, int maxAttempts, byte[] vaultHandle) {
-        // TODO: Check if vaultHandle has exactly the length of VAULT_HANDLE_LENGTH_BYTES somewhere
-        return ByteBuffer.allocate(VAULT_PARAMS_LENGTH_BYTES)
+        int vaultParamsLength
+                = 65 // public key
+                + 8 // counterId
+                + 4 // maxAttempts
+                + vaultHandle.length;
+        return ByteBuffer.allocate(vaultParamsLength)
                 .order(ByteOrder.LITTLE_ENDIAN)
                 .put(SecureBox.encodePublicKey(thmPublicKey))
                 .putLong(counterId)
diff --git a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncUtilsTest.java b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncUtilsTest.java
index a251c9d7898e..fae48c68b8db 100644
--- a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncUtilsTest.java
+++ b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncUtilsTest.java
@@ -52,6 +52,8 @@ public class KeySyncUtilsTest {
     private static final int KEY_CLAIMANT_LENGTH_BYTES = 16;
     private static final byte[] TEST_VAULT_HANDLE =
             new byte[]{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17};
+    private static final int VAULT_PARAMS_LENGTH_BYTES = 94;
+    private static final int VAULT_HANDLE_LENGTH_BYTES = 17;
     private static final String SHA_256_ALGORITHM = "SHA-256";
     private static final String APPLICATION_KEY_ALGORITHM = "AES";
     private static final byte[] LOCK_SCREEN_HASH_1 =
@@ -63,8 +65,7 @@ public class KeySyncUtilsTest {
     private static final byte[] RECOVERY_RESPONSE_HEADER =
             "V1 reencrypted_recovery_key".getBytes(StandardCharsets.UTF_8);
     private static final int PUBLIC_KEY_LENGTH_BYTES = 65;
-    private static final int VAULT_PARAMS_LENGTH_BYTES = 94;
-    private static final int VAULT_HANDLE_LENGTH_BYTES = 17;
+
 
     @Test
     public void calculateThmKfHash_isShaOfLockScreenHashWithPrefix() throws Exception {
@@ -345,7 +346,7 @@ public class KeySyncUtilsTest {
     }
 
     @Test
-    public void packVaultParams_returns94Bytes() throws Exception {
+    public void packVaultParams_returnsCorrectSize() throws Exception {
         PublicKey thmPublicKey = SecureBox.genKeyPair().getPublic();
 
         byte[] packedForm = KeySyncUtils.packVaultParams(
@@ -420,6 +421,24 @@ public class KeySyncUtilsTest {
         assertArrayEquals(TEST_VAULT_HANDLE, vaultHandle);
     }
 
+    @Test
+    public void packVaultParams_encodesVaultHandleWithLength8AsLastParam() throws Exception {
+        byte[] vaultHandleWithLenght8 = new byte[] {1, 2, 3, 4, 1, 2, 3, 4};
+        byte[] packedForm = KeySyncUtils.packVaultParams(
+                SecureBox.genKeyPair().getPublic(),
+                /*counterId=*/ 10021L,
+                /*maxAttempts=*/ 10,
+                vaultHandleWithLenght8);
+
+        ByteBuffer byteBuffer = ByteBuffer.wrap(packedForm)
+                .order(ByteOrder.LITTLE_ENDIAN);
+        assertEquals(PUBLIC_KEY_LENGTH_BYTES + Long.BYTES + Integer.BYTES + 8, packedForm.length);
+        byteBuffer.position(PUBLIC_KEY_LENGTH_BYTES + Long.BYTES + Integer.BYTES);
+        byte[] vaultHandle = new byte[8];
+        byteBuffer.get(vaultHandle);
+        assertArrayEquals(vaultHandleWithLenght8, vaultHandle);
+    }
+
     private static byte[] randomBytes(int n) {
         byte[] bytes = new byte[n];
         new Random().nextBytes(bytes);
author	Dmitry Dementyev <dementyev@google.com>	2018-03-23 17:55:23 +0000
committer	android-build-merger <android-build-merger@google.com>	2018-03-23 17:55:23 +0000
commit	bdfc53b3acbe5325d6cbedc1cb7a6882b282833c (patch)
tree	a3e8c13dcac571c48a9e35f11b1976cfff30db6d
parent	a762236f51dd4175dc909c8724a1696be6951e85 (diff)
parent	a7767c9fcc476c73c2f3ea4aa1290dc98edafe13 (diff)