Merge "Change KeyStore to use Modified UTF-8 to match NativeCrypto"

bdcgoogle · android code review · commit d2237dfe7d84 · 2012-08-01T16:30:54.000-07:00
diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java
@@ -22,8 +22,9 @@
 import java.io.InputStream;
 import java.io.IOException;
 import java.io.OutputStream;
-import java.io.UnsupportedEncodingException;
+import java.io.UTFDataFormatException;
 import java.nio.charset.Charsets;
+import java.nio.charset.ModifiedUtf8;
 import java.util.ArrayList;
 
 /**
@@ -75,7 +76,7 @@ private byte[] get(byte[] key) {
     }
 
     public byte[] get(String key) {
-        return get(getBytes(key));
+        return get(getKeyBytes(key));
     }
 
     private boolean put(byte[] key, byte[] value) {
@@ -84,7 +85,7 @@ private boolean put(byte[] key, byte[] value) {
     }
 
     public boolean put(String key, byte[] value) {
-        return put(getBytes(key), value);
+        return put(getKeyBytes(key), value);
     }
 
     private boolean delete(byte[] key) {
@@ -93,7 +94,7 @@ private boolean delete(byte[] key) {
     }
 
     public boolean delete(String key) {
-        return delete(getBytes(key));
+        return delete(getKeyBytes(key));
     }
 
     private boolean contains(byte[] key) {
@@ -102,7 +103,7 @@ private boolean contains(byte[] key) {
     }
 
     public boolean contains(String key) {
-        return contains(getBytes(key));
+        return contains(getKeyBytes(key));
     }
 
     public byte[][] saw(byte[] prefix) {
@@ -111,13 +112,13 @@ public byte[][] saw(byte[] prefix) {
     }
 
     public String[] saw(String prefix) {
-        byte[][] values = saw(getBytes(prefix));
+        byte[][] values = saw(getKeyBytes(prefix));
         if (values == null) {
             return null;
         }
         String[] strings = new String[values.length];
         for (int i = 0; i < values.length; ++i) {
-            strings[i] = toString(values[i]);
+            strings[i] = toKeyString(values[i]);
         }
         return strings;
     }
@@ -133,7 +134,7 @@ private boolean password(byte[] password) {
     }
 
     public boolean password(String password) {
-        return password(getBytes(password));
+        return password(getPasswordBytes(password));
     }
 
     public boolean lock() {
@@ -147,7 +148,7 @@ private boolean unlock(byte[] password) {
     }
 
     public boolean unlock(String password) {
-        return unlock(getBytes(password));
+        return unlock(getPasswordBytes(password));
     }
 
     public boolean isEmpty() {
@@ -161,7 +162,7 @@ private boolean generate(byte[] key) {
     }
 
     public boolean generate(String key) {
-        return generate(getBytes(key));
+        return generate(getKeyBytes(key));
     }
 
     private boolean importKey(byte[] keyName, byte[] key) {
@@ -170,7 +171,7 @@ private boolean importKey(byte[] keyName, byte[] key) {
     }
 
     public boolean importKey(String keyName, byte[] key) {
-        return importKey(getBytes(keyName), key);
+        return importKey(getKeyBytes(keyName), key);
     }
 
     private byte[] getPubkey(byte[] key) {
@@ -179,7 +180,7 @@ private byte[] getPubkey(byte[] key) {
     }
 
     public byte[] getPubkey(String key) {
-        return getPubkey(getBytes(key));
+        return getPubkey(getKeyBytes(key));
     }
 
     private boolean delKey(byte[] key) {
@@ -188,7 +189,7 @@ private boolean delKey(byte[] key) {
     }
 
     public boolean delKey(String key) {
-        return delKey(getBytes(key));
+        return delKey(getKeyBytes(key));
     }
 
     private byte[] sign(byte[] keyName, byte[] data) {
@@ -197,7 +198,7 @@ private byte[] sign(byte[] keyName, byte[] data) {
     }
 
     public byte[] sign(String key, byte[] data) {
-        return sign(getBytes(key), data);
+        return sign(getKeyBytes(key), data);
     }
 
     private boolean verify(byte[] keyName, byte[] data, byte[] signature) {
@@ -206,7 +207,7 @@ private boolean verify(byte[] keyName, byte[] data, byte[] signature) {
     }
 
     public boolean verify(String key, byte[] data, byte[] signature) {
-        return verify(getBytes(key), data, signature);
+        return verify(getKeyBytes(key), data, signature);
     }
 
     private boolean grant(byte[] key, byte[] uid) {
@@ -215,7 +216,7 @@ private boolean grant(byte[] key, byte[] uid) {
     }
 
     public boolean grant(String key, int uid) {
-        return grant(getBytes(key), Integer.toString(uid).getBytes());
+         return grant(getKeyBytes(key), getUidBytes(uid));
     }
 
     private boolean ungrant(byte[] key, byte[] uid) {
@@ -224,7 +225,7 @@ private boolean ungrant(byte[] key, byte[] uid) {
     }
 
     public boolean ungrant(String key, int uid) {
-        return ungrant(getBytes(key), Integer.toString(uid).getBytes());
+        return ungrant(getKeyBytes(key), getUidBytes(uid));
     }
 
     public int getLastError() {
@@ -291,11 +292,34 @@ private ArrayList<byte[]> execute(int code, byte[]... parameters) {
         return null;
     }
 
-    private static byte[] getBytes(String string) {
-        return string.getBytes(Charsets.UTF_8);
+    /**
+     * ModifiedUtf8 is used for key encoding to match the
+     * implementation of NativeCrypto.ENGINE_load_private_key.
+     */
+    private static byte[] getKeyBytes(String string) {
+        try {
+            int utfCount = (int) ModifiedUtf8.countBytes(string, false);
+            byte[] result = new byte[utfCount];
+            ModifiedUtf8.encode(result, 0, string);
+            return result;
+        } catch (UTFDataFormatException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    private static String toKeyString(byte[] bytes) {
+        try {
+            return ModifiedUtf8.decode(bytes, new char[bytes.length], 0, bytes.length);
+        } catch (UTFDataFormatException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    private static byte[] getPasswordBytes(String password) {
+        return password.getBytes(Charsets.UTF_8);
     }
 
-    private static String toString(byte[] bytes) {
-        return new String(bytes, Charsets.UTF_8);
+    private static byte[] getUidBytes(int uid) {
+        return Integer.toString(uid).getBytes(Charsets.UTF_8);
     }
 }
diff --git a/keystore/tests/src/android/security/KeyStoreTest.java b/keystore/tests/src/android/security/KeyStoreTest.java
@@ -37,7 +37,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
     private static final String TEST_PASSWD2 = "87654321";
     private static final String TEST_KEYNAME = "test-key";
     private static final String TEST_KEYNAME1 = "test-key.1";
-    private static final String TEST_KEYNAME2 = "test-key.2";
+    private static final String TEST_KEYNAME2 = "test-key\02";
     private static final byte[] TEST_KEYVALUE = "test value".getBytes(Charsets.UTF_8);
 
     // "Hello, World" in Chinese

Original file line number	Diff line number	Diff line change
`@@ -22,8 +22,9 @@`
`22`	`22`	`import java.io.InputStream;`
`23`	`23`	`import java.io.IOException;`
`24`	`24`	`import java.io.OutputStream;`
`25`		`-import java.io.UnsupportedEncodingException;`
	`25`	`+import java.io.UTFDataFormatException;`
`26`	`26`	`import java.nio.charset.Charsets;`
	`27`	`+import java.nio.charset.ModifiedUtf8;`
`27`	`28`	`import java.util.ArrayList;`
`28`	`29`
`29`	`30`	`/**`
`@@ -75,7 +76,7 @@ private byte[] get(byte[] key) {`
`75`	`76`	`}`
`76`	`77`
`77`	`78`	`public byte[] get(String key) {`
`78`		`- return get(getBytes(key));`
	`79`	`+ return get(getKeyBytes(key));`
`79`	`80`	`}`
`80`	`81`
`81`	`82`	`private boolean put(byte[] key, byte[] value) {`
`@@ -84,7 +85,7 @@ private boolean put(byte[] key, byte[] value) {`
`84`	`85`	`}`
`85`	`86`
`86`	`87`	`public boolean put(String key, byte[] value) {`
`87`		`- return put(getBytes(key), value);`
	`88`	`+ return put(getKeyBytes(key), value);`
`88`	`89`	`}`
`89`	`90`
`90`	`91`	`private boolean delete(byte[] key) {`
`@@ -93,7 +94,7 @@ private boolean delete(byte[] key) {`
`93`	`94`	`}`
`94`	`95`
`95`	`96`	`public boolean delete(String key) {`
`96`		`- return delete(getBytes(key));`
	`97`	`+ return delete(getKeyBytes(key));`
`97`	`98`	`}`
`98`	`99`
`99`	`100`	`private boolean contains(byte[] key) {`
`@@ -102,7 +103,7 @@ private boolean contains(byte[] key) {`
`102`	`103`	`}`
`103`	`104`
`104`	`105`	`public boolean contains(String key) {`
`105`		`- return contains(getBytes(key));`
	`106`	`+ return contains(getKeyBytes(key));`
`106`	`107`	`}`
`107`	`108`
`108`	`109`	`public byte[][] saw(byte[] prefix) {`
`@@ -111,13 +112,13 @@ public byte[][] saw(byte[] prefix) {`
`111`	`112`	`}`
`112`	`113`
`113`	`114`	`public String[] saw(String prefix) {`
`114`		`- byte[][] values = saw(getBytes(prefix));`
	`115`	`+ byte[][] values = saw(getKeyBytes(prefix));`
`115`	`116`	`if (values == null) {`
`116`	`117`	`return null;`
`117`	`118`	`}`
`118`	`119`	`String[] strings = new String[values.length];`
`119`	`120`	`for (int i = 0; i < values.length; ++i) {`
`120`		`- strings[i] = toString(values[i]);`
	`121`	`+ strings[i] = toKeyString(values[i]);`
`121`	`122`	`}`
`122`	`123`	`return strings;`
`123`	`124`	`}`
`@@ -133,7 +134,7 @@ private boolean password(byte[] password) {`
`133`	`134`	`}`
`134`	`135`
`135`	`136`	`public boolean password(String password) {`
`136`		`- return password(getBytes(password));`
	`137`	`+ return password(getPasswordBytes(password));`
`137`	`138`	`}`
`138`	`139`
`139`	`140`	`public boolean lock() {`
`@@ -147,7 +148,7 @@ private boolean unlock(byte[] password) {`
`147`	`148`	`}`
`148`	`149`
`149`	`150`	`public boolean unlock(String password) {`
`150`		`- return unlock(getBytes(password));`
	`151`	`+ return unlock(getPasswordBytes(password));`
`151`	`152`	`}`
`152`	`153`
`153`	`154`	`public boolean isEmpty() {`
`@@ -161,7 +162,7 @@ private boolean generate(byte[] key) {`
`161`	`162`	`}`
`162`	`163`
`163`	`164`	`public boolean generate(String key) {`
`164`		`- return generate(getBytes(key));`
	`165`	`+ return generate(getKeyBytes(key));`
`165`	`166`	`}`
`166`	`167`
`167`	`168`	`private boolean importKey(byte[] keyName, byte[] key) {`
`@@ -170,7 +171,7 @@ private boolean importKey(byte[] keyName, byte[] key) {`
`170`	`171`	`}`
`171`	`172`
`172`	`173`	`public boolean importKey(String keyName, byte[] key) {`
`173`		`- return importKey(getBytes(keyName), key);`
	`174`	`+ return importKey(getKeyBytes(keyName), key);`
`174`	`175`	`}`
`175`	`176`
`176`	`177`	`private byte[] getPubkey(byte[] key) {`
`@@ -179,7 +180,7 @@ private byte[] getPubkey(byte[] key) {`
`179`	`180`	`}`
`180`	`181`
`181`	`182`	`public byte[] getPubkey(String key) {`
`182`		`- return getPubkey(getBytes(key));`
	`183`	`+ return getPubkey(getKeyBytes(key));`
`183`	`184`	`}`
`184`	`185`
`185`	`186`	`private boolean delKey(byte[] key) {`
`@@ -188,7 +189,7 @@ private boolean delKey(byte[] key) {`
`188`	`189`	`}`
`189`	`190`
`190`	`191`	`public boolean delKey(String key) {`
`191`		`- return delKey(getBytes(key));`
	`192`	`+ return delKey(getKeyBytes(key));`
`192`	`193`	`}`
`193`	`194`
`194`	`195`	`private byte[] sign(byte[] keyName, byte[] data) {`
`@@ -197,7 +198,7 @@ private byte[] sign(byte[] keyName, byte[] data) {`
`197`	`198`	`}`
`198`	`199`
`199`	`200`	`public byte[] sign(String key, byte[] data) {`
`200`		`- return sign(getBytes(key), data);`
	`201`	`+ return sign(getKeyBytes(key), data);`
`201`	`202`	`}`
`202`	`203`
`203`	`204`	`private boolean verify(byte[] keyName, byte[] data, byte[] signature) {`
`@@ -206,7 +207,7 @@ private boolean verify(byte[] keyName, byte[] data, byte[] signature) {`
`206`	`207`	`}`
`207`	`208`
`208`	`209`	`public boolean verify(String key, byte[] data, byte[] signature) {`
`209`		`- return verify(getBytes(key), data, signature);`
	`210`	`+ return verify(getKeyBytes(key), data, signature);`
`210`	`211`	`}`
`211`	`212`
`212`	`213`	`private boolean grant(byte[] key, byte[] uid) {`
`@@ -215,7 +216,7 @@ private boolean grant(byte[] key, byte[] uid) {`
`215`	`216`	`}`
`216`	`217`
`217`	`218`	`public boolean grant(String key, int uid) {`
`218`		`- return grant(getBytes(key), Integer.toString(uid).getBytes());`
	`219`	`+ return grant(getKeyBytes(key), getUidBytes(uid));`
`219`	`220`	`}`
`220`	`221`
`221`	`222`	`private boolean ungrant(byte[] key, byte[] uid) {`
`@@ -224,7 +225,7 @@ private boolean ungrant(byte[] key, byte[] uid) {`
`224`	`225`	`}`
`225`	`226`
`226`	`227`	`public boolean ungrant(String key, int uid) {`
`227`		`- return ungrant(getBytes(key), Integer.toString(uid).getBytes());`
	`228`	`+ return ungrant(getKeyBytes(key), getUidBytes(uid));`
`228`	`229`	`}`
`229`	`230`
`230`	`231`	`public int getLastError() {`
`@@ -291,11 +292,34 @@ private ArrayList<byte[]> execute(int code, byte[]... parameters) {`
`291`	`292`	`return null;`
`292`	`293`	`}`
`293`	`294`
`294`		`- private static byte[] getBytes(String string) {`
`295`		`- return string.getBytes(Charsets.UTF_8);`
	`295`	`+ /**`
	`296`	`+ * ModifiedUtf8 is used for key encoding to match the`
	`297`	`+ * implementation of NativeCrypto.ENGINE_load_private_key.`
	`298`	`+ */`
	`299`	`+ private static byte[] getKeyBytes(String string) {`
	`300`	`+ try {`
	`301`	`+ int utfCount = (int) ModifiedUtf8.countBytes(string, false);`
	`302`	`+ byte[] result = new byte[utfCount];`
	`303`	`+ ModifiedUtf8.encode(result, 0, string);`
	`304`	`+ return result;`
	`305`	`+ } catch (UTFDataFormatException e) {`
	`306`	`+ throw new RuntimeException(e);`
	`307`	`+ }`
	`308`	`+ }`
	`309`	`+`
	`310`	`+ private static String toKeyString(byte[] bytes) {`
	`311`	`+ try {`
	`312`	`+ return ModifiedUtf8.decode(bytes, new char[bytes.length], 0, bytes.length);`
	`313`	`+ } catch (UTFDataFormatException e) {`
	`314`	`+ throw new RuntimeException(e);`
	`315`	`+ }`
	`316`	`+ }`
	`317`	`+`
	`318`	`+ private static byte[] getPasswordBytes(String password) {`
	`319`	`+ return password.getBytes(Charsets.UTF_8);`
`296`	`320`	`}`
`297`	`321`
`298`		`- private static String toString(byte[] bytes) {`
`299`		`- return new String(bytes, Charsets.UTF_8);`
	`322`	`+ private static byte[] getUidBytes(int uid) {`
	`323`	`+ return Integer.toString(uid).getBytes(Charsets.UTF_8);`
`300`	`324`	`}`
`301`	`325`	`}`