Пример #1
0
  public static MasterSecret changeMasterSecretPassphrase(
      Context context, MasterSecret masterSecret, String newPassphrase) {
    try {
      byte[] combinedSecrets =
          Util.combine(
              masterSecret.getEncryptionKey().getEncoded(), masterSecret.getMacKey().getEncoded());

      byte[] encryptionSalt = generateSalt();
      int iterations = generateIterationCount(newPassphrase, encryptionSalt);
      byte[] encryptedMasterSecret =
          encryptWithPassphrase(encryptionSalt, iterations, combinedSecrets, newPassphrase);
      byte[] macSalt = generateSalt();
      byte[] encryptedAndMacdMasterSecret =
          macWithPassphrase(macSalt, iterations, encryptedMasterSecret, newPassphrase);

      save(context, "encryption_salt", encryptionSalt);
      save(context, "mac_salt", macSalt);
      save(context, "passphrase_iterations", iterations);
      save(context, "master_secret", encryptedAndMacdMasterSecret);
      save(context, "passphrase_initialized", true);

      return masterSecret;
    } catch (GeneralSecurityException gse) {
      throw new AssertionError(gse);
    }
  }
Пример #2
0
  public static MasterSecret generateMasterSecret(Context context, String passphrase) {
    try {
      byte[] encryptionSecret = generateEncryptionSecret();
      byte[] macSecret = generateMacSecret();
      byte[] masterSecret = Util.combine(encryptionSecret, macSecret);
      byte[] encryptionSalt = generateSalt();
      int iterations = generateIterationCount(passphrase, encryptionSalt);
      byte[] encryptedMasterSecret =
          encryptWithPassphrase(encryptionSalt, iterations, masterSecret, passphrase);
      byte[] macSalt = generateSalt();
      byte[] encryptedAndMacdMasterSecret =
          macWithPassphrase(macSalt, iterations, encryptedMasterSecret, passphrase);

      save(context, "encryption_salt", encryptionSalt);
      save(context, "mac_salt", macSalt);
      save(context, "passphrase_iterations", iterations);
      save(context, "master_secret", encryptedAndMacdMasterSecret);
      save(context, "passphrase_initialized", true);

      return new MasterSecret(
          new SecretKeySpec(encryptionSecret, "AES"), new SecretKeySpec(macSecret, "HmacSHA1"));
    } catch (GeneralSecurityException e) {
      Log.w("keyutil", e);
      return null;
    }
  }