Protect phonenumbers with Log.pii

Bug: 17329799
Change-Id: Ie9fff13e887fcfa2950be047f77205d4bc5a2e66

2 files changed, 73 insertions, 1 deletions

diff --git a/InCallUI/src/com/android/incallui/ContactInfoCache.java b/InCallUI/src/com/android/incallui/ContactInfoCache.java
index fec319854..d0d093940 100644
--- a/InCallUI/src/com/android/incallui/ContactInfoCache.java
+++ b/InCallUI/src/com/android/incallui/ContactInfoCache.java
@@ -420,7 +420,7 @@ public class ContactInfoCache implements ContactsAsyncHelper.OnImageLoadComplete
                     }
 
                     Log.d(TAG, "  ==>  no name; falling back to number:"
-                            + " displayNumber '" + displayNumber
+                            + " displayNumber '" + Log.pii(displayNumber)
                             + "', displayLocation '" + displayLocation + "'");
                 }
             } else {
diff --git a/InCallUI/src/com/android/incallui/Log.java b/InCallUI/src/com/android/incallui/Log.java
index 6bf993a49..a834919c5 100644
--- a/InCallUI/src/com/android/incallui/Log.java
+++ b/InCallUI/src/com/android/incallui/Log.java
@@ -16,6 +16,12 @@
 
 package com.android.incallui;
 
+import android.net.Uri;
+import android.telephony.PhoneNumberUtils;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
 /**
  * Manages logging for the entire class.
  */
@@ -91,6 +97,72 @@ public class Log {
         android.util.Log.wtf(TAG, getPrefix(obj) + msg);
     }
 
+    public static String piiHandle(Object pii) {
+        if (pii == null || VERBOSE) {
+            return String.valueOf(pii);
+        }
+
+        if (pii instanceof Uri) {
+            Uri uri = (Uri) pii;
+
+            // All Uri's which are not "tel" go through normal pii() method.
+            if (!"tel".equals(uri.getScheme())) {
+                return pii(pii);
+            } else {
+                pii = uri.getSchemeSpecificPart();
+            }
+        }
+
+        String originalString = String.valueOf(pii);
+        StringBuilder stringBuilder = new StringBuilder(originalString.length());
+        for (char c : originalString.toCharArray()) {
+            if (PhoneNumberUtils.isDialable(c)) {
+                stringBuilder.append('*');
+            } else {
+                stringBuilder.append(c);
+            }
+        }
+        return stringBuilder.toString();
+    }
+
+    /**
+     * Redact personally identifiable information for production users.
+     * If we are running in verbose mode, return the original string, otherwise
+     * return a SHA-1 hash of the input string.
+     */
+    public static String pii(Object pii) {
+        if (pii == null || VERBOSE) {
+            return String.valueOf(pii);
+        }
+        return "[" + secureHash(String.valueOf(pii).getBytes()) + "]";
+    }
+
+    private static String secureHash(byte[] input) {
+        MessageDigest messageDigest;
+        try {
+            messageDigest = MessageDigest.getInstance("SHA-1");
+        } catch (NoSuchAlgorithmException e) {
+            return null;
+        }
+        messageDigest.update(input);
+        byte[] result = messageDigest.digest();
+        return encodeHex(result);
+    }
+
+    private static String encodeHex(byte[] bytes) {
+        StringBuffer hex = new StringBuffer(bytes.length * 2);
+
+        for (int i = 0; i < bytes.length; i++) {
+            int byteIntValue = bytes[i] & 0xff;
+            if (byteIntValue < 0x10) {
+                hex.append("0");
+            }
+            hex.append(Integer.toString(byteIntValue, 16));
+        }
+
+        return hex.toString();
+    }
+
     private static String getPrefix(Object obj) {
         return (obj == null ? "" : (obj.getClass().getSimpleName() + TAG_DELIMETER));
     }