diff options
author | Yorke Lee <yorkelee@google.com> | 2014-09-04 11:47:27 -0700 |
---|---|---|
committer | Yorke Lee <yorkelee@google.com> | 2014-09-04 11:47:27 -0700 |
commit | 2d1faded134eaf9982ce5264d0ed54f61c6590b0 (patch) | |
tree | 5a980488fd503fd2849b7bb9767caf6f4a0777ec /InCallUI | |
parent | 7fc046b0f29e78d0cf5a4066c69f826ef4eda6fd (diff) |
Protect phonenumbers with Log.pii
Bug: 17329799
Change-Id: Ie9fff13e887fcfa2950be047f77205d4bc5a2e66
Diffstat (limited to 'InCallUI')
-rw-r--r-- | InCallUI/src/com/android/incallui/ContactInfoCache.java | 2 | ||||
-rw-r--r-- | InCallUI/src/com/android/incallui/Log.java | 72 |
2 files changed, 73 insertions, 1 deletions
diff --git a/InCallUI/src/com/android/incallui/ContactInfoCache.java b/InCallUI/src/com/android/incallui/ContactInfoCache.java index fec319854..d0d093940 100644 --- a/InCallUI/src/com/android/incallui/ContactInfoCache.java +++ b/InCallUI/src/com/android/incallui/ContactInfoCache.java @@ -420,7 +420,7 @@ public class ContactInfoCache implements ContactsAsyncHelper.OnImageLoadComplete } Log.d(TAG, " ==> no name; falling back to number:" - + " displayNumber '" + displayNumber + + " displayNumber '" + Log.pii(displayNumber) + "', displayLocation '" + displayLocation + "'"); } } else { diff --git a/InCallUI/src/com/android/incallui/Log.java b/InCallUI/src/com/android/incallui/Log.java index 6bf993a49..a834919c5 100644 --- a/InCallUI/src/com/android/incallui/Log.java +++ b/InCallUI/src/com/android/incallui/Log.java @@ -16,6 +16,12 @@ package com.android.incallui; +import android.net.Uri; +import android.telephony.PhoneNumberUtils; + +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + /** * Manages logging for the entire class. */ @@ -91,6 +97,72 @@ public class Log { android.util.Log.wtf(TAG, getPrefix(obj) + msg); } + public static String piiHandle(Object pii) { + if (pii == null || VERBOSE) { + return String.valueOf(pii); + } + + if (pii instanceof Uri) { + Uri uri = (Uri) pii; + + // All Uri's which are not "tel" go through normal pii() method. + if (!"tel".equals(uri.getScheme())) { + return pii(pii); + } else { + pii = uri.getSchemeSpecificPart(); + } + } + + String originalString = String.valueOf(pii); + StringBuilder stringBuilder = new StringBuilder(originalString.length()); + for (char c : originalString.toCharArray()) { + if (PhoneNumberUtils.isDialable(c)) { + stringBuilder.append('*'); + } else { + stringBuilder.append(c); + } + } + return stringBuilder.toString(); + } + + /** + * Redact personally identifiable information for production users. + * If we are running in verbose mode, return the original string, otherwise + * return a SHA-1 hash of the input string. + */ + public static String pii(Object pii) { + if (pii == null || VERBOSE) { + return String.valueOf(pii); + } + return "[" + secureHash(String.valueOf(pii).getBytes()) + "]"; + } + + private static String secureHash(byte[] input) { + MessageDigest messageDigest; + try { + messageDigest = MessageDigest.getInstance("SHA-1"); + } catch (NoSuchAlgorithmException e) { + return null; + } + messageDigest.update(input); + byte[] result = messageDigest.digest(); + return encodeHex(result); + } + + private static String encodeHex(byte[] bytes) { + StringBuffer hex = new StringBuffer(bytes.length * 2); + + for (int i = 0; i < bytes.length; i++) { + int byteIntValue = bytes[i] & 0xff; + if (byteIntValue < 0x10) { + hex.append("0"); + } + hex.append(Integer.toString(byteIntValue, 16)); + } + + return hex.toString(); + } + private static String getPrefix(Object obj) { return (obj == null ? "" : (obj.getClass().getSimpleName() + TAG_DELIMETER)); } |