From 2d1faded134eaf9982ce5264d0ed54f61c6590b0 Mon Sep 17 00:00:00 2001 From: Yorke Lee Date: Thu, 4 Sep 2014 11:47:27 -0700 Subject: Protect phonenumbers with Log.pii Bug: 17329799 Change-Id: Ie9fff13e887fcfa2950be047f77205d4bc5a2e66 --- .../src/com/android/incallui/ContactInfoCache.java | 2 +- InCallUI/src/com/android/incallui/Log.java | 72 ++++++++++++++++++++++ 2 files changed, 73 insertions(+), 1 deletion(-) diff --git a/InCallUI/src/com/android/incallui/ContactInfoCache.java b/InCallUI/src/com/android/incallui/ContactInfoCache.java index fec319854..d0d093940 100644 --- a/InCallUI/src/com/android/incallui/ContactInfoCache.java +++ b/InCallUI/src/com/android/incallui/ContactInfoCache.java @@ -420,7 +420,7 @@ public class ContactInfoCache implements ContactsAsyncHelper.OnImageLoadComplete } Log.d(TAG, " ==> no name; falling back to number:" - + " displayNumber '" + displayNumber + + " displayNumber '" + Log.pii(displayNumber) + "', displayLocation '" + displayLocation + "'"); } } else { diff --git a/InCallUI/src/com/android/incallui/Log.java b/InCallUI/src/com/android/incallui/Log.java index 6bf993a49..a834919c5 100644 --- a/InCallUI/src/com/android/incallui/Log.java +++ b/InCallUI/src/com/android/incallui/Log.java @@ -16,6 +16,12 @@ package com.android.incallui; +import android.net.Uri; +import android.telephony.PhoneNumberUtils; + +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + /** * Manages logging for the entire class. */ @@ -91,6 +97,72 @@ public class Log { android.util.Log.wtf(TAG, getPrefix(obj) + msg); } + public static String piiHandle(Object pii) { + if (pii == null || VERBOSE) { + return String.valueOf(pii); + } + + if (pii instanceof Uri) { + Uri uri = (Uri) pii; + + // All Uri's which are not "tel" go through normal pii() method. + if (!"tel".equals(uri.getScheme())) { + return pii(pii); + } else { + pii = uri.getSchemeSpecificPart(); + } + } + + String originalString = String.valueOf(pii); + StringBuilder stringBuilder = new StringBuilder(originalString.length()); + for (char c : originalString.toCharArray()) { + if (PhoneNumberUtils.isDialable(c)) { + stringBuilder.append('*'); + } else { + stringBuilder.append(c); + } + } + return stringBuilder.toString(); + } + + /** + * Redact personally identifiable information for production users. + * If we are running in verbose mode, return the original string, otherwise + * return a SHA-1 hash of the input string. + */ + public static String pii(Object pii) { + if (pii == null || VERBOSE) { + return String.valueOf(pii); + } + return "[" + secureHash(String.valueOf(pii).getBytes()) + "]"; + } + + private static String secureHash(byte[] input) { + MessageDigest messageDigest; + try { + messageDigest = MessageDigest.getInstance("SHA-1"); + } catch (NoSuchAlgorithmException e) { + return null; + } + messageDigest.update(input); + byte[] result = messageDigest.digest(); + return encodeHex(result); + } + + private static String encodeHex(byte[] bytes) { + StringBuffer hex = new StringBuffer(bytes.length * 2); + + for (int i = 0; i < bytes.length; i++) { + int byteIntValue = bytes[i] & 0xff; + if (byteIntValue < 0x10) { + hex.append("0"); + } + hex.append(Integer.toString(byteIntValue, 16)); + } + + return hex.toString(); + } + private static String getPrefix(Object obj) { return (obj == null ? "" : (obj.getClass().getSimpleName() + TAG_DELIMETER)); } -- cgit v1.2.3