Skip to content
This repository has been archived by the owner on Sep 6, 2019. It is now read-only.

Commit

Permalink
Not storing salt into database anymore for increased privacy
Browse files Browse the repository at this point in the history
Fixed #1661
  • Loading branch information
M66B committed May 17, 2014
1 parent e064e3e commit 89f3a23
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 8 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ Changelog

* Fixed displaying contacts without display name ([issue](/../../issues/1660))
* Fixed on demand restricting for dangerous methods with whitelists ([issue](/../../issues/1653))
* Not storing salt into database anymore for increased privacy ([issue](/../../issues/1661))

[Open issues](https://github.com/M66B/XPrivacy/issues?state=open)

Expand Down
8 changes: 2 additions & 6 deletions src/biz/bokhorst/xprivacy/ActivityMain.java
Original file line number Diff line number Diff line change
Expand Up @@ -166,12 +166,8 @@ protected void onCreate(Bundle savedInstanceState) {

// Salt should be the same when exporting/importing
String salt = PrivacyManager.getSetting(userId, PrivacyManager.cSettingSalt, null, false);
if (salt == null) {
salt = Build.SERIAL;
if (salt == null)
salt = "";
PrivacyManager.setSetting(userId, PrivacyManager.cSettingSalt, salt);
}
if (salt != null && salt.equals(Build.SERIAL))
PrivacyManager.setSetting(userId, PrivacyManager.cSettingSalt, null);

// Set layout
setContentView(R.layout.mainlist);
Expand Down
4 changes: 2 additions & 2 deletions src/biz/bokhorst/xprivacy/Util.java
Original file line number Diff line number Diff line change
Expand Up @@ -429,7 +429,7 @@ private static boolean verifyData(byte[] data, byte[] signature, PublicKey publi
public static String sha1(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException {
// SHA1
int userId = Util.getUserId(Process.myUid());
String salt = PrivacyManager.getSetting(userId, PrivacyManager.cSettingSalt, "", true);
String salt = PrivacyManager.getSetting(userId, PrivacyManager.cSettingSalt, Build.SERIAL, true);
MessageDigest digest = MessageDigest.getInstance("SHA-1");
byte[] bytes = (text + salt).getBytes("UTF-8");
digest.update(bytes, 0, bytes.length);
Expand All @@ -443,7 +443,7 @@ public static String sha1(String text) throws NoSuchAlgorithmException, Unsuppor
public static String md5(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException {
// MD5
int userId = Util.getUserId(Process.myUid());
String salt = PrivacyManager.getSetting(userId, PrivacyManager.cSettingSalt, "", true);
String salt = PrivacyManager.getSetting(userId, PrivacyManager.cSettingSalt, Build.SERIAL, true);
byte[] bytes = MessageDigest.getInstance("MD5").digest((text + salt).getBytes("UTF-8"));
StringBuilder sb = new StringBuilder();
for (byte b : bytes)
Expand Down

0 comments on commit 89f3a23

Please sign in to comment.