Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Add API to query KeyChain algorithm support" into jb-mr2-dev

Browse Source
This commit is contained in:
Kenny Root
2013-04-02 17:52:26 +00:00
committed by Android (Google) Code Review
parent c29f6d4a99 bf556ac636
commit 1ea4a5ba85
2 changed files with 26 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api/current.txt
View File

@@ -20756,6 +20756,8 @@ package android.security {
method public static android.content.Intent createInstallIntent();
method public static java.security.cert.X509Certificate[] getCertificateChain(android.content.Context, java.lang.String) throws java.lang.InterruptedException, android.security.KeyChainException;
method public static java.security.PrivateKey getPrivateKey(android.content.Context, java.lang.String) throws java.lang.InterruptedException, android.security.KeyChainException;
method public static boolean isBoundKeyType(java.lang.String);
method public static boolean isKeyTypeSupported(java.lang.String);
field public static final java.lang.String ACTION_STORAGE_CHANGED = "android.security.STORAGE_CHANGED";
field public static final java.lang.String EXTRA_CERTIFICATE = "CERT";
field public static final java.lang.String EXTRA_NAME = "name";

24
keystore/java/android/security/KeyChain.java
View File

@@ -356,6 +356,30 @@ public final class KeyChain {
}
}
/**
* Returns {@code true} if the current device's {@code KeyChain} supports a
* specific {@code PrivateKey} type indicated by {@code algorithm} (e.g.,
* "RSA").
*/
public static boolean isKeyTypeSupported(String algorithm) {
return "RSA".equals(algorithm);
}
/**
* Returns {@code true} if the current device's {@code KeyChain} binds any
* {@code PrivateKey} of the given {@code algorithm} to the device once
* imported or generated. This can be used to tell if there is special
* hardware support that can be used to bind keys to the device in a way
* that makes it non-exportable.
*/
public static boolean isBoundKeyType(String algorithm) {
if (!isKeyTypeSupported(algorithm)) {
return false;
}
return KeyStore.getInstance().isHardwareBacked();
}
private static X509Certificate toCertificate(byte[] bytes) {
if (bytes == null) {
throw new IllegalArgumentException("bytes == null");