Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Keymaster 0.4 binder API

Browse Source 
This adds the classes for creating and serializing arguments and results
from keymaster as well as the enum values from
hardware/libhardware/include/hardware/keymaster_defs.h which will be
needed for argument creation as well as converting keymaster error
codes into Java exceptions.

Change-Id: I61046756361d43d9f02eea370c2cbd07c3638ea3
This commit is contained in:
Chad Brubaker
2015-01-21 14:00:55 -08:00
parent 42c2ac00e6
commit 45ff13ea28
16 changed files with 990 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
core/java/android/security/IKeystoreService.aidl
View File

@@ -16,6 +16,10 @@
package android.security;
import android.security.keymaster.ExportResult;
import android.security.keymaster.KeyCharacteristics;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.OperationResult;
import android.security.KeystoreArguments;
/**
@@ -52,4 +56,19 @@ interface IKeystoreService {
int reset_uid(int uid);
int sync_uid(int sourceUid, int targetUid);
int password_uid(String password, int uid);
// Keymaster 0.4 methods
int addRngEntropy(in byte[] data);
int generateKey(String alias, in KeymasterArguments arguments, int uid, int flags,
out KeyCharacteristics characteristics);
int getKeyCharacteristics(String alias, in byte[] clientId,
in byte[] appId, out KeyCharacteristics characteristics);
int importKey(String alias, in KeymasterArguments arguments, int format,
in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics);
ExportResult exportKey(String alias, int format, in byte[] clientId, in byte[] appId);
OperationResult begin(IBinder appToken, String alias, int purpose, boolean pruneable,
in KeymasterArguments params, out KeymasterArguments operationParams);
OperationResult update(IBinder token, in KeymasterArguments params, in byte[] input);
OperationResult finish(IBinder token, in KeymasterArguments params, in byte[] signature);
int abort(IBinder handle);
}

20
core/java/android/security/keymaster/ExportResult.aidl Normal file
View File

@@ -0,0 +1,20 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
/* @hide */
parcelable ExportResult;

56
core/java/android/security/keymaster/ExportResult.java Normal file
View File

@@ -0,0 +1,56 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
import android.os.Parcel;
import android.os.Parcelable;
/**
* Class for handling parceling the return values from keymaster's export operation.
* @hide
*/
public class ExportResult implements Parcelable {
public final int resultCode;
public final byte[] exportData;
public static final Parcelable.Creator<ExportResult> CREATOR = new
Parcelable.Creator<ExportResult>() {
public ExportResult createFromParcel(Parcel in) {
return new ExportResult(in);
}
public ExportResult[] newArray(int length) {
return new ExportResult[length];
}
};
protected ExportResult(Parcel in) {
resultCode = in.readInt();
exportData = in.createByteArray();
}
@Override
public int describeContents() {
return 0;
}
@Override
public void writeToParcel(Parcel out, int flags) {
out.writeInt(resultCode);
out.writeByteArray(exportData);
}
};

20
core/java/android/security/keymaster/KeyCharacteristics.aidl Normal file
View File

@@ -0,0 +1,20 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
/* @hide */
parcelable KeyCharacteristics;

63
core/java/android/security/keymaster/KeyCharacteristics.java Normal file
View File

@@ -0,0 +1,63 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
import android.os.Parcel;
import android.os.Parcelable;
import java.util.List;
/**
* @hide
*/
public class KeyCharacteristics implements Parcelable {
public KeymasterArguments swEnforced;
public KeymasterArguments hwEnforced;
public static final Parcelable.Creator<KeyCharacteristics> CREATOR = new
Parcelable.Creator<KeyCharacteristics>() {
public KeyCharacteristics createFromParcel(Parcel in) {
return new KeyCharacteristics(in);
}
public KeyCharacteristics[] newArray(int length) {
return new KeyCharacteristics[length];
}
};
public KeyCharacteristics() {}
protected KeyCharacteristics(Parcel in) {
readFromParcel(in);
}
@Override
public int describeContents() {
return 0;
}
public void writeToParcel(Parcel out, int flags) {
swEnforced.writeToParcel(out, flags);
hwEnforced.writeToParcel(out, flags);
}
public void readFromParcel(Parcel in) {
swEnforced = KeymasterArguments.CREATOR.createFromParcel(in);
hwEnforced = KeymasterArguments.CREATOR.createFromParcel(in);
}
}

81
core/java/android/security/keymaster/KeymasterArgument.java Normal file
View File

@@ -0,0 +1,81 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
import android.os.Parcel;
import android.os.Parcelable;
import android.os.ParcelFormatException;
/**
* Base class for the Java side of a Keymaster tagged argument.
* <p>
* Serialization code for this and subclasses must be kept in sync with system/security/keystore
* and with hardware/libhardware/include/hardware/keymaster_defs.h
* @hide
*/
abstract class KeymasterArgument implements Parcelable {
public final int tag;
public static final Parcelable.Creator<KeymasterArgument> CREATOR = new
Parcelable.Creator<KeymasterArgument>() {
public KeymasterArgument createFromParcel(Parcel in) {
final int pos = in.dataPosition();
final int tag = in.readInt();
switch (KeymasterDefs.getTagType(tag)) {
case KeymasterDefs.KM_ENUM:
case KeymasterDefs.KM_ENUM_REP:
case KeymasterDefs.KM_INT:
case KeymasterDefs.KM_INT_REP:
return new KeymasterIntArgument(tag, in);
case KeymasterDefs.KM_LONG:
return new KeymasterLongArgument(tag, in);
case KeymasterDefs.KM_DATE:
return new KeymasterDateArgument(tag, in);
case KeymasterDefs.KM_BYTES:
case KeymasterDefs.KM_BIGNUM:
return new KeymasterBlobArgument(tag, in);
case KeymasterDefs.KM_BOOL:
return new KeymasterBooleanArgument(tag, in);
default:
throw new ParcelFormatException("Bad tag: " + tag + " at " + pos);
}
}
public KeymasterArgument[] newArray(int size) {
return new KeymasterArgument[size];
}
};
protected KeymasterArgument(int tag) {
this.tag = tag;
}
/**
* Writes the value of this argument, if any, to the provided parcel.
*/
public abstract void writeValue(Parcel out);
@Override
public int describeContents() {
return 0;
}
@Override
public void writeToParcel(Parcel out, int flags) {
out.writeInt(tag);
writeValue(out);
}
}

20
core/java/android/security/keymaster/KeymasterArguments.aidl Normal file
View File

@@ -0,0 +1,20 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
/* @hide */
parcelable KeymasterArguments;

186
core/java/android/security/keymaster/KeymasterArguments.java Normal file
View File

@@ -0,0 +1,186 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
import android.os.Parcel;
import android.os.Parcelable;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
/**
* Utility class for the java side of user specified Keymaster arguments.
* <p>
* Serialization code for this and subclasses must be kept in sync with system/security/keystore
* @hide
*/
public class KeymasterArguments implements Parcelable {
List<KeymasterArgument> mArguments;
public static final Parcelable.Creator<KeymasterArguments> CREATOR = new
Parcelable.Creator<KeymasterArguments>() {
public KeymasterArguments createFromParcel(Parcel in) {
return new KeymasterArguments(in);
}
public KeymasterArguments[] newArray(int size) {
return new KeymasterArguments[size];
}
};
public KeymasterArguments() {
mArguments = new ArrayList<KeymasterArgument>();
}
private KeymasterArguments(Parcel in) {
mArguments = in.createTypedArrayList(KeymasterArgument.CREATOR);
}
public void addInt(int tag, int value) {
mArguments.add(new KeymasterIntArgument(tag, value));
}
public void addBoolean(int tag) {
mArguments.add(new KeymasterBooleanArgument(tag));
}
public void addLong(int tag, long value) {
mArguments.add(new KeymasterLongArgument(tag, value));
}
public void addBlob(int tag, byte[] value) {
mArguments.add(new KeymasterBlobArgument(tag, value));
}
public void addDate(int tag, Date value) {
mArguments.add(new KeymasterDateArgument(tag, value));
}
private KeymasterArgument getArgumentByTag(int tag) {
for (KeymasterArgument arg : mArguments) {
if (arg.tag == tag) {
return arg;
}
}
return null;
}
public boolean containsTag(int tag) {
return getArgumentByTag(tag) != null;
}
public int getInt(int tag, int defaultValue) {
switch (KeymasterDefs.getTagType(tag)) {
case KeymasterDefs.KM_ENUM:
case KeymasterDefs.KM_INT:
break; // Accepted types
case KeymasterDefs.KM_INT_REP:
case KeymasterDefs.KM_ENUM_REP:
throw new IllegalArgumentException("Repeatable tags must use getInts: " + tag);
default:
throw new IllegalArgumentException("Tag is not an int type: " + tag);
}
KeymasterArgument arg = getArgumentByTag(tag);
if (arg == null) {
return defaultValue;
}
return ((KeymasterIntArgument) arg).value;
}
public long getLong(int tag, long defaultValue) {
if (KeymasterDefs.getTagType(tag) != KeymasterDefs.KM_LONG) {
throw new IllegalArgumentException("Tag is not a long type: " + tag);
}
KeymasterArgument arg = getArgumentByTag(tag);
if (arg == null) {
return defaultValue;
}
return ((KeymasterLongArgument) arg).value;
}
public Date getDate(int tag, Date defaultValue) {
if (KeymasterDefs.getTagType(tag) != KeymasterDefs.KM_DATE) {
throw new IllegalArgumentException("Tag is not a date type: " + tag);
}
KeymasterArgument arg = getArgumentByTag(tag);
if (arg == null) {
return defaultValue;
}
return ((KeymasterDateArgument) arg).date;
}
public boolean getBoolean(int tag, boolean defaultValue) {
if (KeymasterDefs.getTagType(tag) != KeymasterDefs.KM_BOOL) {
throw new IllegalArgumentException("Tag is not a boolean type: " + tag);
}
KeymasterArgument arg = getArgumentByTag(tag);
if (arg == null) {
return defaultValue;
}
return true;
}
public byte[] getBlob(int tag, byte[] defaultValue) {
switch (KeymasterDefs.getTagType(tag)) {
case KeymasterDefs.KM_BYTES:
case KeymasterDefs.KM_BIGNUM:
break; // Allowed types.
default:
throw new IllegalArgumentException("Tag is not a blob type: " + tag);
}
KeymasterArgument arg = getArgumentByTag(tag);
if (arg == null) {
return defaultValue;
}
return ((KeymasterBlobArgument) arg).blob;
}
public List<Integer> getInts(int tag) {
switch (KeymasterDefs.getTagType(tag)) {
case KeymasterDefs.KM_INT_REP:
case KeymasterDefs.KM_ENUM_REP:
break; // Allowed types.
default:
throw new IllegalArgumentException("Tag is not a repeating type: " + tag);
}
List<Integer> values = new ArrayList<Integer>();
for (KeymasterArgument arg : mArguments) {
if (arg.tag == tag) {
values.add(((KeymasterIntArgument) arg).value);
}
}
return values;
}
public int size() {
return mArguments.size();
}
@Override
public void writeToParcel(Parcel out, int flags) {
out.writeTypedList(mArguments);
}
public void readFromParcel(Parcel in) {
in.readTypedList(mArguments, KeymasterArgument.CREATOR);
}
@Override
public int describeContents() {
return 0;
}
}

42
core/java/android/security/keymaster/KeymasterBlobArgument.java Normal file
View File

@@ -0,0 +1,42 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
import android.os.Parcel;
import android.os.Parcelable;
/**
* @hide
*/
class KeymasterBlobArgument extends KeymasterArgument {
public final byte[] blob;
public KeymasterBlobArgument(int tag, byte[] blob) {
super(tag);
this.blob = blob;
}
public KeymasterBlobArgument(int tag, Parcel in) {
super(tag);
blob = in.createByteArray();
}
@Override
public void writeValue(Parcel out) {
out.writeByteArray(blob);
}
}

42
core/java/android/security/keymaster/KeymasterBooleanArgument.java Normal file
View File

@@ -0,0 +1,42 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
import android.os.Parcel;
import android.os.Parcelable;
/**
* @hide
*/
class KeymasterBooleanArgument extends KeymasterArgument {
// Boolean arguments are always true if they exist and false if they don't.
public final boolean value = true;
public KeymasterBooleanArgument(int tag) {
super(tag);
}
public KeymasterBooleanArgument(int tag, Parcel in) {
super(tag);
}
@Override
public void writeValue(Parcel out) {
// Do nothing, value is implicit.
}
}

44
core/java/android/security/keymaster/KeymasterDateArgument.java Normal file
View File

@@ -0,0 +1,44 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
import android.os.Parcel;
import android.os.Parcelable;
import java.util.Date;
/**
* @hide
*/
class KeymasterDateArgument extends KeymasterArgument {
public final Date date;
public KeymasterDateArgument(int tag, Date date) {
super(tag);
this.date = date;
}
public KeymasterDateArgument(int tag, Parcel in) {
super(tag);
date = new Date(in.readLong());
}
@Override
public void writeValue(Parcel out) {
out.writeLong(date.getTime());
}
}

227
core/java/android/security/keymaster/KeymasterDefs.java Normal file
View File

@@ -0,0 +1,227 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
/**
* Class tracking all the keymaster enum values needed for the binder API to keystore.
* This must be kept in sync with hardware/libhardware/include/hardware/keymaster_defs.h
* See keymaster_defs.h for detailed descriptions of each constant.
* @hide
*/
public final class KeymasterDefs {
private KeymasterDefs() {}
// Tag types.
public static final int KM_INVALID = 0 << 28;
public static final int KM_ENUM = 1 << 28;
public static final int KM_ENUM_REP = 2 << 28;
public static final int KM_INT = 3 << 28;
public static final int KM_INT_REP = 4 << 28;
public static final int KM_LONG = 5 << 28;
public static final int KM_DATE = 6 << 28;
public static final int KM_BOOL = 7 << 28;
public static final int KM_BIGNUM = 8 << 28;
public static final int KM_BYTES = 9 << 28;
// Tag values.
public static final int KM_TAG_INVALID = KM_INVALID | 0;
public static final int KM_TAG_PURPOSE = KM_ENUM_REP | 1;
public static final int KM_TAG_ALGORITHM = KM_ENUM | 2;
public static final int KM_TAG_KEY_SIZE = KM_INT | 3;
public static final int KM_TAG_BLOCK_MODE = KM_ENUM | 4;
public static final int KM_TAG_DIGEST = KM_ENUM | 5;
public static final int KM_TAG_MAC_LENGTH = KM_INT | 6;
public static final int KM_TAG_PADDING = KM_ENUM | 7;
public static final int KM_TAG_RETURN_UNAUTHED = KM_BOOL | 8;
public static final int KM_TAG_CALLER_NONCE = KM_BOOL | 9;
public static final int KM_TAG_RESCOPING_ADD = KM_ENUM_REP | 101;
public static final int KM_TAG_RESCOPING_DEL = KM_ENUM_REP | 102;
public static final int KM_TAG_BLOB_USAGE_REQUIREMENTS = KM_ENUM | 705;
public static final int KM_TAG_RSA_PUBLIC_EXPONENT = KM_LONG | 200;
public static final int KM_TAG_DSA_GENERATOR = KM_BIGNUM | 201;
public static final int KM_TAG_DSA_P = KM_BIGNUM | 202;
public static final int KM_TAG_DSA_Q = KM_BIGNUM | 203;
public static final int KM_TAG_ACTIVE_DATETIME = KM_DATE | 400;
public static final int KM_TAG_ORIGINATION_EXPIRE_DATETIME = KM_DATE | 401;
public static final int KM_TAG_USAGE_EXPIRE_DATETIME = KM_DATE | 402;
public static final int KM_TAG_MIN_SECONDS_BETWEEN_OPS = KM_INT | 403;
public static final int KM_TAG_MAX_USES_PER_BOOT = KM_INT | 404;
public static final int KM_TAG_ALL_USERS = KM_BOOL | 500;
public static final int KM_TAG_USER_ID = KM_INT | 501;
public static final int KM_TAG_NO_AUTH_REQUIRED = KM_BOOL | 502;
public static final int KM_TAG_USER_AUTH_ID = KM_INT_REP | 503;
public static final int KM_TAG_AUTH_TIMEOUT = KM_INT | 504;
public static final int KM_TAG_ALL_APPLICATIONS = KM_BOOL | 600;
public static final int KM_TAG_APPLICATION_ID = KM_BYTES | 601;
public static final int KM_TAG_APPLICATION_DATA = KM_BYTES | 700;
public static final int KM_TAG_CREATION_DATETIME = KM_DATE | 701;
public static final int KM_TAG_ORIGIN = KM_ENUM | 702;
public static final int KM_TAG_ROLLBACK_RESISTANT = KM_BOOL | 703;
public static final int KM_TAG_ROOT_OF_TRUST = KM_BYTES | 704;
public static final int KM_TAG_ASSOCIATED_DATA = KM_BYTES | 1000;
public static final int KM_TAG_NONCE = KM_BYTES | 1001;
public static final int KM_TAG_CHUNK_LENGTH = KM_INT | 1002;
// Algorithm values.
public static final int KM_ALGORITHM_RSA = 1;
public static final int KM_ALGORITHM_DSA = 2;
public static final int KM_ALGORITHM_ECDSA = 3;
public static final int KM_ALGORITHM_ECIES = 4;
public static final int KM_ALGORITHM_AES = 32;
public static final int KM_ALGORITHM_3DES = 33;
public static final int KM_ALGORITHM_SKIPJACK = 34;
public static final int KM_ALGORITHM_MARS = 48;
public static final int KM_ALGORITHM_RC6 = 49;
public static final int KM_ALGORITHM_SERPENT = 50;
public static final int KM_ALGORITHM_TWOFISH = 51;
public static final int KM_ALGORITHM_IDEA = 52;
public static final int KM_ALGORITHM_RC5 = 53;
public static final int KM_ALGORITHM_CAST5 = 54;
public static final int KM_ALGORITHM_BLOWFISH = 55;
public static final int KM_ALGORITHM_RC4 = 64;
public static final int KM_ALGORITHM_CHACHA20 = 65;
public static final int KM_ALGORITHM_HMAC = 128;
// Block modes.
public static final int KM_MODE_FIRST_UNAUTHENTICATED = 1;
public static final int KM_MODE_ECB = KM_MODE_FIRST_UNAUTHENTICATED;
public static final int KM_MODE_CBC = 2;
public static final int KM_MODE_CBC_CTS = 3;
public static final int KM_MODE_CTR = 4;
public static final int KM_MODE_OFB = 5;
public static final int KM_MODE_CFB = 6;
public static final int KM_MODE_XTS = 7;
public static final int KM_MODE_FIRST_AUTHENTICATED = 32;
public static final int KM_MODE_GCM = KM_MODE_FIRST_AUTHENTICATED;
public static final int KM_MODE_OCB = 33;
public static final int KM_MODE_CCM = 34;
public static final int KM_MODE_FIRST_MAC = 128;
public static final int KM_MODE_CMAC = KM_MODE_FIRST_MAC;
public static final int KM_MODE_POLY1305 = 129;
// Padding modes.
public static final int KM_PAD_NONE = 1;
public static final int KM_PAD_RSA_OAEP = 2;
public static final int KM_PAD_RSA_PSS = 3;
public static final int KM_PAD_RSA_PKCS1_1_5_ENCRYPT = 4;
public static final int KM_PAD_RSA_PKCS1_1_5_SIGN = 5;
public static final int KM_PAD_ANSI_X923 = 32;
public static final int KM_PAD_ISO_10126 = 33;
public static final int KM_PAD_ZERO = 64;
public static final int KM_PAD_PKCS7 = 65;
public static final int KM_PAD_ISO_7816_4 = 66;
// Digest modes.
public static final int KM_DIGEST_NONE = 0;
public static final int KM_DIGEST_MD5 = 1;
public static final int KM_DIGEST_SHA1 = 2;
public static final int KM_DIGEST_SHA_2_224 = 3;
public static final int KM_DIGEST_SHA_2_256 = 4;
public static final int KM_DIGEST_SHA_2_384 = 5;
public static final int KM_DIGEST_SHA_2_512 = 6;
public static final int KM_DIGEST_SHA_3_256 = 7;
public static final int KM_DIGEST_SHA_3_384 = 8;
public static final int KM_DIGEST_SHA_3_512 = 9;
// Key origins.
public static final int KM_ORIGIN_HARDWARE = 0;
public static final int KM_ORIGIN_SOFTWARE = 1;
public static final int KM_ORIGIN_IMPORTED = 2;
// Key usability requirements.
public static final int KM_BLOB_STANDALONE = 0;
public static final int KM_BLOB_REQUIRES_FILE_SYSTEM = 1;
// Operation Purposes.
public static final int KM_PURPOSE_ENCRYPT = 0;
public static final int KM_PURPOSE_DECRYPT = 1;
public static final int KM_PURPOSE_SIGN = 2;
public static final int KM_PURPOSE_VERIFY = 3;
// Key formats.
public static final int KM_KEY_FORMAT_X509 = 0;
public static final int KM_KEY_FORMAT_PKCS8 = 1;
public static final int KM_KEY_FORMAT_PKCS12 = 2;
public static final int KM_KEY_FORMAT_RAW = 3;
// Error codes.
public static final int KM_ERROR_OK = 0;
public static final int KM_ERROR_ROOT_OF_TRUST_ALREADY_SET = -1;
public static final int KM_ERROR_UNSUPPORTED_PURPOSE = -2;
public static final int KM_ERROR_INCOMPATIBLE_PURPOSE = -3;
public static final int KM_ERROR_UNSUPPORTED_ALGORITHM = -4;
public static final int KM_ERROR_INCOMPATIBLE_ALGORITHM = -5;
public static final int KM_ERROR_UNSUPPORTED_KEY_SIZE = -6;
public static final int KM_ERROR_UNSUPPORTED_BLOCK_MODE = -7;
public static final int KM_ERROR_INCOMPATIBLE_BLOCK_MODE = -8;
public static final int KM_ERROR_UNSUPPORTED_TAG_LENGTH = -9;
public static final int KM_ERROR_UNSUPPORTED_PADDING_MODE = -10;
public static final int KM_ERROR_INCOMPATIBLE_PADDING_MODE = -11;
public static final int KM_ERROR_UNSUPPORTED_DIGEST = -12;
public static final int KM_ERROR_INCOMPATIBLE_DIGEST = -13;
public static final int KM_ERROR_INVALID_EXPIRATION_TIME = -14;
public static final int KM_ERROR_INVALID_USER_ID = -15;
public static final int KM_ERROR_INVALID_AUTHORIZATION_TIMEOUT = -16;
public static final int KM_ERROR_UNSUPPORTED_KEY_FORMAT = -17;
public static final int KM_ERROR_INCOMPATIBLE_KEY_FORMAT = -18;
public static final int KM_ERROR_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM = -19;
public static final int KM_ERROR_UNSUPPORTED_KEY_VERIFICATION_ALGORITHM = -20;
public static final int KM_ERROR_INVALID_INPUT_LENGTH = -21;
public static final int KM_ERROR_KEY_EXPORT_OPTIONS_INVALID = -22;
public static final int KM_ERROR_DELEGATION_NOT_ALLOWED = -23;
public static final int KM_ERROR_KEY_NOT_YET_VALID = -24;
public static final int KM_ERROR_KEY_EXPIRED = -25;
public static final int KM_ERROR_KEY_USER_NOT_AUTHENTICATED = -26;
public static final int KM_ERROR_OUTPUT_PARAMETER_NULL = -27;
public static final int KM_ERROR_INVALID_OPERATION_HANDLE = -28;
public static final int KM_ERROR_INSUFFICIENT_BUFFER_SPACE = -29;
public static final int KM_ERROR_VERIFICATION_FAILED = -30;
public static final int KM_ERROR_TOO_MANY_OPERATIONS = -31;
public static final int KM_ERROR_UNEXPECTED_NULL_POINTER = -32;
public static final int KM_ERROR_INVALID_KEY_BLOB = -33;
public static final int KM_ERROR_IMPORTED_KEY_NOT_ENCRYPTED = -34;
public static final int KM_ERROR_IMPORTED_KEY_DECRYPTION_FAILED = -35;
public static final int KM_ERROR_IMPORTED_KEY_NOT_SIGNED = -36;
public static final int KM_ERROR_IMPORTED_KEY_VERIFICATION_FAILED = -37;
public static final int KM_ERROR_INVALID_ARGUMENT = -38;
public static final int KM_ERROR_UNSUPPORTED_TAG = -39;
public static final int KM_ERROR_INVALID_TAG = -40;
public static final int KM_ERROR_MEMORY_ALLOCATION_FAILED = -41;
public static final int KM_ERROR_INVALID_RESCOPING = -42;
public static final int KM_ERROR_INVALID_DSA_PARAMS = -43;
public static final int KM_ERROR_IMPORT_PARAMETER_MISMATCH = -44;
public static final int KM_ERROR_SECURE_HW_ACCESS_DENIED = -45;
public static final int KM_ERROR_OPERATION_CANCELLED = -46;
public static final int KM_ERROR_CONCURRENT_ACCESS_CONFLICT = -47;
public static final int KM_ERROR_SECURE_HW_BUSY = -48;
public static final int KM_ERROR_SECURE_HW_COMMUNICATION_FAILED = -49;
public static final int KM_ERROR_UNSUPPORTED_EC_FIELD = -50;
public static final int KM_ERROR_UNIMPLEMENTED = -100;
public static final int KM_ERROR_VERSION_MISMATCH = -101;
public static final int KM_ERROR_UNKNOWN_ERROR = -1000;
public static int getTagType(int tag) {
return tag & (0xF << 28);
}
}

42
core/java/android/security/keymaster/KeymasterIntArgument.java Normal file
View File

@@ -0,0 +1,42 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
import android.os.Parcel;
import android.os.Parcelable;
/**
* @hide
*/
class KeymasterIntArgument extends KeymasterArgument {
public final int value;
public KeymasterIntArgument(int tag, int value) {
super(tag);
this.value = value;
}
public KeymasterIntArgument(int tag, Parcel in) {
super(tag);
value = in.readInt();
}
@Override
public void writeValue(Parcel out) {
out.writeInt(value);
}
}

42
core/java/android/security/keymaster/KeymasterLongArgument.java Normal file
View File

@@ -0,0 +1,42 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
import android.os.Parcel;
import android.os.Parcelable;
/**
* @hide
*/
class KeymasterLongArgument extends KeymasterArgument {
public final long value;
public KeymasterLongArgument(int tag, long value) {
super(tag);
this.value = value;
}
public KeymasterLongArgument(int tag, Parcel in) {
super(tag);
value = in.readLong();
}
@Override
public void writeValue(Parcel out) {
out.writeLong(value);
}
}

20
core/java/android/security/keymaster/OperationResult.aidl Normal file
View File

@@ -0,0 +1,20 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
/* @hide */
parcelable OperationResult;

66
core/java/android/security/keymaster/OperationResult.java Normal file
View File

@@ -0,0 +1,66 @@
/**
* Copyright (c) 2015, The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keymaster;
import android.os.IBinder;
import android.os.Parcel;
import android.os.Parcelable;
import java.util.List;
/**
* Class for handling the parceling of return values from keymaster crypto operations
* (begin/update/finish).
* @hide
*/
public class OperationResult implements Parcelable {
public final int resultCode;
public final IBinder token;
public final int inputConsumed;
public final byte[] output;
public static final Parcelable.Creator<OperationResult> CREATOR = new
Parcelable.Creator<OperationResult>() {
public OperationResult createFromParcel(Parcel in) {
return new OperationResult(in);
}
public OperationResult[] newArray(int length) {
return new OperationResult[length];
}
};
protected OperationResult(Parcel in) {
resultCode = in.readInt();
token = in.readStrongBinder();
inputConsumed = in.readInt();
output = in.createByteArray();
}
@Override
public int describeContents() {
return 0;
}
@Override
public void writeToParcel(Parcel out, int flags) {
out.writeInt(resultCode);
out.writeStrongBinder(token);
out.writeInt(inputConsumed);
out.writeByteArray(output);
}
}