Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

am a1fb2cf6: Merge "Move Android Keystore impl to android.security.keystore." into mnc-dev

Browse Source 
* commit 'a1fb2cf6a6b8e69b57346b598e1c0904614250d7':
  Move Android Keystore impl to android.security.keystore.
This commit is contained in:
Alex Klyubin
2015-05-14 16:03:25 +00:00
committed by Android Git Automerger
parent edc7560af4 a1fb2cf6a6
commit 567936c9ab
27 changed files with 156 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/java/android/app/ActivityThread.java
View File

@@ -96,7 +96,7 @@ import android.view.Window;
import android.view.WindowManager;
import android.view.WindowManagerGlobal;
import android.renderscript.RenderScriptCacheDir;
import android.security.AndroidKeyStoreProvider;
import android.security.keystore.AndroidKeyStoreProvider;
import com.android.internal.app.IVoiceInteractor;
import com.android.internal.content.ReferrerIntent;

2
core/java/android/hardware/fingerprint/FingerprintManager.java
View File

@@ -32,7 +32,7 @@ import android.os.RemoteException;
import android.os.UserHandle;
import android.provider.Settings;
import android.hardware.fingerprint.FingerprintManager.EnrollmentCallback;
import android.security.AndroidKeyStoreProvider;
import android.security.keystore.AndroidKeyStoreProvider;
import android.util.Log;
import android.util.Slog;

6
keystore/java/android/security/Credentials.java
View File

@@ -216,7 +216,7 @@ public class Credentials {
* particular {@code alias}. All three can exist for any given alias.
* Returns {@code true} if there was at least one of those types.
*/
static boolean deleteAllTypesForAlias(KeyStore keystore, String alias) {
public static boolean deleteAllTypesForAlias(KeyStore keystore, String alias) {
/*
* Make sure every type is deleted. There can be all three types, so
* don't use a conditional here.
@@ -231,7 +231,7 @@ public class Credentials {
* particular {@code alias}. All three can exist for any given alias.
* Returns {@code true} if there was at least one of those types.
*/
static boolean deleteCertificateTypesForAlias(KeyStore keystore, String alias) {
public static boolean deleteCertificateTypesForAlias(KeyStore keystore, String alias) {
/*
* Make sure every certificate type is deleted. There can be two types,
* so don't use a conditional here.
@@ -252,7 +252,7 @@ public class Credentials {
* Delete secret key for a particular {@code alias}.
* Returns {@code true} if an entry was was deleted.
*/
static boolean deleteSecretKeyTypeForAlias(KeyStore keystore, String alias) {
public static boolean deleteSecretKeyTypeForAlias(KeyStore keystore, String alias) {
return keystore.delete(Credentials.USER_SECRET_KEY + alias);
}
}

16
keystore/java/android/security/GateKeeper.java
View File

@@ -1,3 +1,19 @@
/*
* Copyright (C) 2015 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security;
import android.os.RemoteException;

11
keystore/java/android/security/KeyStore.java
View File

@@ -109,7 +109,7 @@ public class KeyStore {
mContext = getApplicationContext();
}
static Context getApplicationContext() {
public static Context getApplicationContext() {
ActivityThread activityThread = ActivityThread.currentActivityThread();
if (activityThread == null) {
throw new IllegalStateException(
@@ -136,7 +136,7 @@ public class KeyStore {
return mToken;
}
static int getKeyTypeForAlgorithm(@KeyProperties.KeyAlgorithmEnum String keyType) {
public static int getKeyTypeForAlgorithm(@KeyProperties.KeyAlgorithmEnum String keyType) {
if (KeyProperties.KEY_ALGORITHM_RSA.equalsIgnoreCase(keyType)) {
return NativeConstants.EVP_PKEY_RSA;
} else if (KeyProperties.KEY_ALGORITHM_EC.equalsIgnoreCase(keyType)) {
@@ -632,7 +632,7 @@ public class KeyStore {
* Returns a {@link KeyStoreException} corresponding to the provided keystore/keymaster error
* code.
*/
static KeyStoreException getKeyStoreException(int errorCode) {
public static KeyStoreException getKeyStoreException(int errorCode) {
if (errorCode > 0) {
// KeyStore layer error
switch (errorCode) {
@@ -674,7 +674,8 @@ public class KeyStore {
* Returns an {@link InvalidKeyException} corresponding to the provided
* {@link KeyStoreException}.
*/
InvalidKeyException getInvalidKeyException(String keystoreKeyAlias, KeyStoreException e) {
public InvalidKeyException getInvalidKeyException(
String keystoreKeyAlias, KeyStoreException e) {
switch (e.getErrorCode()) {
case LOCKED:
return new UserNotAuthenticatedException();
@@ -745,7 +746,7 @@ public class KeyStore {
* Returns an {@link InvalidKeyException} corresponding to the provided keystore/keymaster error
* code.
*/
InvalidKeyException getInvalidKeyException(String keystoreKeyAlias, int errorCode) {
public InvalidKeyException getInvalidKeyException(String keystoreKeyAlias, int errorCode) {
return getInvalidKeyException(keystoreKeyAlias, getKeyStoreException(errorCode));
}
}

15
keystore/java/android/security/AndroidKeyPairGenerator.java → keystore/java/android/security/keystore/AndroidKeyPairGeneratorSpi.java
View File

@@ -14,11 +14,12 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.annotation.NonNull;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyProperties;
import android.security.Credentials;
import android.security.KeyPairGeneratorSpec;
import android.security.KeyStore;
import com.android.org.bouncycastle.x509.X509V3CertificateGenerator;
import com.android.org.conscrypt.NativeConstants;
@@ -55,15 +56,15 @@ import java.util.Locale;
*
* {@hide}
*/
public abstract class AndroidKeyPairGenerator extends KeyPairGeneratorSpi {
public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
public static class RSA extends AndroidKeyPairGenerator {
public static class RSA extends AndroidKeyPairGeneratorSpi {
public RSA() {
super(KeyProperties.KEY_ALGORITHM_RSA);
}
}
public static class EC extends AndroidKeyPairGenerator {
public static class EC extends AndroidKeyPairGeneratorSpi {
public EC() {
super(KeyProperties.KEY_ALGORITHM_EC);
}
@@ -92,7 +93,7 @@ public abstract class AndroidKeyPairGenerator extends KeyPairGeneratorSpi {
private int mKeyType;
private int mKeySize;
protected AndroidKeyPairGenerator(@KeyProperties.KeyAlgorithmEnum String algorithm) {
protected AndroidKeyPairGeneratorSpi(@KeyProperties.KeyAlgorithmEnum String algorithm) {
mAlgorithm = algorithm;
}

26
keystore/java/android/security/AndroidKeyStoreBCWorkaroundProvider.java → keystore/java/android/security/keystore/AndroidKeyStoreBCWorkaroundProvider.java
View File

@@ -14,7 +14,7 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import java.security.Provider;
@@ -40,9 +40,9 @@ class AndroidKeyStoreBCWorkaroundProvider extends Provider {
// classes when this provider is instantiated and installed early on during each app's
// initialization process.
private static final String PACKAGE_NAME = "android.security";
private static final String PACKAGE_NAME = "android.security.keystore";
private static final String KEYSTORE_SECRET_KEY_CLASS_NAME =
PACKAGE_NAME + ".KeyStoreSecretKey";
PACKAGE_NAME + ".AndroidKeyStoreSecretKey";
AndroidKeyStoreBCWorkaroundProvider() {
super("AndroidKeyStoreBCWorkaround",
@@ -50,25 +50,25 @@ class AndroidKeyStoreBCWorkaroundProvider extends Provider {
"Android KeyStore security provider to work around Bouncy Castle");
// javax.crypto.Mac
putMacImpl("HmacSHA1", PACKAGE_NAME + ".KeyStoreHmacSpi$HmacSHA1");
putMacImpl("HmacSHA224", PACKAGE_NAME + ".KeyStoreHmacSpi$HmacSHA224");
putMacImpl("HmacSHA256", PACKAGE_NAME + ".KeyStoreHmacSpi$HmacSHA256");
putMacImpl("HmacSHA384", PACKAGE_NAME + ".KeyStoreHmacSpi$HmacSHA384");
putMacImpl("HmacSHA512", PACKAGE_NAME + ".KeyStoreHmacSpi$HmacSHA512");
putMacImpl("HmacSHA1", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA1");
putMacImpl("HmacSHA224", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA224");
putMacImpl("HmacSHA256", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA256");
putMacImpl("HmacSHA384", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA384");
putMacImpl("HmacSHA512", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA512");
// javax.crypto.Cipher
putSymmetricCipherImpl("AES/ECB/NoPadding",
PACKAGE_NAME + ".KeyStoreCipherSpi$AES$ECB$NoPadding");
PACKAGE_NAME + ".AndroidKeyStoreCipherSpi$AES$ECB$NoPadding");
putSymmetricCipherImpl("AES/ECB/PKCS7Padding",
PACKAGE_NAME + ".KeyStoreCipherSpi$AES$ECB$PKCS7Padding");
PACKAGE_NAME + ".AndroidKeyStoreCipherSpi$AES$ECB$PKCS7Padding");
putSymmetricCipherImpl("AES/CBC/NoPadding",
PACKAGE_NAME + ".KeyStoreCipherSpi$AES$CBC$NoPadding");
PACKAGE_NAME + ".AndroidKeyStoreCipherSpi$AES$CBC$NoPadding");
putSymmetricCipherImpl("AES/CBC/PKCS7Padding",
PACKAGE_NAME + ".KeyStoreCipherSpi$AES$CBC$PKCS7Padding");
PACKAGE_NAME + ".AndroidKeyStoreCipherSpi$AES$CBC$PKCS7Padding");
putSymmetricCipherImpl("AES/CTR/NoPadding",
PACKAGE_NAME + ".KeyStoreCipherSpi$AES$CTR$NoPadding");
PACKAGE_NAME + ".AndroidKeyStoreCipherSpi$AES$CTR$NoPadding");
}
private void putMacImpl(String algorithm, String implClass) {

17
keystore/java/android/security/KeyStoreCipherSpi.java → keystore/java/android/security/keystore/AndroidKeyStoreCipherSpi.java
View File

@@ -14,9 +14,11 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.os.IBinder;
import android.security.KeyStore;
import android.security.KeyStoreException;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.KeymasterDefs;
import android.security.keymaster.OperationResult;
@@ -48,9 +50,10 @@ import javax.crypto.spec.IvParameterSpec;
*
* @hide
*/
public abstract class KeyStoreCipherSpi extends CipherSpi implements KeyStoreCryptoOperation {
public abstract class AndroidKeyStoreCipherSpi extends CipherSpi
implements KeyStoreCryptoOperation {
public abstract static class AES extends KeyStoreCipherSpi {
public abstract static class AES extends AndroidKeyStoreCipherSpi {
protected AES(int keymasterBlockMode, int keymasterPadding, boolean ivUsed) {
super(KeymasterDefs.KM_ALGORITHM_AES,
keymasterBlockMode,
@@ -120,7 +123,7 @@ public abstract class KeyStoreCipherSpi extends CipherSpi implements KeyStoreCry
// Fields below are populated by Cipher.init and KeyStore.begin and should be preserved after
// doFinal finishes.
protected boolean mEncrypting;
private KeyStoreSecretKey mKey;
private AndroidKeyStoreSecretKey mKey;
private SecureRandom mRng;
private boolean mFirstOperationInitiated;
private byte[] mIv;
@@ -147,7 +150,7 @@ public abstract class KeyStoreCipherSpi extends CipherSpi implements KeyStoreCry
*/
private Exception mCachedException;
protected KeyStoreCipherSpi(
protected AndroidKeyStoreCipherSpi(
int keymasterAlgorithm,
int keymasterBlockMode,
int keymasterPadding,
@@ -219,11 +222,11 @@ public abstract class KeyStoreCipherSpi extends CipherSpi implements KeyStoreCry
}
private void init(int opmode, Key key, SecureRandom random) throws InvalidKeyException {
if (!(key instanceof KeyStoreSecretKey)) {
if (!(key instanceof AndroidKeyStoreSecretKey)) {
throw new InvalidKeyException(
"Unsupported key: " + ((key != null) ? key.getClass().getName() : "null"));
}
mKey = (KeyStoreSecretKey) key;
mKey = (AndroidKeyStoreSecretKey) key;
mRng = random;
mIv = null;
mFirstOperationInitiated = false;

24
keystore/java/android/security/KeyStoreHmacSpi.java → keystore/java/android/security/keystore/AndroidKeyStoreHmacSpi.java
View File

@@ -14,9 +14,11 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.os.IBinder;
import android.security.KeyStore;
import android.security.KeyStoreException;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.KeymasterDefs;
import android.security.keymaster.OperationResult;
@@ -34,33 +36,33 @@ import javax.crypto.MacSpi;
*
* @hide
*/
public abstract class KeyStoreHmacSpi extends MacSpi implements KeyStoreCryptoOperation {
public abstract class AndroidKeyStoreHmacSpi extends MacSpi implements KeyStoreCryptoOperation {
public static class HmacSHA1 extends KeyStoreHmacSpi {
public static class HmacSHA1 extends AndroidKeyStoreHmacSpi {
public HmacSHA1() {
super(KeymasterDefs.KM_DIGEST_SHA1);
}
}
public static class HmacSHA224 extends KeyStoreHmacSpi {
public static class HmacSHA224 extends AndroidKeyStoreHmacSpi {
public HmacSHA224() {
super(KeymasterDefs.KM_DIGEST_SHA_2_224);
}
}
public static class HmacSHA256 extends KeyStoreHmacSpi {
public static class HmacSHA256 extends AndroidKeyStoreHmacSpi {
public HmacSHA256() {
super(KeymasterDefs.KM_DIGEST_SHA_2_256);
}
}
public static class HmacSHA384 extends KeyStoreHmacSpi {
public static class HmacSHA384 extends AndroidKeyStoreHmacSpi {
public HmacSHA384() {
super(KeymasterDefs.KM_DIGEST_SHA_2_384);
}
}
public static class HmacSHA512 extends KeyStoreHmacSpi {
public static class HmacSHA512 extends AndroidKeyStoreHmacSpi {
public HmacSHA512() {
super(KeymasterDefs.KM_DIGEST_SHA_2_512);
}
@@ -71,14 +73,14 @@ public abstract class KeyStoreHmacSpi extends MacSpi implements KeyStoreCryptoOp
private final int mMacSizeBits;
// Fields below are populated by engineInit and should be preserved after engineDoFinal.
private KeyStoreSecretKey mKey;
private AndroidKeyStoreSecretKey mKey;
// Fields below are reset when engineDoFinal succeeds.
private KeyStoreCryptoOperationChunkedStreamer mChunkedStreamer;
private IBinder mOperationToken;
private long mOperationHandle;
protected KeyStoreHmacSpi(int keymasterDigest) {
protected AndroidKeyStoreHmacSpi(int keymasterDigest) {
mKeymasterDigest = keymasterDigest;
mMacSizeBits = KeymasterUtils.getDigestOutputSizeBits(keymasterDigest);
}
@@ -109,11 +111,11 @@ public abstract class KeyStoreHmacSpi extends MacSpi implements KeyStoreCryptoOp
InvalidAlgorithmParameterException {
if (key == null) {
throw new InvalidKeyException("key == null");
} else if (!(key instanceof KeyStoreSecretKey)) {
} else if (!(key instanceof AndroidKeyStoreSecretKey)) {
throw new InvalidKeyException(
"Only Android KeyStore secret keys supported. Key: " + key);
}
mKey = (KeyStoreSecretKey) key;
mKey = (AndroidKeyStoreSecretKey) key;
if (params != null) {
throw new InvalidAlgorithmParameterException(

6
keystore/java/android/security/KeyStoreKey.java → keystore/java/android/security/keystore/AndroidKeyStoreKey.java
View File

@@ -14,7 +14,7 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import java.security.Key;
@@ -23,11 +23,11 @@ import java.security.Key;
*
* @hide
*/
public class KeyStoreKey implements Key {
public class AndroidKeyStoreKey implements Key {
private final String mAlias;
private final String mAlgorithm;
public KeyStoreKey(String alias, String algorithm) {
public AndroidKeyStoreKey(String alias, String algorithm) {
mAlias = alias;
mAlgorithm = algorithm;
}

16
keystore/java/android/security/KeyStoreKeyGeneratorSpi.java → keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
View File

@@ -14,8 +14,10 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.security.Credentials;
import android.security.KeyStore;
import android.security.keymaster.KeyCharacteristics;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.KeymasterDefs;
@@ -39,9 +41,9 @@ import javax.crypto.SecretKey;
*
* @hide
*/
public abstract class KeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
public static class AES extends KeyStoreKeyGeneratorSpi {
public static class AES extends AndroidKeyStoreKeyGeneratorSpi {
public AES() {
super(KeymasterDefs.KM_ALGORITHM_AES, 128);
}
@@ -58,7 +60,7 @@ public abstract class KeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
}
}
protected static abstract class HmacBase extends KeyStoreKeyGeneratorSpi {
protected static abstract class HmacBase extends AndroidKeyStoreKeyGeneratorSpi {
protected HmacBase(int keymasterDigest) {
super(KeymasterDefs.KM_ALGORITHM_HMAC,
keymasterDigest,
@@ -110,13 +112,13 @@ public abstract class KeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
private int[] mKeymasterPaddings;
private int[] mKeymasterDigests;
protected KeyStoreKeyGeneratorSpi(
protected AndroidKeyStoreKeyGeneratorSpi(
int keymasterAlgorithm,
int defaultKeySizeBits) {
this(keymasterAlgorithm, -1, defaultKeySizeBits);
}
protected KeyStoreKeyGeneratorSpi(
protected AndroidKeyStoreKeyGeneratorSpi(
int keymasterAlgorithm,
int keymasterDigest,
int defaultKeySizeBits) {
@@ -314,6 +316,6 @@ public abstract class KeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
} catch (IllegalArgumentException e) {
throw new ProviderException("Failed to obtain JCA secret key algorithm name", e);
}
return new KeyStoreSecretKey(keyAliasInKeystore, keyAlgorithmJCA);
return new AndroidKeyStoreSecretKey(keyAliasInKeystore, keyAlgorithmJCA);
}
}

26
keystore/java/android/security/AndroidKeyStoreProvider.java → keystore/java/android/security/keystore/AndroidKeyStoreProvider.java
View File

@@ -14,7 +14,9 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.security.KeyStore;
import java.security.Provider;
import java.security.Security;
@@ -38,25 +40,25 @@ public class AndroidKeyStoreProvider extends Provider {
// Instead, they need to be offered by AndroidKeyStoreBCWorkaroundProvider. See its Javadoc
// for details.
private static final String PACKAGE_NAME = "android.security";
private static final String PACKAGE_NAME = "android.security.keystore";
public AndroidKeyStoreProvider() {
super(PROVIDER_NAME, 1.0, "Android KeyStore security provider");
// java.security.KeyStore
put("KeyStore.AndroidKeyStore", PACKAGE_NAME + ".AndroidKeyStore");
put("KeyStore.AndroidKeyStore", PACKAGE_NAME + ".AndroidKeyStoreSpi");
// java.security.KeyPairGenerator
put("KeyPairGenerator.EC", PACKAGE_NAME + ".AndroidKeyPairGenerator$EC");
put("KeyPairGenerator.RSA", PACKAGE_NAME + ".AndroidKeyPairGenerator$RSA");
put("KeyPairGenerator.EC", PACKAGE_NAME + ".AndroidKeyPairGeneratorSpi$EC");
put("KeyPairGenerator.RSA", PACKAGE_NAME + ".AndroidKeyPairGeneratorSpi$RSA");
// javax.crypto.KeyGenerator
put("KeyGenerator.AES", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$AES");
put("KeyGenerator.HmacSHA1", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$HmacSHA1");
put("KeyGenerator.HmacSHA224", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$HmacSHA224");
put("KeyGenerator.HmacSHA256", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$HmacSHA256");
put("KeyGenerator.HmacSHA384", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$HmacSHA384");
put("KeyGenerator.HmacSHA512", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$HmacSHA512");
put("KeyGenerator.AES", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$AES");
put("KeyGenerator.HmacSHA1", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$HmacSHA1");
put("KeyGenerator.HmacSHA224", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$HmacSHA224");
put("KeyGenerator.HmacSHA256", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$HmacSHA256");
put("KeyGenerator.HmacSHA384", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$HmacSHA384");
put("KeyGenerator.HmacSHA512", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$HmacSHA512");
// java.security.SecretKeyFactory
putSecretKeyFactoryImpl("AES");
@@ -95,7 +97,7 @@ public class AndroidKeyStoreProvider extends Provider {
}
private void putSecretKeyFactoryImpl(String algorithm) {
put("SecretKeyFactory." + algorithm, PACKAGE_NAME + ".KeyStoreSecretKeyFactorySpi");
put("SecretKeyFactory." + algorithm, PACKAGE_NAME + ".AndroidKeyStoreSecretKeyFactorySpi");
}
/**

6
keystore/java/android/security/KeyStoreSecretKey.java → keystore/java/android/security/keystore/AndroidKeyStoreSecretKey.java
View File

@@ -14,7 +14,7 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import javax.crypto.SecretKey;
@@ -23,9 +23,9 @@ import javax.crypto.SecretKey;
*
* @hide
*/
public class KeyStoreSecretKey extends KeyStoreKey implements SecretKey {
public class AndroidKeyStoreSecretKey extends AndroidKeyStoreKey implements SecretKey {
public KeyStoreSecretKey(String alias, String algorithm) {
public AndroidKeyStoreSecretKey(String alias, String algorithm) {
super(alias, algorithm);
}
}

12
keystore/java/android/security/KeyStoreSecretKeyFactorySpi.java → keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java
View File

@@ -14,12 +14,12 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.security.Credentials;
import android.security.KeyStore;
import android.security.keymaster.KeyCharacteristics;
import android.security.keymaster.KeymasterDefs;
import android.security.keystore.KeyInfo;
import android.security.keystore.KeyProperties;
import libcore.util.EmptyArray;
@@ -39,7 +39,7 @@ import javax.crypto.spec.SecretKeySpec;
*
* @hide
*/
public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi {
public class AndroidKeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi {
private final KeyStore mKeyStore = KeyStore.getInstance();
@@ -49,7 +49,7 @@ public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi {
if (keySpecClass == null) {
throw new InvalidKeySpecException("keySpecClass == null");
}
if (!(key instanceof KeyStoreSecretKey)) {
if (!(key instanceof AndroidKeyStoreSecretKey)) {
throw new InvalidKeySpecException("Only Android KeyStore secret keys supported: " +
((key != null) ? key.getClass().getName() : "null"));
}
@@ -60,7 +60,7 @@ public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi {
if (!KeyInfo.class.equals(keySpecClass)) {
throw new InvalidKeySpecException("Unsupported key spec: " + keySpecClass.getName());
}
String keyAliasInKeystore = ((KeyStoreSecretKey) key).getAlias();
String keyAliasInKeystore = ((AndroidKeyStoreSecretKey) key).getAlias();
String entryAlias;
if (keyAliasInKeystore.startsWith(Credentials.USER_SECRET_KEY)) {
entryAlias = keyAliasInKeystore.substring(Credentials.USER_SECRET_KEY.length());

12
keystore/java/android/security/AndroidKeyStore.java → keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
View File

@@ -14,13 +14,15 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import com.android.org.conscrypt.OpenSSLEngine;
import com.android.org.conscrypt.OpenSSLKeyHolder;
import libcore.util.EmptyArray;
import android.security.Credentials;
import android.security.KeyStoreParameter;
import android.security.keymaster.KeyCharacteristics;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.KeymasterDefs;
@@ -81,7 +83,7 @@ import javax.crypto.SecretKey;
*
* @hide
*/
public class AndroidKeyStore extends KeyStoreSpi {
public class AndroidKeyStoreSpi extends KeyStoreSpi {
public static final String NAME = "AndroidKeyStore";
private android.security.KeyStore mKeyStore;
@@ -140,7 +142,7 @@ public class AndroidKeyStore extends KeyStoreSpi {
new UnrecoverableKeyException("Unsupported secret key type").initCause(e);
}
return new KeyStoreSecretKey(keyAliasInKeystore, keyAlgorithmString);
return new AndroidKeyStoreSecretKey(keyAliasInKeystore, keyAlgorithmString);
}
return null;
@@ -476,10 +478,10 @@ public class AndroidKeyStore extends KeyStoreSpi {
}
KeyProtection params = (KeyProtection) param;
if (key instanceof KeyStoreSecretKey) {
if (key instanceof AndroidKeyStoreSecretKey) {
// KeyStore-backed secret key. It cannot be duplicated into another entry and cannot
// overwrite its own entry.
String keyAliasInKeystore = ((KeyStoreSecretKey) key).getAlias();
String keyAliasInKeystore = ((AndroidKeyStoreSecretKey) key).getAlias();
if (keyAliasInKeystore == null) {
throw new KeyStoreException("KeyStore-backed secret key does not have an alias");
}

18
keystore/java/android/security/ArrayUtils.java → keystore/java/android/security/keystore/ArrayUtils.java
View File

@@ -1,4 +1,20 @@
package android.security;
/*
* Copyright (C) 2015 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keystore;
import libcore.util.EmptyArray;

1
keystore/java/android/security/keystore/KeyGenParameterSpec.java
View File

@@ -21,7 +21,6 @@ import android.annotation.IntRange;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.text.TextUtils;
import android.security.ArrayUtils;
import android.security.KeyStore;
import java.math.BigInteger;

1
keystore/java/android/security/keystore/KeyInfo.java
View File

@@ -18,7 +18,6 @@ package android.security.keystore;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.security.ArrayUtils;
import java.security.PrivateKey;
import java.security.spec.KeySpec;

2
keystore/java/android/security/keystore/KeyProtection.java
View File

@@ -20,8 +20,6 @@ import android.annotation.IntRange;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.app.KeyguardManager;
import android.content.Context;
import android.security.ArrayUtils;
import android.security.KeyStore;
import java.security.Key;

2
keystore/java/android/security/KeyStoreConnectException.java → keystore/java/android/security/keystore/KeyStoreConnectException.java
View File

@@ -14,7 +14,7 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import java.security.ProviderException;

4
keystore/java/android/security/KeyStoreCryptoOperation.java → keystore/java/android/security/keystore/KeyStoreCryptoOperation.java
View File

@@ -14,7 +14,9 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.security.KeyStore;
/**
* Cryptographic operation backed by {@link KeyStore}.

4
keystore/java/android/security/KeyStoreCryptoOperationChunkedStreamer.java → keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java
View File

@@ -14,9 +14,11 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.os.IBinder;
import android.security.KeyStore;
import android.security.KeyStoreException;
import android.security.keymaster.OperationResult;
import libcore.util.EmptyArray;

10
keystore/java/android/security/KeyStoreCryptoOperationUtils.java → keystore/java/android/security/keystore/KeyStoreCryptoOperationUtils.java
View File

@@ -14,10 +14,10 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.security.KeyStore;
import android.security.keymaster.KeymasterDefs;
import android.security.keystore.UserNotAuthenticatedException;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
@@ -41,7 +41,7 @@ abstract class KeyStoreCryptoOperationUtils {
* the {@code init} method should succeed.
*/
static InvalidKeyException getInvalidKeyExceptionForInit(
KeyStore keyStore, KeyStoreKey key, int beginOpResultCode) {
KeyStore keyStore, AndroidKeyStoreKey key, int beginOpResultCode) {
if (beginOpResultCode == KeyStore.NO_ERROR) {
return null;
}
@@ -69,8 +69,8 @@ abstract class KeyStoreCryptoOperationUtils {
* in response to {@code KeyStore.begin} operation or {@code null} if the {@code init} method
* should succeed.
*/
static GeneralSecurityException getExceptionForCipherInit(
KeyStore keyStore, KeyStoreKey key, int beginOpResultCode) {
public static GeneralSecurityException getExceptionForCipherInit(
KeyStore keyStore, AndroidKeyStoreKey key, int beginOpResultCode) {
if (beginOpResultCode == KeyStore.NO_ERROR) {
return null;
}

4
keystore/java/android/security/KeymasterUtils.java → keystore/java/android/security/keystore/KeymasterUtils.java
View File

@@ -14,9 +14,11 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.hardware.fingerprint.FingerprintManager;
import android.security.GateKeeper;
import android.security.KeyStore;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.KeymasterDefs;

4
keystore/tests/src/android/security/AndroidKeyPairGeneratorTest.java → keystore/tests/src/android/security/keystore/AndroidKeyPairGeneratorTest.java
View File

@@ -14,8 +14,10 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import android.security.Credentials;
import android.security.KeyPairGeneratorSpec;
import android.test.AndroidTestCase;
import java.io.ByteArrayInputStream;

9
keystore/tests/src/android/security/AndroidKeyStoreTest.java → keystore/tests/src/android/security/keystore/AndroidKeyStoreTest.java
View File

@@ -14,13 +14,16 @@
* limitations under the License.
*/
package android.security;
package android.security.keystore;
import com.android.org.bouncycastle.x509.X509V3CertificateGenerator;
import com.android.org.conscrypt.NativeConstants;
import com.android.org.conscrypt.OpenSSLEngine;
import android.security.Credentials;
import android.security.KeyStore;
import android.security.KeyStoreParameter;
import android.test.AndroidTestCase;
import java.io.ByteArrayInputStream;
@@ -1319,9 +1322,9 @@ public class AndroidKeyStoreTest extends AndroidTestCase {
}
public void testKeyStore_GetType_Encrypted_Success() throws Exception {
assertEquals(AndroidKeyStore.NAME, mKeyStore.getType());
assertEquals(AndroidKeyStoreSpi.NAME, mKeyStore.getType());
setupPassword();
assertEquals(AndroidKeyStore.NAME, mKeyStore.getType());
assertEquals(AndroidKeyStoreSpi.NAME, mKeyStore.getType());
}
public void testKeyStore_IsCertificateEntry_CA_Encrypted_Success() throws Exception {

4
preloaded-classes
View File

@@ -1152,8 +1152,8 @@ android.provider.Settings$SettingNotFoundException
android.provider.Settings$System
android.provider.Telephony$Mms
android.renderscript.RenderScript
android.security.AndroidKeyStoreBCWorkaroundProvider
android.security.AndroidKeyStoreProvider
android.security.keystore.AndroidKeyStoreBCWorkaroundProvider
android.security.keystore.AndroidKeyStoreProvider
android.speech.tts.TextToSpeechService
android.speech.tts.TextToSpeechService$SpeechItemV1
android.speech.tts.TextToSpeechService$SynthesisSpeechItemV1