Merge "Remove "encrypt at rest" flag from new AndroidKeyStore API." into mnc-dev
This commit is contained in:
Alex Klyubin
@@ -28421,7 +28421,6 @@ package android.security.keystore {
|
||||
method public java.lang.String[] getSignaturePaddings();
|
||||
method public int getUserAuthenticationValidityDurationSeconds();
|
||||
method public boolean isDigestsSpecified();
|
||||
method public boolean isEncryptionAtRestRequired();
|
||||
method public boolean isRandomizedEncryptionRequired();
|
||||
method public boolean isUserAuthenticationRequired();
|
||||
}
|
||||
@@ -28436,7 +28435,6 @@ package android.security.keystore {
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSerialNumber(java.math.BigInteger);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionAtRestRequired(boolean);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);
|
||||
@@ -28525,7 +28523,6 @@ package android.security.keystore {
|
||||
method public java.lang.String[] getSignaturePaddings();
|
||||
method public int getUserAuthenticationValidityDurationSeconds();
|
||||
method public boolean isDigestsSpecified();
|
||||
method public boolean isEncryptionAtRestRequired();
|
||||
method public boolean isRandomizedEncryptionRequired();
|
||||
method public boolean isUserAuthenticationRequired();
|
||||
}
|
||||
@@ -28535,7 +28532,6 @@ package android.security.keystore {
|
||||
method public android.security.keystore.KeyProtection build();
|
||||
method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);
|
||||
method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);
|
||||
method public android.security.keystore.KeyProtection.Builder setEncryptionAtRestRequired(boolean);
|
||||
method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);
|
||||
method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);
|
||||
method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);
|
||||
|
||||
@@ -30449,7 +30449,6 @@ package android.security.keystore {
|
||||
method public java.lang.String[] getSignaturePaddings();
|
||||
method public int getUserAuthenticationValidityDurationSeconds();
|
||||
method public boolean isDigestsSpecified();
|
||||
method public boolean isEncryptionAtRestRequired();
|
||||
method public boolean isRandomizedEncryptionRequired();
|
||||
method public boolean isUserAuthenticationRequired();
|
||||
}
|
||||
@@ -30464,7 +30463,6 @@ package android.security.keystore {
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSerialNumber(java.math.BigInteger);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionAtRestRequired(boolean);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);
|
||||
method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);
|
||||
@@ -30553,7 +30551,6 @@ package android.security.keystore {
|
||||
method public java.lang.String[] getSignaturePaddings();
|
||||
method public int getUserAuthenticationValidityDurationSeconds();
|
||||
method public boolean isDigestsSpecified();
|
||||
method public boolean isEncryptionAtRestRequired();
|
||||
method public boolean isRandomizedEncryptionRequired();
|
||||
method public boolean isUserAuthenticationRequired();
|
||||
}
|
||||
@@ -30563,7 +30560,6 @@ package android.security.keystore {
|
||||
method public android.security.keystore.KeyProtection build();
|
||||
method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);
|
||||
method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);
|
||||
method public android.security.keystore.KeyProtection.Builder setEncryptionAtRestRequired(boolean);
|
||||
method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);
|
||||
method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);
|
||||
method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);
|
||||
|
||||
@@ -89,6 +89,7 @@ public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
|
||||
private KeyStore mKeyStore;
|
||||
|
||||
private KeyGenParameterSpec mSpec;
|
||||
private boolean mEncryptionAtRestRequired;
|
||||
private @KeyProperties.KeyAlgorithmEnum String mKeyAlgorithm;
|
||||
private int mKeyType;
|
||||
private int mKeySize;
|
||||
@@ -123,7 +124,7 @@ public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
|
||||
|
||||
}
|
||||
|
||||
final int flags = mSpec.getFlags();
|
||||
final int flags = (mEncryptionAtRestRequired) ? KeyStore.FLAG_ENCRYPTED : 0;
|
||||
if (((flags & KeyStore.FLAG_ENCRYPTED) != 0)
|
||||
&& (mKeyStore.state() != KeyStore.State.UNLOCKED)) {
|
||||
throw new IllegalStateException(
|
||||
@@ -296,6 +297,7 @@ public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
|
||||
|
||||
String keyAlgorithm;
|
||||
KeyGenParameterSpec spec;
|
||||
boolean encryptionAtRestRequired = false;
|
||||
if (params instanceof KeyPairGeneratorSpec) {
|
||||
KeyPairGeneratorSpec legacySpec = (KeyPairGeneratorSpec) params;
|
||||
try {
|
||||
@@ -353,7 +355,7 @@ public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
|
||||
specBuilder.setCertificateSerialNumber(legacySpec.getSerialNumber());
|
||||
specBuilder.setCertificateNotBefore(legacySpec.getStartDate());
|
||||
specBuilder.setCertificateNotAfter(legacySpec.getEndDate());
|
||||
specBuilder.setEncryptionAtRestRequired(legacySpec.isEncryptionRequired());
|
||||
encryptionAtRestRequired = legacySpec.isEncryptionRequired();
|
||||
specBuilder.setUserAuthenticationRequired(false);
|
||||
|
||||
spec = specBuilder.build();
|
||||
@@ -390,6 +392,7 @@ public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
|
||||
mKeyType = keyType;
|
||||
mKeySize = keySize;
|
||||
mSpec = spec;
|
||||
mEncryptionAtRestRequired = encryptionAtRestRequired;
|
||||
mKeyStore = KeyStore.getInstance();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -264,13 +264,6 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
|
||||
throw new IllegalStateException("Not initialized");
|
||||
}
|
||||
|
||||
if ((spec.isEncryptionAtRestRequired())
|
||||
&& (mKeyStore.state() != KeyStore.State.UNLOCKED)) {
|
||||
throw new IllegalStateException(
|
||||
"Requested to import a key which must be encrypted at rest using secure lock"
|
||||
+ " screen credential, but the credential hasn't yet been entered by the user");
|
||||
}
|
||||
|
||||
KeymasterArguments args = new KeymasterArguments();
|
||||
args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, mKeySizeBits);
|
||||
args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, mKeymasterAlgorithm);
|
||||
@@ -300,7 +293,7 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
|
||||
byte[] additionalEntropy =
|
||||
KeyStoreCryptoOperationUtils.getRandomBytesToMixIntoKeystoreRng(
|
||||
mRng, (mKeySizeBits + 7) / 8);
|
||||
int flags = spec.getFlags();
|
||||
int flags = 0;
|
||||
String keyAliasInKeystore = Credentials.USER_SECRET_KEY + spec.getKeystoreAlias();
|
||||
KeyCharacteristics resultingKeyCharacteristics = new KeyCharacteristics();
|
||||
int errorCode = mKeyStore.generateKey(
|
||||
|
||||
@@ -274,6 +274,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
|
||||
|
||||
private void setPrivateKeyEntry(String alias, PrivateKey key, Certificate[] chain,
|
||||
java.security.KeyStore.ProtectionParameter param) throws KeyStoreException {
|
||||
int flags = 0;
|
||||
KeyProtection spec;
|
||||
if (param instanceof KeyStoreParameter) {
|
||||
KeyStoreParameter legacySpec = (KeyStoreParameter) param;
|
||||
@@ -319,7 +320,9 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
|
||||
} else {
|
||||
throw new KeyStoreException("Unsupported key algorithm: " + keyAlgorithm);
|
||||
}
|
||||
specBuilder.setEncryptionAtRestRequired(legacySpec.isEncryptionRequired());
|
||||
if (legacySpec.isEncryptionRequired()) {
|
||||
flags = android.security.KeyStore.FLAG_ENCRYPTED;
|
||||
}
|
||||
specBuilder.setUserAuthenticationRequired(false);
|
||||
|
||||
spec = specBuilder.build();
|
||||
@@ -449,8 +452,6 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
|
||||
Credentials.deleteSecretKeyTypeForAlias(mKeyStore, alias);
|
||||
}
|
||||
|
||||
final int flags = (spec == null) ? 0 : spec.getFlags();
|
||||
|
||||
if (shouldReplacePrivateKey
|
||||
&& !mKeyStore.importKey(Credentials.USER_PRIVATE_KEY + alias, keyBytes,
|
||||
android.security.KeyStore.UID_SELF, flags)) {
|
||||
@@ -636,7 +637,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
|
||||
args,
|
||||
KeymasterDefs.KM_KEY_FORMAT_RAW,
|
||||
keyMaterial,
|
||||
params.getFlags(),
|
||||
0, // flags
|
||||
new KeyCharacteristics());
|
||||
if (errorCode != android.security.KeyStore.NO_ERROR) {
|
||||
throw new KeyStoreException("Failed to import secret key. Keystore error code: "
|
||||
|
||||
@@ -16,12 +16,10 @@
|
||||
|
||||
package android.security.keystore;
|
||||
|
||||
import android.app.KeyguardManager;
|
||||
import android.annotation.IntRange;
|
||||
import android.annotation.NonNull;
|
||||
import android.annotation.Nullable;
|
||||
import android.text.TextUtils;
|
||||
import android.security.KeyStore;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.KeyPairGenerator;
|
||||
@@ -37,8 +35,8 @@ import javax.security.auth.x500.X500Principal;
|
||||
* {@link AlgorithmParameterSpec} for initializing a {@link KeyPairGenerator} or a
|
||||
* {@link KeyGenerator} of the <a href="{@docRoot}training/articles/keystore.html">Android Keystore
|
||||
* system</a>. The spec determines whether user authentication is required for using the key, what
|
||||
* uses the key is authorized for (e.g., only for signing -- decryption not permitted), whether the
|
||||
* key should be encrypted at rest, the key's and validity start and end dates.
|
||||
* uses the key is authorized for (e.g., only for signing -- decryption not permitted), the key's
|
||||
* validity start and end dates.
|
||||
*
|
||||
* <p>To generate an asymmetric key pair or a symmetric key, create an instance of this class using
|
||||
* the {@link Builder}, initialize a {@code KeyPairGenerator} or a {@code KeyGenerator} of the
|
||||
@@ -127,7 +125,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
|
||||
private final BigInteger mCertificateSerialNumber;
|
||||
private final Date mCertificateNotBefore;
|
||||
private final Date mCertificateNotAfter;
|
||||
private final int mFlags;
|
||||
private final Date mKeyValidityStart;
|
||||
private final Date mKeyValidityForOriginationEnd;
|
||||
private final Date mKeyValidityForConsumptionEnd;
|
||||
@@ -151,7 +148,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
|
||||
BigInteger certificateSerialNumber,
|
||||
Date certificateNotBefore,
|
||||
Date certificateNotAfter,
|
||||
int flags,
|
||||
Date keyValidityStart,
|
||||
Date keyValidityForOriginationEnd,
|
||||
Date keyValidityForConsumptionEnd,
|
||||
@@ -195,7 +191,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
|
||||
mCertificateSerialNumber = certificateSerialNumber;
|
||||
mCertificateNotBefore = certificateNotBefore;
|
||||
mCertificateNotAfter = certificateNotAfter;
|
||||
mFlags = flags;
|
||||
mKeyValidityStart = keyValidityStart;
|
||||
mKeyValidityForOriginationEnd = keyValidityForOriginationEnd;
|
||||
mKeyValidityForConsumptionEnd = keyValidityForConsumptionEnd;
|
||||
@@ -270,29 +265,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
|
||||
return mCertificateNotAfter;
|
||||
}
|
||||
|
||||
/**
|
||||
* @hide
|
||||
*/
|
||||
public int getFlags() {
|
||||
return mFlags;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns {@code true} if the key must be encrypted at rest. This will protect the key with the
|
||||
* secure lock screen credential (e.g., password, PIN, or pattern).
|
||||
*
|
||||
* <p>Note that encrypting the key at rest requires that the secure lock screen (e.g., password,
|
||||
* PIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be
|
||||
* deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device
|
||||
* Administrator). Finally, this key cannot be used until the user unlocks the secure lock
|
||||
* screen after boot.
|
||||
*
|
||||
* @see KeyguardManager#isDeviceSecure()
|
||||
*/
|
||||
public boolean isEncryptionAtRestRequired() {
|
||||
return (mFlags & KeyStore.FLAG_ENCRYPTED) != 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the time instant before which the key is not yet valid or {@code null} if not
|
||||
* restricted.
|
||||
@@ -450,7 +422,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
|
||||
private BigInteger mCertificateSerialNumber;
|
||||
private Date mCertificateNotBefore;
|
||||
private Date mCertificateNotAfter;
|
||||
private int mFlags;
|
||||
private Date mKeyValidityStart;
|
||||
private Date mKeyValidityForOriginationEnd;
|
||||
private Date mKeyValidityForConsumptionEnd;
|
||||
@@ -575,28 +546,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets whether this key pair or key must be encrypted at rest. This will protect the key
|
||||
* pair or key with the secure lock screen credential (e.g., password, PIN, or pattern).
|
||||
*
|
||||
* <p>Note that enabling this feature requires that the secure lock screen (e.g., password,
|
||||
* PIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be
|
||||
* deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device
|
||||
* Administrator). Finally, this key cannot be used until the user unlocks the secure lock
|
||||
* screen after boot.
|
||||
*
|
||||
* @see KeyguardManager#isDeviceSecure()
|
||||
*/
|
||||
@NonNull
|
||||
public Builder setEncryptionAtRestRequired(boolean required) {
|
||||
if (required) {
|
||||
mFlags |= KeyStore.FLAG_ENCRYPTED;
|
||||
} else {
|
||||
mFlags &= ~KeyStore.FLAG_ENCRYPTED;
|
||||
}
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the time instant before which the key is not yet valid.
|
||||
*
|
||||
@@ -839,7 +788,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
|
||||
mCertificateSerialNumber,
|
||||
mCertificateNotBefore,
|
||||
mCertificateNotAfter,
|
||||
mFlags,
|
||||
mKeyValidityStart,
|
||||
mKeyValidityForOriginationEnd,
|
||||
mKeyValidityForConsumptionEnd,
|
||||
|
||||
@@ -19,8 +19,6 @@ package android.security.keystore;
|
||||
import android.annotation.IntRange;
|
||||
import android.annotation.NonNull;
|
||||
import android.annotation.Nullable;
|
||||
import android.app.KeyguardManager;
|
||||
import android.security.KeyStore;
|
||||
|
||||
import java.security.Key;
|
||||
import java.security.KeyStore.ProtectionParameter;
|
||||
@@ -34,8 +32,7 @@ import javax.crypto.Cipher;
|
||||
* <a href="{@docRoot}training/articles/keystore.html">Android KeyStore facility</a>. This class
|
||||
* specifies parameters such as whether user authentication is required for using the key, what uses
|
||||
* the key is authorized for (e.g., only in {@code CTR} mode, or only for signing -- decryption not
|
||||
* permitted), whether the key should be encrypted at rest, the key's and validity start and end
|
||||
* dates.
|
||||
* permitted), the key's and validity start and end dates.
|
||||
*
|
||||
* <p>To import a key or key pair into the Android KeyStore, create an instance of this class using
|
||||
* the {@link Builder} and pass the instance into {@link java.security.KeyStore#setEntry(String, java.security.KeyStore.Entry, ProtectionParameter) KeyStore.setEntry}
|
||||
@@ -101,7 +98,6 @@ import javax.crypto.Cipher;
|
||||
* }</pre>
|
||||
*/
|
||||
public final class KeyProtection implements ProtectionParameter {
|
||||
private final int mFlags;
|
||||
private final Date mKeyValidityStart;
|
||||
private final Date mKeyValidityForOriginationEnd;
|
||||
private final Date mKeyValidityForConsumptionEnd;
|
||||
@@ -115,7 +111,6 @@ public final class KeyProtection implements ProtectionParameter {
|
||||
private final int mUserAuthenticationValidityDurationSeconds;
|
||||
|
||||
private KeyProtection(
|
||||
int flags,
|
||||
Date keyValidityStart,
|
||||
Date keyValidityForOriginationEnd,
|
||||
Date keyValidityForConsumptionEnd,
|
||||
@@ -133,7 +128,6 @@ public final class KeyProtection implements ProtectionParameter {
|
||||
"userAuthenticationValidityDurationSeconds must not be negative");
|
||||
}
|
||||
|
||||
mFlags = flags;
|
||||
mKeyValidityStart = keyValidityStart;
|
||||
mKeyValidityForOriginationEnd = keyValidityForOriginationEnd;
|
||||
mKeyValidityForConsumptionEnd = keyValidityForConsumptionEnd;
|
||||
@@ -149,22 +143,6 @@ public final class KeyProtection implements ProtectionParameter {
|
||||
mUserAuthenticationValidityDurationSeconds = userAuthenticationValidityDurationSeconds;
|
||||
}
|
||||
|
||||
/**
|
||||
* @hide
|
||||
*/
|
||||
public int getFlags() {
|
||||
return mFlags;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns {@code true} if the {@link java.security.KeyStore} entry must be encrypted at rest.
|
||||
* This will protect the entry with the secure lock screen credential (e.g., password, PIN, or
|
||||
* pattern).
|
||||
*/
|
||||
public boolean isEncryptionAtRestRequired() {
|
||||
return (mFlags & KeyStore.FLAG_ENCRYPTED) != 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the time instant before which the key is not yet valid.
|
||||
*
|
||||
@@ -310,7 +288,6 @@ public final class KeyProtection implements ProtectionParameter {
|
||||
public final static class Builder {
|
||||
private @KeyProperties.PurposeEnum int mPurposes;
|
||||
|
||||
private int mFlags;
|
||||
private Date mKeyValidityStart;
|
||||
private Date mKeyValidityForOriginationEnd;
|
||||
private Date mKeyValidityForConsumptionEnd;
|
||||
@@ -337,29 +314,6 @@ public final class KeyProtection implements ProtectionParameter {
|
||||
mPurposes = purposes;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets whether this {@link java.security.KeyStore} entry must be encrypted at rest.
|
||||
* Encryption at rest will protect the entry with the secure lock screen credential (e.g.,
|
||||
* password, PIN, or pattern).
|
||||
*
|
||||
* <p>Note that enabling this feature requires that the secure lock screen (e.g., password,
|
||||
* PIN, pattern) is set up, otherwise setting the {@code KeyStore} entry will fail.
|
||||
* Moreover, this entry will be deleted when the secure lock screen is disabled or reset
|
||||
* (e.g., by the user or a Device Administrator). Finally, this entry cannot be used until
|
||||
* the user unlocks the secure lock screen after boot.
|
||||
*
|
||||
* @see KeyguardManager#isDeviceSecure()
|
||||
*/
|
||||
@NonNull
|
||||
public Builder setEncryptionAtRestRequired(boolean required) {
|
||||
if (required) {
|
||||
mFlags |= KeyStore.FLAG_ENCRYPTED;
|
||||
} else {
|
||||
mFlags &= ~KeyStore.FLAG_ENCRYPTED;
|
||||
}
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the time instant before which the key is not yet valid.
|
||||
*
|
||||
@@ -589,7 +543,6 @@ public final class KeyProtection implements ProtectionParameter {
|
||||
@NonNull
|
||||
public KeyProtection build() {
|
||||
return new KeyProtection(
|
||||
mFlags,
|
||||
mKeyValidityStart,
|
||||
mKeyValidityForOriginationEnd,
|
||||
mKeyValidityForConsumptionEnd,
|
||||
|
||||
Reference in New Issue
Block a user