852c8f121f
This is the crux of the Verified Access feature implementation: Adding the ability to generate KeyChain keys directly by the secure hardware, rather than installing software-generated keys into KeyChain. Add generateKeyPair to the DevicePolicyManager, which delegates key generation (via the DevicePolicyManagerService) to the KeyChainService. Design highlights: * The key generation is delegated via the DevicePolicyManagerService to check that only authorized callers request key generation in KeyChain. * KeyChainService performs the actual key generation so it owns the key in Keystore outright. * DevicePolicyManagerService then grants the calling app access to the Keystore key, so it can actually be used. * Loading the public/private key pair, as well as attestation certificate chain, is done in the client code (DevicePolicyManager) to save parceling / unparceling those objects across process boundaries twice (for no good reason). NOTE: The key attestation functionality (that includes Device ID) is missing/untested. Will be added in a follow-up CL as this one is quite big already. HIGHLIGHT FOR REVIEWERS: * API: New API in DevicePolicyManager. Bug: 63388672 Test: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG; adb shell am instrument 'android.security.tests/android.support.test.runner.AndroidJUnitRunner' (After building the KeystoreTests target and installing the apk) Change-Id: I73762c9123f32a94d454ba4f8b533883b55c44cc
57 lines
2.1 KiB
Plaintext
57 lines
2.1 KiB
Plaintext
/*
|
|
* Copyright (C) 2011 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
package android.security;
|
|
|
|
import android.content.pm.StringParceledListSlice;
|
|
import android.security.keystore.ParcelableKeyGenParameterSpec;
|
|
|
|
/**
|
|
* Caller is required to ensure that {@link KeyStore#unlock
|
|
* KeyStore.unlock} was successful.
|
|
*
|
|
* @hide
|
|
*/
|
|
interface IKeyChainService {
|
|
// APIs used by KeyChain
|
|
String requestPrivateKey(String alias);
|
|
byte[] getCertificate(String alias);
|
|
byte[] getCaCertificates(String alias);
|
|
boolean isUserSelectable(String alias);
|
|
void setUserSelectable(String alias, boolean isUserSelectable);
|
|
|
|
boolean generateKeyPair(in String algorithm, in ParcelableKeyGenParameterSpec spec);
|
|
|
|
// APIs used by CertInstaller and DevicePolicyManager
|
|
String installCaCertificate(in byte[] caCertificate);
|
|
|
|
// APIs used by DevicePolicyManager
|
|
boolean installKeyPair(in byte[] privateKey, in byte[] userCert, in byte[] certChain, String alias);
|
|
boolean removeKeyPair(String alias);
|
|
|
|
// APIs used by Settings
|
|
boolean deleteCaCertificate(String alias);
|
|
boolean reset();
|
|
StringParceledListSlice getUserCaAliases();
|
|
StringParceledListSlice getSystemCaAliases();
|
|
boolean containsCaAlias(String alias);
|
|
byte[] getEncodedCaCertificate(String alias, boolean includeDeletedSystem);
|
|
List<String> getCaCertificateChainAliases(String rootAlias, boolean includeDeletedSystem);
|
|
|
|
// APIs used by KeyChainActivity
|
|
void setGrant(int uid, String alias, boolean value);
|
|
boolean hasGrant(int uid, String alias);
|
|
}
|