Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 291bd32c9e547a5862d28f3a68ed2f514ccfbd86 / . / core / java / android / security / keystore / recovery / WrappedApplicationKey.java
blob: df9766d8484321755d080952e4ce4fb033b5bd89 [file] [log] [blame]
Robert Berry81ee34b2018-01-23 11:59:59 +0000[diff] [blame]1/*
Robert Berry291bd322018-02-25 22:19:08 +0000[diff] [blame^]2 * Copyright (C) 2018 The Android Open Source Project
Robert Berry81ee34b2018-01-23 11:59:59 +0000[diff] [blame]3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package android.security.keystore.recovery;
18
19import android.annotation.NonNull;
Dmitry Dementyevf8ae5de2018-01-08 18:08:23 -0800[diff] [blame]20import android.annotation.SystemApi;
Robert Berry81ee34b2018-01-23 11:59:59 +0000[diff] [blame]21import android.os.Parcel;
22import android.os.Parcelable;
23
24import com.android.internal.util.Preconditions;
25
26/**
27 * Helper class with data necessary recover a single application key, given a recovery key.
28 *
29 * <ul>
30 * <li>Alias - Keystore alias of the key.
31 * <li>Encrypted key material.
32 * </ul>
33 *
34 * Note that Application info is not included. Recovery Agent can only make its own keys
35 * recoverable.
36 *
37 * @hide
38 */
Dmitry Dementyevf8ae5de2018-01-08 18:08:23 -0800[diff] [blame]39@SystemApi
Robert Berry81ee34b2018-01-23 11:59:59 +0000[diff] [blame]40public final class WrappedApplicationKey implements Parcelable {
41 private String mAlias;
42 // The only supported format is AES-256 symmetric key.
43 private byte[] mEncryptedKeyMaterial;
44
45 /**
46 * Builder for creating {@link WrappedApplicationKey}.
47 */
48 public static class Builder {
Dmitry Dementyev0916e7c2018-01-23 13:02:08 -0800[diff] [blame]49 private WrappedApplicationKey mInstance = new WrappedApplicationKey();
Robert Berry81ee34b2018-01-23 11:59:59 +0000[diff] [blame]50
51 /**
52 * Sets Application-specific alias of the key.
53 *
54 * @param alias The alias.
55 * @return This builder.
56 */
57 public Builder setAlias(@NonNull String alias) {
58 mInstance.mAlias = alias;
59 return this;
60 }
61
62 /**
Robert Berry291bd322018-02-25 22:19:08 +0000[diff] [blame^]63 * @deprecated AOSP does not associate keys with accounts. This may be done by system app.
64 * @removed
Dmitry Dementyev0916e7c2018-01-23 13:02:08 -0800[diff] [blame]65 */
Robert Berry291bd322018-02-25 22:19:08 +0000[diff] [blame^]66 @Deprecated
Dmitry Dementyev0916e7c2018-01-23 13:02:08 -0800[diff] [blame]67 public Builder setAccount(@NonNull byte[] account) {
Dmitry Dementyev0916e7c2018-01-23 13:02:08 -0800[diff] [blame]68 return this;
69 }
70
71 /**
Robert Berry81ee34b2018-01-23 11:59:59 +0000[diff] [blame]72 * Sets key material encrypted by recovery key.
73 *
74 * @param encryptedKeyMaterial The key material
75 * @return This builder
76 */
77
78 public Builder setEncryptedKeyMaterial(@NonNull byte[] encryptedKeyMaterial) {
79 mInstance.mEncryptedKeyMaterial = encryptedKeyMaterial;
80 return this;
81 }
82
83 /**
84 * Creates a new {@link WrappedApplicationKey} instance.
85 *
86 * @return new instance
87 * @throws NullPointerException if some required fields were not set.
88 */
89 @NonNull public WrappedApplicationKey build() {
90 Preconditions.checkNotNull(mInstance.mAlias);
91 Preconditions.checkNotNull(mInstance.mEncryptedKeyMaterial);
92 return mInstance;
93 }
94 }
95
Robert Berry291bd322018-02-25 22:19:08 +0000[diff] [blame^]96 private WrappedApplicationKey() { }
Robert Berry81ee34b2018-01-23 11:59:59 +0000[diff] [blame]97
98 /**
99 * Deprecated - consider using Builder.
100 * @hide
101 */
102 public WrappedApplicationKey(@NonNull String alias, @NonNull byte[] encryptedKeyMaterial) {
103 mAlias = Preconditions.checkNotNull(alias);
104 mEncryptedKeyMaterial = Preconditions.checkNotNull(encryptedKeyMaterial);
105 }
106
107 /**
108 * Application-specific alias of the key.
109 *
110 * @see java.security.KeyStore.aliases
111 */
112 public @NonNull String getAlias() {
113 return mAlias;
114 }
115
116 /** Key material encrypted by recovery key. */
117 public @NonNull byte[] getEncryptedKeyMaterial() {
118 return mEncryptedKeyMaterial;
119 }
120
Robert Berry291bd322018-02-25 22:19:08 +0000[diff] [blame^]121 /**
122 * @deprecated AOSP does not associate keys with accounts. This may be done by system app.
123 * @removed
124 */
125 @Deprecated
Dmitry Dementyev0916e7c2018-01-23 13:02:08 -0800[diff] [blame]126 public @NonNull byte[] getAccount() {
Robert Berry291bd322018-02-25 22:19:08 +0000[diff] [blame^]127 return new byte[0];
Dmitry Dementyev0916e7c2018-01-23 13:02:08 -0800[diff] [blame]128 }
129
130 public static final Parcelable.Creator<WrappedApplicationKey> CREATOR =
131 new Parcelable.Creator<WrappedApplicationKey>() {
Robert Berry81ee34b2018-01-23 11:59:59 +0000[diff] [blame]132 public WrappedApplicationKey createFromParcel(Parcel in) {
133 return new WrappedApplicationKey(in);
134 }
135
136 public WrappedApplicationKey[] newArray(int length) {
137 return new WrappedApplicationKey[length];
138 }
139 };
140
Robert Berry81ee34b2018-01-23 11:59:59 +0000[diff] [blame]141 @Override
142 public void writeToParcel(Parcel out, int flags) {
143 out.writeString(mAlias);
144 out.writeByteArray(mEncryptedKeyMaterial);
145 }
146
147 /**
148 * @hide
149 */
150 protected WrappedApplicationKey(Parcel in) {
151 mAlias = in.readString();
152 mEncryptedKeyMaterial = in.createByteArray();
Robert Berry81ee34b2018-01-23 11:59:59 +0000[diff] [blame]153 }
154
155 @Override
156 public int describeContents() {
157 return 0;
158 }
159}