Blame - keystore/java/android/security/keystore/ParcelableKeyGenParameterSpec.java - platform/frameworks/base

Eran Messeri

852c8f1

2017-11-15 05:55:52 +0000

[diff] [blame]

/*

*

* Licensed under the Apache License, Version 2.0 (the "License");

5

* you may not use this file except in compliance with the License.

6

* You may obtain a copy of the License at

7

*

8

* http://www.apache.org/licenses/LICENSE-2.0

9

*

10

* Unless required by applicable law or agreed to in writing, software

11

* distributed under the License is distributed on an "AS IS" BASIS,

12

* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

13

* See the License for the specific language governing permissions and

14

* limitations under the License.

15

*/

16

17

package android.security.keystore;

18

19

import android.os.Parcelable;

20

import android.os.Parcel;

21

22

import java.math.BigInteger;

23

import java.security.spec.AlgorithmParameterSpec;

24

import java.security.spec.ECGenParameterSpec;

25

import java.security.spec.RSAKeyGenParameterSpec;

26

import java.util.Date;

27

28

import javax.security.auth.x500.X500Principal;

29

30

/**

31

* A parcelable version of KeyGenParameterSpec

32

* @hide only used for communicating with the DPMS.

33

*/

34

public final class ParcelableKeyGenParameterSpec implements Parcelable {

35

private static final int ALGORITHM_PARAMETER_SPEC_NONE = 1;

36

private static final int ALGORITHM_PARAMETER_SPEC_RSA = 2;

37

private static final int ALGORITHM_PARAMETER_SPEC_EC = 3;

38

39

private final KeyGenParameterSpec mSpec;

40

41

public ParcelableKeyGenParameterSpec(

42

KeyGenParameterSpec spec) {

mSpec = spec;

}

public int describeContents() {

return 0;

}

private static void writeOptionalDate(Parcel out, Date date) {

51

if (date != null) {

52

out.writeBoolean(true);

53

out.writeLong(date.getTime());

54

} else {

55

out.writeBoolean(false);

}

}

public void writeToParcel(Parcel out, int flags) {

60

out.writeString(mSpec.getKeystoreAlias());

61

out.writeInt(mSpec.getPurposes());

62

out.writeInt(mSpec.getUid());

63

out.writeInt(mSpec.getKeySize());

64

65

// Only needs to support RSAKeyGenParameterSpec and ECGenParameterSpec.

66

AlgorithmParameterSpec algoSpec = mSpec.getAlgorithmParameterSpec();

67

if (algoSpec == null) {

68

out.writeInt(ALGORITHM_PARAMETER_SPEC_NONE);

69

} else if (algoSpec instanceof RSAKeyGenParameterSpec) {

70

RSAKeyGenParameterSpec rsaSpec = (RSAKeyGenParameterSpec) algoSpec;

71

out.writeInt(ALGORITHM_PARAMETER_SPEC_RSA);

72

out.writeInt(rsaSpec.getKeysize());

73

out.writeByteArray(rsaSpec.getPublicExponent().toByteArray());

74

} else if (algoSpec instanceof ECGenParameterSpec) {

75

ECGenParameterSpec ecSpec = (ECGenParameterSpec) algoSpec;

76

out.writeInt(ALGORITHM_PARAMETER_SPEC_EC);

77

out.writeString(ecSpec.getName());

78

} else {

79

throw new IllegalArgumentException(

80

String.format("Unknown algorithm parameter spec: %s", algoSpec.getClass()));

81

}

82

out.writeByteArray(mSpec.getCertificateSubject().getEncoded());

83

out.writeByteArray(mSpec.getCertificateSerialNumber().toByteArray());

Eran Messeri

4767054

2017-12-09 21:25:04 +0000

[diff] [blame]

84

out.writeLong(mSpec.getCertificateNotBefore().getTime());

85

out.writeLong(mSpec.getCertificateNotAfter().getTime());

Eran Messeri

852c8f1

2017-11-15 05:55:52 +0000

[diff] [blame]

86

writeOptionalDate(out, mSpec.getKeyValidityStart());

87

writeOptionalDate(out, mSpec.getKeyValidityForOriginationEnd());

88

writeOptionalDate(out, mSpec.getKeyValidityForConsumptionEnd());

Eran Messeri

4767054

2017-12-09 21:25:04 +0000

[diff] [blame]

89

if (mSpec.isDigestsSpecified()) {

90

out.writeStringArray(mSpec.getDigests());

91

} else {

92

out.writeStringArray(null);

93

}

Eran Messeri

852c8f1

2017-11-15 05:55:52 +0000

[diff] [blame]

94

out.writeStringArray(mSpec.getEncryptionPaddings());

95

out.writeStringArray(mSpec.getSignaturePaddings());

96

out.writeStringArray(mSpec.getBlockModes());

97

out.writeBoolean(mSpec.isRandomizedEncryptionRequired());

98

out.writeBoolean(mSpec.isUserAuthenticationRequired());

99

out.writeInt(mSpec.getUserAuthenticationValidityDurationSeconds());

Eran Messeri

5a5c6e0

2018-06-28 11:20:44 +0100

[diff] [blame]

100

out.writeBoolean(mSpec.isUserPresenceRequired());

Eran Messeri

852c8f1

2017-11-15 05:55:52 +0000

[diff] [blame]

101

out.writeByteArray(mSpec.getAttestationChallenge());

102

out.writeBoolean(mSpec.isUniqueIdIncluded());

103

out.writeBoolean(mSpec.isUserAuthenticationValidWhileOnBody());

104

out.writeBoolean(mSpec.isInvalidatedByBiometricEnrollment());

Eran Messeri

5a5c6e0

2018-06-28 11:20:44 +0100

[diff] [blame]

105

out.writeBoolean(mSpec.isStrongBoxBacked());

106

out.writeBoolean(mSpec.isUserConfirmationRequired());

107

out.writeBoolean(mSpec.isUnlockedDeviceRequired());

Eran Messeri

852c8f1

2017-11-15 05:55:52 +0000

[diff] [blame]

108

}

109

110

private static Date readDateOrNull(Parcel in) {

111

boolean hasDate = in.readBoolean();

112

if (hasDate) {

113

return new Date(in.readLong());

} else {

return null;

}

}

private ParcelableKeyGenParameterSpec(Parcel in) {

Eran Messeri

5a5c6e0

2018-06-28 11:20:44 +0100

[diff] [blame]

120

final String keystoreAlias = in.readString();

121

final int purposes = in.readInt();

122

final int uid = in.readInt();

123

final int keySize = in.readInt();

Eran Messeri

852c8f1

2017-11-15 05:55:52 +0000

[diff] [blame]

124

Eran Messeri

5a5c6e0

2018-06-28 11:20:44 +0100

[diff] [blame]

125

final int keySpecType = in.readInt();

Eran Messeri

852c8f1

2017-11-15 05:55:52 +0000

[diff] [blame]

126

AlgorithmParameterSpec algorithmSpec = null;

127

if (keySpecType == ALGORITHM_PARAMETER_SPEC_NONE) {

128

algorithmSpec = null;

129

} else if (keySpecType == ALGORITHM_PARAMETER_SPEC_RSA) {

130

int rsaKeySize = in.readInt();

131

BigInteger publicExponent = new BigInteger(in.createByteArray());

132

algorithmSpec = new RSAKeyGenParameterSpec(rsaKeySize, publicExponent);

133

} else if (keySpecType == ALGORITHM_PARAMETER_SPEC_EC) {

134

String stdName = in.readString();

135

algorithmSpec = new ECGenParameterSpec(stdName);

136

} else {

137

throw new IllegalArgumentException(

Eran Messeri

4767054

2017-12-09 21:25:04 +0000

[diff] [blame]

138

String.format("Unknown algorithm parameter spec: %d", keySpecType));

Eran Messeri

852c8f1

2017-11-15 05:55:52 +0000

[diff] [blame]

139

}

Eran Messeri

5a5c6e0

2018-06-28 11:20:44 +0100

[diff] [blame]

140

141

final X500Principal certificateSubject = new X500Principal(in.createByteArray());

142

final BigInteger certificateSerialNumber = new BigInteger(in.createByteArray());

143

final Date certificateNotBefore = new Date(in.readLong());

144

final Date certificateNotAfter = new Date(in.readLong());

145

final Date keyValidityStartDate = readDateOrNull(in);

146

final Date keyValidityForOriginationEnd = readDateOrNull(in);

147

final Date keyValidityForConsumptionEnd = readDateOrNull(in);

148

final String[] digests = in.createStringArray();

149

final String[] encryptionPaddings = in.createStringArray();

150

final String[] signaturePaddings = in.createStringArray();

151

final String[] blockModes = in.createStringArray();

152

final boolean randomizedEncryptionRequired = in.readBoolean();

153

final boolean userAuthenticationRequired = in.readBoolean();

154

final int userAuthenticationValidityDurationSeconds = in.readInt();

155

final boolean userPresenceRequired = in.readBoolean();

156

final byte[] attestationChallenge = in.createByteArray();

157

final boolean uniqueIdIncluded = in.readBoolean();

158

final boolean userAuthenticationValidWhileOnBody = in.readBoolean();

159

final boolean invalidatedByBiometricEnrollment = in.readBoolean();

160

final boolean isStrongBoxBacked = in.readBoolean();

161

final boolean userConfirmationRequired = in.readBoolean();

162

final boolean unlockedDeviceRequired = in.readBoolean();

163

// The KeyGenParameterSpec is intentionally not constructed using a Builder here:

164

// The intention is for this class to break if new parameters are added to the

165

// KeyGenParameterSpec constructor (whereas using a builder would silently drop them).

166

mSpec = new KeyGenParameterSpec(

keystoreAlias,

uid,

keySize,

algorithmSpec,

certificateSubject,

certificateSerialNumber,

173

certificateNotBefore,

174

certificateNotAfter,

175

keyValidityStartDate,

176

keyValidityForOriginationEnd,

177

keyValidityForConsumptionEnd,

purposes,

digests,

encryptionPaddings,

signaturePaddings,

blockModes,

randomizedEncryptionRequired,

184

userAuthenticationRequired,

185

userAuthenticationValidityDurationSeconds,

186

userPresenceRequired,

187

attestationChallenge,

188

uniqueIdIncluded,

189

userAuthenticationValidWhileOnBody,

190

invalidatedByBiometricEnrollment,

191

isStrongBoxBacked,

192

userConfirmationRequired,

193

unlockedDeviceRequired);

Eran Messeri

852c8f1

2017-11-15 05:55:52 +0000

[diff] [blame]

194

}

195

Jeff Sharkey

9e8f83d

2019-02-28 12:06:45 -0700

[diff] [blame^]

196

public static final @android.annotation.NonNull Creator<ParcelableKeyGenParameterSpec> CREATOR = new Creator<ParcelableKeyGenParameterSpec>() {

Eran Messeri

852c8f1

2017-11-15 05:55:52 +0000

[diff] [blame]

197

@Override

198

public ParcelableKeyGenParameterSpec createFromParcel(Parcel in) {

199

return new ParcelableKeyGenParameterSpec(in);

}

@Override

public ParcelableKeyGenParameterSpec[] newArray(int size) {

204

return new ParcelableKeyGenParameterSpec[size];

}

};

public KeyGenParameterSpec getSpec() {

209

return mSpec;

210

}

211

}