Define String constants for AndroidKeyStore crypto.

This defines the String enum values based on JCA standard names for key algorithm, block mode, padding schemes, and digests. This should make it safer to interact with AndroidKeyStore code that uses JCA strings. This was requested by API Council. Bug: 18088752 Change-Id: I241d9225a13b85479d0a84e49d0a98cbc77e5817
2015-05-06 15:43:52 -07:00
parent 6223ec129b
commit 4d5443f37f
15 changed files with 754 additions and 397 deletions
--- a/keystore/java/android/security/KeyChain.java
+++ b/keystore/java/android/security/KeyChain.java
@ -262,7 +262,8 @@ public final class KeyChain {
     *     unavailable.
     */
    public static void choosePrivateKeyAlias(Activity activity, KeyChainAliasCallback response,
-            String[] keyTypes, Principal[] issuers, String host, int port, String alias) {
+            @KeyStoreKeyProperties.AlgorithmEnum String[] keyTypes, Principal[] issuers,
+            String host, int port, String alias) {
        choosePrivateKeyAlias(activity, response, keyTypes, issuers, host, port, null, alias);
    }

@ -306,9 +307,8 @@ public final class KeyChain {
     *     unavailable.
     */
    public static void choosePrivateKeyAlias(Activity activity, KeyChainAliasCallback response,
-                                             String[] keyTypes, Principal[] issuers,
-                                             String host, int port, String url,
-                                             String alias) {
+            @KeyStoreKeyProperties.AlgorithmEnum String[] keyTypes, Principal[] issuers,
+            String host, int port, String url, String alias) {
        /*
         * TODO currently keyTypes, issuers are unused. They are meant
         * to follow the semantics and purpose of X509KeyManager
@ -431,9 +431,11 @@ public final class KeyChain {
     * specific {@code PrivateKey} type indicated by {@code algorithm} (e.g.,
     * "RSA").
     */
-    public static boolean isKeyAlgorithmSupported(String algorithm) {
+    public static boolean isKeyAlgorithmSupported(
+            @KeyStoreKeyProperties.AlgorithmEnum String algorithm) {
        final String algUpper = algorithm.toUpperCase(Locale.US);
-        return "EC".equals(algUpper) || "RSA".equals(algUpper);
+        return KeyStoreKeyProperties.Algorithm.EC.equals(algUpper)
+                || KeyStoreKeyProperties.Algorithm.RSA.equals(algUpper);
    }

    /**
@ -443,7 +445,8 @@ public final class KeyChain {
     * hardware support that can be used to bind keys to the device in a way
     * that makes it non-exportable.
     */
-    public static boolean isBoundKeyAlgorithm(String algorithm) {
+    public static boolean isBoundKeyAlgorithm(
+            @KeyStoreKeyProperties.AlgorithmEnum String algorithm) {
        if (!isKeyAlgorithmSupported(algorithm)) {
            return false;
        }