This ensures that instances of this class are immutable and cleans up
some flawed logic discovered when writing up CTS tests.
Bug: 18088752
Change-Id: If9cc33192ada5a8982a2b200ab24cb18331cf958
This ensures that instances of this class are immutable and cleans up
some flawed logic discovered when writing up CTS tests.
Bug: 18088752
Change-Id: I7a27dbfc3445599bccabbd26e39535ce988a2ab2
When Android Keystore generates an asymmetric key pair, it needs to
create a self-signed certificate for that pair, in order to expose
the key pair in the JCA KeyStore abstraction through which keys are
later retrieved. The self-signed certificate is normally signed with
the private key.
This CL avoids using the private key to sign the certificate if the
private key can be used only once the user has been authenticated.
For such keys, a fake (non-verifying) signature is used on the
certificate, same as for cases where the key is not authorized for
signing.
Bug: 21852844
Change-Id: Id78bc1f51d12950db4e37c1e0da6c60057d4e693
This class was added in Android M to enable us to expose ECIES. ECIES
is not going to happen in Android M. I'm thus removing this unused
class until such time when it's needed.
Bug: 18088752
Change-Id: I16ab1bbd0b4334419c9a8f29d64661c150aa8d32
This updates the Javadocs of Android Keystore to explain what key
authorizations are needed for the self-signed cert create at key
generation time to have a valid signature.
Bug: 18088752
Bug: 21777596
Change-Id: Id02425133f094a0c5a02e96f4c63aab7175cba5b
This fixes a bug where key pair generation fails for RSA signing keys
which are not authorized for PKCS#1 signature padding, such as keys
authorized only for the RSA PSS signature padding scheme.
The issue was that the KeyPairGenerator was failing when attempting to
sign the self-signed certificate (needed by Android Keystore) using
PKCS#1 padding for which such keys are not authorized. The solution is
to not attempt to sign these certificates and instead use a fake
signature.
Bug: 21809600
Change-Id: I4f04fcf78174937046d2534e0485c6940eae673f
This makes Android Keystore crypto operations defer pulling entropy
from provided SecureRandom until KeyStore.finish, where appropriate.
Such as when performing asymmetric encryption or generating
signatures.
Bug: 18088752
Change-Id: I4a897754e9a846214cf0995c5514f98cf0edd76b
This also adds information about what digests and paddings may need to
be specified for keys used in TLS/SSL for client or server
authentication.
Bug: 21777596
Change-Id: Icd495458c38c4f912b21a64ca7aab2c88d76461c
This removes the requirement to hold the USE_FINGERPRINT permission
to successfully invoke FingerprintManager.getAuthenticatorId().
This is needed because Android Keystore classes which run inside app
processes occasionally need to access this authenticator ID. The
access however is not necessarily triggered by the developer using
APIs to do with fingerprints. Thus, if an app does not hold the
USE_FINGERPRINT permission and uses Android Keystore API, it may
unexpectedly encounter a SecurityException.
It's OK to provide access to authenticator ID without requiring
USE_FINGERPRINT permission because there are other ways to access
this ID without holding that permission, such as though hidden
KeyStore API.
Once Android Keystore code is restructured to no longer require
access to authenticator ID, this CL can be reverted.
Bug: 21030147
Change-Id: I9af29830abce34c46e29e5c1682cc3ab88c95c00
This switches Android Keystore asymmetric keys from being backed by
Conscrypt (via keystore-engine which is an OpenSSL/BoringSSL ENGINE
which talks to keystore via the old KeyStore API) to being backed by
the AndroidKeyStore Provider which talks to keystore via the new
KeyStore API. In effect, this switches asymmetric crypto offered by
Android Keystore from old Keystore API to new KeyStore API, enabling
all the new features such as enforcement of authorizations on key use.
Some algorithms offered by Android Keystore, such as RSA with OAEP
or PSS padding schemes, are not supported by other providers. This
complicates matters because Android Keystore only supports public key
operations if the corresponding private key is in the keystore. Thus,
Android Keystore can only offer these operations for its own public
keys only. This requires AndroidKeyStore to use its own subclasses of
PublicKey everywhere. The ugliest place is where it needs to return
its own subclass of X509Certificate only to be able to return its
own subclass of PublicKey from Certificate.getPublicKey().
Bug: 18088752
Bug: 19284418
Bug: 20912868
Change-Id: Id234f9ab9ff72d353ca1ff66768bd3d46da50d64
This makes Android Keystore's asymmetric key generation and import
use the new KeyStore API (similar to keymaster 1.0 API).
Because the resulting private keys will be used through
Conscrypt/keystore-engine which uses the old Keystore API, this CL
implements a temporary workaround where all generated and imported
keys are authorized for padding NONE and digest NONE, in addition to
padding schemes and digests requested by the user of the Android
Keystore API. This workaround is needed because keystore-engine uses
digest NONE and padding NONE for all its crypto operations.
Bug: 18088752
Bug: 20912868
Change-Id: Idc709039d091294265bd000160b5507f13825849
Cipher.wrap and .unwrap are supported by Android Keystore in released
versions of Android. The new Android Keystore provider should thus
continue supporting these for backward compatibility.
Bug: 18088752
Change-Id: I95319b13d5c4e9681f6539016e6449d73f81131d
This is bad API. There was never a guarantee that when this method
returns true for a key algorithm (e.g., RSA or EC), then all keys of
that type will be imported into secure hardware. For example, the
secure hardware may reject a key if it's of unsupported size or uses
an unsupported public exponent or EC curve. In that case, the key
will be imported into keystore/KeyChain without being backed by secure
hardware.
Bug: 18088752
Change-Id: I8daa574a2e703a347d09d93401cd1ea2d0162ed9
This adds support for RSA encryption using private key and no padding.
This mode of operation is needed because JCA does not offer an RSA
Signature primitive that does not apply padding.
Bug: 18088752
Bug: 20912868
Change-Id: I0b481b4c19916f601aa270fada5eabfb12987e8d
The KeyFactory can be used to obtain information (KeyInfo) about
Android Keystore private keys.
Bug: 18088752
Change-Id: Ied1a69928f391537de6765cef7dc7d7241cf62bb
If provided the extra entropy will be added to the device before calling
finish. If entropy is provided and the device does not support supplying
additional entropy then finish will fail with KM_ERROR_UNIMPLEMENTED.
(cherry-picked from commit 9ce30624a448f439e19960d0dd88103c04676e7d)
Change-Id: If26be118bf382604f6f8e96e833b76e6f9e94d58
Output parameters are gone from begin, instead they will returned in the
OperationResult and begin, update, and finish may return output
parameters.
Change-Id: I072afeb6c65f6c512b40603824c25686ac44e7c8
This is a follow-up to 7cbcfd4fc1e538bd391a20cdd00dd1494ace2d0e where
during the review it was pointed out that the code could be
streamlined.
Bug: 18088752
Change-Id: Iecb9fdbc31a0f3cdcb94ddb1b3e7e12a0543a231
This makes Android Keystore's CipherSpi base class suitable for
implementing AES and RSA ciphers. Previously, the class was heavily
biased towards only AES.
Bug: 18088752
Change-Id: I6bd1ca54165592d28482e56471dcfe0344337cf4
Rename confusingly named methods, add userID arguments to all methods
that operate on user state and delete methods that have been replaced by
the onUser* methods.
Some of the old methods have been kept in KeyStore.java in order to ease
the transition of various system packages to the new methods.
(cherry-picked from commit d8aacca3a197f65021e9b520807b7315b7a59d68)
Change-Id: Ic271689d62c36d255c5adee26c7abc2e7ed24df5
This renames AndroidKeyPairGeneratorSpi to
AndroidKeyStoreKeyPairGeneratorSpi for consistency with other SPI
implementations of AndroidKeyStore provider.
Bug: 18088752
Change-Id: Iea1c4d35987b3e64f92dd1706273ffb75a6addd6
