Loading keystore/java/android/security/AndroidKeyStore.java +9 −11 Original line number Diff line number Diff line Loading @@ -544,17 +544,15 @@ public class AndroidKeyStore extends KeyStoreSpi { args.addInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT, params.getUserAuthenticationValidityDurationSeconds()); } if (params.getKeyValidityStart() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, params.getKeyValidityStart()); } if (params.getKeyValidityForOriginationEnd() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, (params.getKeyValidityStart() != null) ? params.getKeyValidityStart() : new Date(0)); args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME, params.getKeyValidityForOriginationEnd()); } if (params.getKeyValidityForConsumptionEnd() != null) { (params.getKeyValidityForOriginationEnd() != null) ? params.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE)); args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME, params.getKeyValidityForConsumptionEnd()); } (params.getKeyValidityForConsumptionEnd() != null) ? params.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE)); // TODO: Remove this once keymaster does not require us to specify the size of imported key. args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, keyMaterial.length * 8); Loading keystore/java/android/security/KeyStoreKeyGeneratorSpi.java +10 −11 Original line number Diff line number Diff line Loading @@ -23,6 +23,7 @@ import android.security.keymaster.KeymasterDefs; import java.security.InvalidAlgorithmParameterException; import java.security.SecureRandom; import java.security.spec.AlgorithmParameterSpec; import java.util.Date; import javax.crypto.KeyGeneratorSpi; import javax.crypto.SecretKey; Loading Loading @@ -144,17 +145,15 @@ public abstract class KeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { args.addInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT, spec.getUserAuthenticationValidityDurationSeconds()); } if (spec.getKeyValidityStart() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, spec.getKeyValidityStart()); } if (spec.getKeyValidityForOriginationEnd() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, (spec.getKeyValidityStart() != null) ? spec.getKeyValidityStart() : new Date(0)); args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME, spec.getKeyValidityForOriginationEnd()); } if (spec.getKeyValidityForConsumptionEnd() != null) { (spec.getKeyValidityForOriginationEnd() != null) ? spec.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE)); args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME, spec.getKeyValidityForConsumptionEnd()); } (spec.getKeyValidityForConsumptionEnd() != null) ? spec.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE)); if (((purposes & KeyStoreKeyConstraints.Purpose.ENCRYPT) != 0) || ((purposes & KeyStoreKeyConstraints.Purpose.DECRYPT) != 0)) { Loading keystore/java/android/security/KeyStoreSecretKeyFactorySpi.java +22 −5 Original line number Diff line number Diff line Loading @@ -22,6 +22,7 @@ import android.security.keymaster.KeymasterDefs; import java.security.InvalidKeyException; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import java.util.Date; import java.util.Set; import javax.crypto.SecretKey; Loading Loading @@ -112,6 +113,24 @@ public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { throw new InvalidKeySpecException("Unsupported key characteristic", e); } Date keyValidityStart = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ACTIVE_DATETIME); if ((keyValidityStart != null) && (keyValidityStart.getTime() <= 0)) { keyValidityStart = null; } Date keyValidityForOriginationEnd = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME); if ((keyValidityForOriginationEnd != null) && (keyValidityForOriginationEnd.getTime() == Long.MAX_VALUE)) { keyValidityForOriginationEnd = null; } Date keyValidityForConsumptionEnd = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME); if ((keyValidityForConsumptionEnd != null) && (keyValidityForConsumptionEnd.getTime() == Long.MAX_VALUE)) { keyValidityForConsumptionEnd = null; } int swEnforcedUserAuthenticatorIds = keyCharacteristics.swEnforced.getInt(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, 0); int hwEnforcedUserAuthenticatorIds = Loading @@ -126,11 +145,9 @@ public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { return new KeyStoreKeySpec(entryAlias, origin, keySize, KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ACTIVE_DATETIME), KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME), KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME), keyValidityStart, keyValidityForOriginationEnd, keyValidityForConsumptionEnd, purposes, algorithm, padding, Loading Loading
keystore/java/android/security/AndroidKeyStore.java +9 −11 Original line number Diff line number Diff line Loading @@ -544,17 +544,15 @@ public class AndroidKeyStore extends KeyStoreSpi { args.addInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT, params.getUserAuthenticationValidityDurationSeconds()); } if (params.getKeyValidityStart() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, params.getKeyValidityStart()); } if (params.getKeyValidityForOriginationEnd() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, (params.getKeyValidityStart() != null) ? params.getKeyValidityStart() : new Date(0)); args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME, params.getKeyValidityForOriginationEnd()); } if (params.getKeyValidityForConsumptionEnd() != null) { (params.getKeyValidityForOriginationEnd() != null) ? params.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE)); args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME, params.getKeyValidityForConsumptionEnd()); } (params.getKeyValidityForConsumptionEnd() != null) ? params.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE)); // TODO: Remove this once keymaster does not require us to specify the size of imported key. args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, keyMaterial.length * 8); Loading
keystore/java/android/security/KeyStoreKeyGeneratorSpi.java +10 −11 Original line number Diff line number Diff line Loading @@ -23,6 +23,7 @@ import android.security.keymaster.KeymasterDefs; import java.security.InvalidAlgorithmParameterException; import java.security.SecureRandom; import java.security.spec.AlgorithmParameterSpec; import java.util.Date; import javax.crypto.KeyGeneratorSpi; import javax.crypto.SecretKey; Loading Loading @@ -144,17 +145,15 @@ public abstract class KeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { args.addInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT, spec.getUserAuthenticationValidityDurationSeconds()); } if (spec.getKeyValidityStart() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, spec.getKeyValidityStart()); } if (spec.getKeyValidityForOriginationEnd() != null) { args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, (spec.getKeyValidityStart() != null) ? spec.getKeyValidityStart() : new Date(0)); args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME, spec.getKeyValidityForOriginationEnd()); } if (spec.getKeyValidityForConsumptionEnd() != null) { (spec.getKeyValidityForOriginationEnd() != null) ? spec.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE)); args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME, spec.getKeyValidityForConsumptionEnd()); } (spec.getKeyValidityForConsumptionEnd() != null) ? spec.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE)); if (((purposes & KeyStoreKeyConstraints.Purpose.ENCRYPT) != 0) || ((purposes & KeyStoreKeyConstraints.Purpose.DECRYPT) != 0)) { Loading
keystore/java/android/security/KeyStoreSecretKeyFactorySpi.java +22 −5 Original line number Diff line number Diff line Loading @@ -22,6 +22,7 @@ import android.security.keymaster.KeymasterDefs; import java.security.InvalidKeyException; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import java.util.Date; import java.util.Set; import javax.crypto.SecretKey; Loading Loading @@ -112,6 +113,24 @@ public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { throw new InvalidKeySpecException("Unsupported key characteristic", e); } Date keyValidityStart = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ACTIVE_DATETIME); if ((keyValidityStart != null) && (keyValidityStart.getTime() <= 0)) { keyValidityStart = null; } Date keyValidityForOriginationEnd = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME); if ((keyValidityForOriginationEnd != null) && (keyValidityForOriginationEnd.getTime() == Long.MAX_VALUE)) { keyValidityForOriginationEnd = null; } Date keyValidityForConsumptionEnd = KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME); if ((keyValidityForConsumptionEnd != null) && (keyValidityForConsumptionEnd.getTime() == Long.MAX_VALUE)) { keyValidityForConsumptionEnd = null; } int swEnforcedUserAuthenticatorIds = keyCharacteristics.swEnforced.getInt(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, 0); int hwEnforcedUserAuthenticatorIds = Loading @@ -126,11 +145,9 @@ public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { return new KeyStoreKeySpec(entryAlias, origin, keySize, KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ACTIVE_DATETIME), KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME), KeymasterUtils.getDate(keyCharacteristics, KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME), keyValidityStart, keyValidityForOriginationEnd, keyValidityForConsumptionEnd, purposes, algorithm, padding, Loading
