am ec01623b: am aeae0f38: Merge "Add asymmetric crypto constants for AndroidKeyStore API." (098833c5) · Commits · e / os / android_frameworks_base

keystore/java/android/security/KeyStoreKeyConstraints.java

+98 −5

Original line number	Original line	Diff line number	Diff line
	@@ -123,7 +123,7 @@ public abstract class KeyStoreKeyConstraints {
	}		}

	@Retention(RetentionPolicy.SOURCE)		@Retention(RetentionPolicy.SOURCE)
	@IntDef({Algorithm.AES, Algorithm.HMAC})		@IntDef({Algorithm.AES, Algorithm.HMAC, Algorithm.RSA, Algorithm.EC})
	public @interface AlgorithmEnum {}		public @interface AlgorithmEnum {}

	/**		/**
	@@ -135,12 +135,22 @@ public abstract class KeyStoreKeyConstraints {
	/**		/**
	* Key algorithm: AES.		* Key algorithm: AES.
	*/		*/
	public static final int AES = 0;		public static final int AES = 1 << 0;

	/**		/**
	* Key algorithm: HMAC.		* Key algorithm: HMAC.
	*/		*/
	public static final int HMAC = 1;		public static final int HMAC = 1 << 1;

			/**
			* Key algorithm: RSA.
			*/
			public static final int RSA = 1 << 2;

			/**
			* Key algorithm: EC.
			*/
			public static final int EC = 1 << 3;

	/**		/**
	* @hide		* @hide
	@@ -151,6 +161,10 @@ public abstract class KeyStoreKeyConstraints {
	return KeymasterDefs.KM_ALGORITHM_AES;		return KeymasterDefs.KM_ALGORITHM_AES;
	case HMAC:		case HMAC:
	return KeymasterDefs.KM_ALGORITHM_HMAC;		return KeymasterDefs.KM_ALGORITHM_HMAC;
			case RSA:
			return KeymasterDefs.KM_ALGORITHM_RSA;
			case EC:
			return KeymasterDefs.KM_ALGORITHM_ECDSA;
	default:		default:
	throw new IllegalArgumentException("Unknown algorithm: " + algorithm);		throw new IllegalArgumentException("Unknown algorithm: " + algorithm);
	}		}
	@@ -165,6 +179,10 @@ public abstract class KeyStoreKeyConstraints {
	return AES;		return AES;
	case KeymasterDefs.KM_ALGORITHM_HMAC:		case KeymasterDefs.KM_ALGORITHM_HMAC:
	return HMAC;		return HMAC;
			case KeymasterDefs.KM_ALGORITHM_RSA:
			return RSA;
			case KeymasterDefs.KM_ALGORITHM_ECDSA:
			return EC;
	default:		default:
	throw new IllegalArgumentException("Unknown algorithm: " + algorithm);		throw new IllegalArgumentException("Unknown algorithm: " + algorithm);
	}		}
	@@ -179,6 +197,10 @@ public abstract class KeyStoreKeyConstraints {
	return "AES";		return "AES";
	case HMAC:		case HMAC:
	return "HMAC";		return "HMAC";
			case RSA:
			return "RSA";
			case EC:
			return "EC";
	default:		default:
	throw new IllegalArgumentException("Unknown algorithm: " + algorithm);		throw new IllegalArgumentException("Unknown algorithm: " + algorithm);
	}		}
	@@ -233,11 +255,32 @@ public abstract class KeyStoreKeyConstraints {
	throw new IllegalArgumentException("Unsupported key algorithm: " + algorithm);		throw new IllegalArgumentException("Unsupported key algorithm: " + algorithm);
	}		}
	}		}

			/**
			* @hide
			*/
			public static String toJCAKeyPairAlgorithm(@AlgorithmEnum int algorithm) {
			switch (algorithm) {
			case RSA:
			return "RSA";
			case EC:
			return "EC";
			default:
			throw new IllegalArgumentException("Unsupported key alorithm: " + algorithm);
			}
			}
	}		}

	@Retention(RetentionPolicy.SOURCE)		@Retention(RetentionPolicy.SOURCE)
	@IntDef(flag = true,		@IntDef(flag = true,
	value = {Padding.NONE, Padding.PKCS7})		value = {
			Padding.NONE,
			Padding.PKCS7,
			Padding.RSA_PKCS1_ENCRYPTION,
			Padding.RSA_PKCS1_SIGNATURE,
			Padding.RSA_OAEP,
			Padding.RSA_PSS,
			})
	public @interface PaddingEnum {}		public @interface PaddingEnum {}

	/**		/**
	@@ -256,6 +299,26 @@ public abstract class KeyStoreKeyConstraints {
	*/		*/
	public static final int PKCS7 = 1 << 1;		public static final int PKCS7 = 1 << 1;

			/**
			* RSA PKCS#1 v1.5 padding for encryption/decryption.
			*/
			public static final int RSA_PKCS1_ENCRYPTION = 1 << 2;

			/**
			* RSA PKCS#1 v1.5 padding for signatures.
			*/
			public static final int RSA_PKCS1_SIGNATURE = 1 << 3;

			/**
			* RSA Optimal Asymmetric Encryption Padding (OAEP).
			*/
			public static final int RSA_OAEP = 1 << 4;

			/**
			* RSA PKCS#1 v2.1 Probabilistic Signature Scheme (PSS) padding.
			*/
			public static final int RSA_PSS = 1 << 5;

	/**		/**
	* @hide		* @hide
	*/		*/
	@@ -265,6 +328,14 @@ public abstract class KeyStoreKeyConstraints {
	return KeymasterDefs.KM_PAD_NONE;		return KeymasterDefs.KM_PAD_NONE;
	case PKCS7:		case PKCS7:
	return KeymasterDefs.KM_PAD_PKCS7;		return KeymasterDefs.KM_PAD_PKCS7;
			case RSA_PKCS1_ENCRYPTION:
			return KeymasterDefs.KM_PAD_RSA_PKCS1_1_5_ENCRYPT;
			case RSA_PKCS1_SIGNATURE:
			return KeymasterDefs.KM_PAD_RSA_PKCS1_1_5_SIGN;
			case RSA_OAEP:
			return KeymasterDefs.KM_PAD_RSA_OAEP;
			case RSA_PSS:
			return KeymasterDefs.KM_PAD_RSA_PSS;
	default:		default:
	throw new IllegalArgumentException("Unknown padding: " + padding);		throw new IllegalArgumentException("Unknown padding: " + padding);
	}		}
	@@ -279,6 +350,14 @@ public abstract class KeyStoreKeyConstraints {
	return NONE;		return NONE;
	case KeymasterDefs.KM_PAD_PKCS7:		case KeymasterDefs.KM_PAD_PKCS7:
	return PKCS7;		return PKCS7;
			case KeymasterDefs.KM_PAD_RSA_PKCS1_1_5_ENCRYPT:
			return RSA_PKCS1_ENCRYPTION;
			case KeymasterDefs.KM_PAD_RSA_PKCS1_1_5_SIGN:
			return RSA_PKCS1_SIGNATURE;
			case KeymasterDefs.KM_PAD_RSA_OAEP:
			return RSA_OAEP;
			case KeymasterDefs.KM_PAD_RSA_PSS:
			return RSA_PSS;
	default:		default:
	throw new IllegalArgumentException("Unknown padding: " + padding);		throw new IllegalArgumentException("Unknown padding: " + padding);
	}		}
	@@ -293,6 +372,14 @@ public abstract class KeyStoreKeyConstraints {
	return "NONE";		return "NONE";
	case PKCS7:		case PKCS7:
	return "PKCS#7";		return "PKCS#7";
			case RSA_PKCS1_ENCRYPTION:
			return "RSA PKCS#1 (encryption)";
			case RSA_PKCS1_SIGNATURE:
			return "RSA PKCS#1 (signature)";
			case RSA_OAEP:
			return "RSA OAEP";
			case RSA_PSS:
			return "RSA PSS";
	default:		default:
	throw new IllegalArgumentException("Unknown padding: " + padding);		throw new IllegalArgumentException("Unknown padding: " + padding);
	}		}
	@@ -301,12 +388,18 @@ public abstract class KeyStoreKeyConstraints {
	/**		/**
	* @hide		* @hide
	*/		*/
	public static @PaddingEnum int fromJCAPadding(String padding) {		public static @PaddingEnum int fromJCACipherPadding(String padding) {
	String paddingLower = padding.toLowerCase(Locale.US);		String paddingLower = padding.toLowerCase(Locale.US);
	if ("nopadding".equals(paddingLower)) {		if ("nopadding".equals(paddingLower)) {
	return NONE;		return NONE;
	} else if ("pkcs7padding".equals(paddingLower)) {		} else if ("pkcs7padding".equals(paddingLower)) {
	return PKCS7;		return PKCS7;
			} else if ("pkcs1padding".equals(paddingLower)) {
			return RSA_PKCS1_ENCRYPTION;
			} else if (("oaeppadding".equals(paddingLower))
			\|\| ((paddingLower.startsWith("oaepwith"))
			&& (paddingLower.endsWith("padding")))) {
			return RSA_OAEP;
	} else {		} else {
	throw new IllegalArgumentException("Unknown padding: " + padding);		throw new IllegalArgumentException("Unknown padding: " + padding);
	}		}