Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 14a82f79 authored by Janis Danisevskis's avatar Janis Danisevskis Committed by Gerrit Code Review
Browse files

Merge "Keystore 2.0 SPI: Add CERTIFICATE_* tags."

parents d25ad6a1 f5c1e043

core/java/android/security/keymaster/KeymasterDefs.java

+13 −0
Original line number Diff line number Diff line
@@ -130,6 +130,15 @@ public final class KeymasterDefs { 
    public static final int KM_TAG_ASSOCIATED_DATA = Tag.ASSOCIATED_DATA; // KM_BYTES | 1000;

    public static final int KM_TAG_NONCE = Tag.NONCE; // KM_BYTES | 1001;

    public static final int KM_TAG_MAC_LENGTH = Tag.MAC_LENGTH; // KM_UINT | 1003;

    public static final int KM_TAG_RESET_SINCE_ID_ROTATION =

            Tag.RESET_SINCE_ID_ROTATION;     // KM_BOOL | 1004

    public static final int KM_TAG_CONFIRMATION_TOKEN = Tag.CONFIRMATION_TOKEN; // KM_BYTES | 1005;

    public static final int KM_TAG_CERTIFICATE_SERIAL = Tag.CERTIFICATE_SERIAL; // KM_UINT | 1006;

    public static final int KM_TAG_CERTIFICATE_SUBJECT = Tag.CERTIFICATE_SUBJECT; // KM_UINT | 1007;

    public static final int KM_TAG_CERTIFICATE_NOT_BEFORE =

            Tag.CERTIFICATE_NOT_BEFORE; // KM_DATE | 1008;

    public static final int KM_TAG_CERTIFICATE_NOT_AFTER =

            Tag.CERTIFICATE_NOT_AFTER; // KM_DATE | 1009;



    // Algorithm values.

    public static final int KM_ALGORITHM_RSA = Algorithm.RSA;
@@ -317,6 +326,10 @@ public final class KeymasterDefs { 
            ErrorCode.HARDWARE_TYPE_UNAVAILABLE; // -68;

    public static final int KM_ERROR_DEVICE_LOCKED =

            ErrorCode.DEVICE_LOCKED; // -72;

    public static final int KM_ERROR_MISSING_NOT_BEFORE =

            ErrorCode.MISSING_NOT_BEFORE; // -80;

    public static final int KM_ERROR_MISSING_NOT_AFTER =

            ErrorCode.MISSING_NOT_AFTER; // -80;

    public static final int KM_ERROR_UNIMPLEMENTED =

            ErrorCode.UNIMPLEMENTED; // -100;

    public static final int KM_ERROR_VERSION_MISMATCH =

keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java

+24 −0
Original line number Diff line number Diff line
@@ -585,6 +585,30 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato 
                    mSpec.getKeyValidityForConsumptionEnd()

            ));

        }

        if (mSpec.getCertificateNotAfter() != null) {

            params.add(KeyStore2ParameterUtils.makeDate(

                    KeymasterDefs.KM_TAG_CERTIFICATE_NOT_AFTER,

                    mSpec.getCertificateNotAfter()

            ));

        }

        if (mSpec.getCertificateNotBefore() != null) {

            params.add(KeyStore2ParameterUtils.makeDate(

                    KeymasterDefs.KM_TAG_CERTIFICATE_NOT_BEFORE,

                    mSpec.getCertificateNotBefore()

            ));

        }

        if (mSpec.getCertificateSerialNumber() != null) {

            params.add(KeyStore2ParameterUtils.makeBignum(

                    KeymasterDefs.KM_TAG_CERTIFICATE_SERIAL,

                    mSpec.getCertificateSerialNumber()

            ));

        }

        if (mSpec.getCertificateSubject() != null) {

            params.add(KeyStore2ParameterUtils.makeBytes(

                    KeymasterDefs.KM_TAG_CERTIFICATE_SUBJECT,

                    mSpec.getCertificateSubject().getEncoded()

            ));

        }



        if (mSpec.getMaxUsageCount() != KeyProperties.UNRESTRICTED_USAGE_COUNT) {

            params.add(KeyStore2ParameterUtils.makeInt(

keystore/java/android/security/keystore2/KeyStore2ParameterUtils.java

+18 −4
Original line number Diff line number Diff line
@@ -28,6 +28,7 @@ import android.security.keystore.KeyProperties; 
import android.security.keystore.UserAuthArgs;

import android.system.keystore2.Authorization;



import java.math.BigInteger;

import java.security.ProviderException;

import java.util.ArrayList;

import java.util.Date;
@@ -153,6 +154,23 @@ public abstract class KeyStore2ParameterUtils { 
        return p;

    }



    /**

     * This function constructs a {@link KeyParameter} expressing a Bignum.

     * @param tag Must be KeyMint tag with the associated type BIGNUM.

     * @param b A BitInteger to be stored in the new key parameter.

     * @return An instance of {@link KeyParameter}.

     * @hide

     */

    static @NonNull KeyParameter makeBignum(int tag, @NonNull BigInteger b) {

        if (KeymasterDefs.getTagType(tag) != KeymasterDefs.KM_BIGNUM) {

            throw new IllegalArgumentException("Not a bignum tag: " + tag);

        }

        KeyParameter p = new KeyParameter();

        p.tag = tag;

        p.value = KeyParameterValue.blob(b.toByteArray());

        return p;

    }



    /**

     * This function constructs a {@link KeyParameter} expressing date.

     * @param tag Must be KeyMint tag with the associated type DATE.
@@ -167,10 +185,6 @@ public abstract class KeyStore2ParameterUtils { 
        KeyParameter p = new KeyParameter();

        p.tag = tag;

        p.value = KeyParameterValue.dateTime(date.getTime());

        if (p.value.getDateTime() < 0) {

            throw new IllegalArgumentException("Date tag value out of range: "

                    + p.value.getDateTime());

        }

        return p;

    }

    /**