Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 21e01504 authored by Treehugger Robot's avatar Treehugger Robot Committed by Automerger Merge Worker
Browse files

Merge changes I316fdb8b,I99c1bd49 am: 572416b3 am: a4f1b7e8 am: f491d4bc 

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1519116

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I5bd177a8244c91089495d2a9d2a9e9c5ca03d300
parents 4066f26d f491d4bc

keystore/java/android/security/keystore2/AndroidKeyStore3DESCipherSpi.java

+22 −1
Original line number Diff line number Diff line
@@ -41,7 +41,7 @@ import javax.crypto.spec.IvParameterSpec; 
 *

 * @hide

 */

public class AndroidKeyStore3DESCipherSpi extends AndroidKeyStoreCipherSpiBase {

public abstract class AndroidKeyStore3DESCipherSpi extends AndroidKeyStoreCipherSpiBase {



    private static final int BLOCK_SIZE_BYTES = 8;
@@ -73,12 +73,22 @@ public class AndroidKeyStore3DESCipherSpi extends AndroidKeyStoreCipherSpiBase { 
            public NoPadding() {

                super(KeymasterDefs.KM_PAD_NONE);

            }



            @Override

            protected final String getTransform() {

                return "DESede/ECB/NoPadding";

            }

        }



        public static class PKCS7Padding extends ECB {

            public PKCS7Padding() {

                super(KeymasterDefs.KM_PAD_PKCS7);

            }



            @Override

            protected final String getTransform() {

                return "DESede/ECB/PKCS7Padding";

            }

        }

    }
@@ -91,12 +101,23 @@ public class AndroidKeyStore3DESCipherSpi extends AndroidKeyStoreCipherSpiBase { 
            public NoPadding() {

                super(KeymasterDefs.KM_PAD_NONE);

            }



            @Override

            protected final String getTransform() {

                return "DESede/CBC/NoPadding";

            }



        }



        public static class PKCS7Padding extends CBC {

            public PKCS7Padding() {

                super(KeymasterDefs.KM_PAD_PKCS7);

            }



            @Override

            protected final String getTransform() {

                return "DESede/CBC/PKCS7Padding";

            }

        }

    }

keystore/java/android/security/keystore2/AndroidKeyStoreAuthenticatedAESCipherSpi.java

+5 −0
Original line number Diff line number Diff line
@@ -63,6 +63,11 @@ abstract class AndroidKeyStoreAuthenticatedAESCipherSpi extends AndroidKeyStoreC 
            super(KeymasterDefs.KM_MODE_GCM, keymasterPadding);

        }



        @Override

        protected final String getTransform() {

            return "AES/GCM/NoPadding";

        }



        @Override

        protected final void resetAll() {

            mTagLengthBits = DEFAULT_TAG_LENGTH_BITS;

keystore/java/android/security/keystore2/AndroidKeyStoreBCWorkaroundProvider.java

+2 −2
Original line number Diff line number Diff line
@@ -254,13 +254,13 @@ class AndroidKeyStoreBCWorkaroundProvider extends Provider { 
    private void putAsymmetricCipherImpl(String transformation, String implClass) {

        put("Cipher." + transformation, implClass);

        put("Cipher." + transformation + " SupportedKeyClasses",

                KEYSTORE_PRIVATE_KEY_CLASS_NAME + "|" + KEYSTORE_PUBLIC_KEY_CLASS_NAME);

                KEYSTORE_PRIVATE_KEY_CLASS_NAME);

    }



    private void putSignatureImpl(String algorithm, String implClass) {

        put("Signature." + algorithm, implClass);

        put("Signature." + algorithm + " SupportedKeyClasses",

                KEYSTORE_PRIVATE_KEY_CLASS_NAME + "|" + KEYSTORE_PUBLIC_KEY_CLASS_NAME);

                KEYSTORE_PRIVATE_KEY_CLASS_NAME);

    }



    public static String[] getSupportedEcdsaSignatureDigests() {

keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java

+111 −0
Original line number Diff line number Diff line
@@ -43,6 +43,7 @@ import java.security.PublicKey; 
import java.security.SecureRandom;

import java.security.spec.AlgorithmParameterSpec;

import java.security.spec.InvalidKeySpecException;

import java.security.spec.MGF1ParameterSpec;

import java.security.spec.PKCS8EncodedKeySpec;

import java.security.spec.X509EncodedKeySpec;

import java.util.ArrayList;
@@ -57,6 +58,8 @@ import javax.crypto.NoSuchPaddingException; 
import javax.crypto.SecretKey;

import javax.crypto.SecretKeyFactory;

import javax.crypto.ShortBufferException;

import javax.crypto.spec.OAEPParameterSpec;

import javax.crypto.spec.PSource;

import javax.crypto.spec.SecretKeySpec;



/**
@@ -99,6 +102,8 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
     */

    private Exception mCachedException;



    private Cipher mCipher;



    AndroidKeyStoreCipherSpiBase() {

        mOperation = null;

        mEncrypting = false;
@@ -110,6 +115,7 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
        mAdditionalAuthenticationDataStreamer = null;

        mAdditionalAuthenticationDataStreamerClosed = false;

        mCachedException = null;

        mCipher = null;

    }



    @Override
@@ -117,6 +123,45 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
            throws InvalidKeyException {

        resetAll();



        if (!(key instanceof AndroidKeyStorePrivateKey

                || key instanceof AndroidKeyStoreSecretKey)) {

            try {

                mCipher = Cipher.getInstance(getTransform());

                String transform = getTransform();



                if ("RSA/ECB/OAEPWithSHA-224AndMGF1Padding".equals(transform)) {

                    OAEPParameterSpec spec =

                            new OAEPParameterSpec("SHA-224", "MGF1",

                                    new MGF1ParameterSpec("SHA1"), PSource.PSpecified.DEFAULT);

                    mCipher.init(opmode, key, spec, random);

                } else if ("RSA/ECB/OAEPWithSHA-256AndMGF1Padding".equals(transform)) {

                    OAEPParameterSpec spec =

                            new OAEPParameterSpec("SHA-256", "MGF1",

                                    new MGF1ParameterSpec("SHA1"), PSource.PSpecified.DEFAULT);

                    mCipher.init(opmode, key, spec, random);



                } else if ("RSA/ECB/OAEPWithSHA-384AndMGF1Padding".equals(transform)) {

                    OAEPParameterSpec spec =

                            new OAEPParameterSpec("SHA-384", "MGF1",

                                    new MGF1ParameterSpec("SHA1"), PSource.PSpecified.DEFAULT);

                    mCipher.init(opmode, key, spec, random);



                } else if ("RSA/ECB/OAEPWithSHA-512AndMGF1Padding".equals(transform)) {

                    OAEPParameterSpec spec =

                            new OAEPParameterSpec("SHA-512", "MGF1",

                                    new MGF1ParameterSpec("SHA1"), PSource.PSpecified.DEFAULT);

                    mCipher.init(opmode, key, spec, random);

                } else {

                    mCipher.init(opmode, key, random);

                }

                return;

            } catch (NoSuchAlgorithmException

                    | NoSuchPaddingException

                    | InvalidAlgorithmParameterException e) {

                throw new InvalidKeyException(e);

            }

        }



        boolean success = false;

        try {

            init(opmode, key, random);
@@ -139,6 +184,17 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
            SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {

        resetAll();



        if (!(key instanceof AndroidKeyStorePrivateKey

                || key instanceof AndroidKeyStoreSecretKey)) {

            try {

                mCipher = Cipher.getInstance(getTransform());

                mCipher.init(opmode, key, params, random);

                return;

            } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {

                throw new InvalidKeyException(e);

            }

        }



        boolean success = false;

        try {

            init(opmode, key, random);
@@ -157,6 +213,17 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
            SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {

        resetAll();



        if (!(key instanceof AndroidKeyStorePrivateKey

                || key instanceof AndroidKeyStoreSecretKey)) {

            try {

                mCipher = Cipher.getInstance(getTransform());

                mCipher.init(opmode, key, params, random);

                return;

            } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {

                throw new InvalidKeyException(e);

            }

        }



        boolean success = false;

        try {

            init(opmode, key, random);
@@ -214,6 +281,7 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
        mAdditionalAuthenticationDataStreamer = null;

        mAdditionalAuthenticationDataStreamerClosed = false;

        mCachedException = null;

        mCipher = null;

    }



    /**
@@ -320,6 +388,10 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 


    @Override

    protected final byte[] engineUpdate(byte[] input, int inputOffset, int inputLen) {

        if (mCipher != null) {

            return mCipher.update(input, inputOffset, inputLen);

        }



        if (mCachedException != null) {

            return null;

        }
@@ -371,6 +443,9 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
    @Override

    protected final int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output,

            int outputOffset) throws ShortBufferException {

        if (mCipher != null) {

            return mCipher.update(input, inputOffset, inputLen, output);

        }

        byte[] outputCopy = engineUpdate(input, inputOffset, inputLen);

        if (outputCopy == null) {

            return 0;
@@ -387,6 +462,10 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
    @Override

    protected final int engineUpdate(ByteBuffer input, ByteBuffer output)

            throws ShortBufferException {

        if (mCipher != null) {

            return mCipher.update(input, output);

        }



        if (input == null) {

            throw new NullPointerException("input == null");

        }
@@ -423,6 +502,11 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 


    @Override

    protected final void engineUpdateAAD(byte[] input, int inputOffset, int inputLen) {

        if (mCipher != null) {

            mCipher.updateAAD(input, inputOffset, inputLen);

            return;

        }



        if (mCachedException != null) {

            return;

        }
@@ -459,6 +543,11 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 


    @Override

    protected final void engineUpdateAAD(ByteBuffer src) {

        if (mCipher != null) {

            mCipher.updateAAD(src);

            return;

        }



        if (src == null) {

            throw new IllegalArgumentException("src == null");

        }
@@ -486,6 +575,10 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
    @Override

    protected final byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen)

            throws IllegalBlockSizeException, BadPaddingException {

        if (mCipher != null) {

            return mCipher.doFinal(input, inputOffset, inputLen);

        }



        if (mCachedException != null) {

            throw (IllegalBlockSizeException)

                    new IllegalBlockSizeException().initCause(mCachedException);
@@ -522,6 +615,10 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
    protected final int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] output,

            int outputOffset) throws ShortBufferException, IllegalBlockSizeException,

            BadPaddingException {

        if (mCipher != null) {

            return mCipher.doFinal(input, inputOffset, inputLen, output);

        }



        byte[] outputCopy = engineDoFinal(input, inputOffset, inputLen);

        if (outputCopy == null) {

            return 0;
@@ -538,6 +635,10 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
    @Override

    protected final int engineDoFinal(ByteBuffer input, ByteBuffer output)

            throws ShortBufferException, IllegalBlockSizeException, BadPaddingException {

        if (mCipher != null) {

            return mCipher.doFinal(input, output);

        }



        if (input == null) {

            throw new NullPointerException("input == null");

        }
@@ -575,6 +676,10 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
    @Override

    protected final byte[] engineWrap(Key key)

            throws IllegalBlockSizeException, InvalidKeyException {

        if (mCipher != null) {

            return mCipher.wrap(key);

        }



        if (mKey == null) {

            throw new IllegalStateException("Not initilized");

        }
@@ -656,6 +761,10 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
    @Override

    protected final Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm,

            int wrappedKeyType) throws InvalidKeyException, NoSuchAlgorithmException {

        if (mCipher != null) {

            return mCipher.unwrap(wrappedKey, wrappedKeyAlgorithm, wrappedKeyType);

        }



        if (mKey == null) {

            throw new IllegalStateException("Not initilized");

        }
@@ -902,4 +1011,6 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor 
     */

    protected abstract void loadAlgorithmSpecificParametersFromBeginResult(

            KeyParameter[] parameters);



    protected abstract String getTransform();

}

keystore/java/android/security/keystore2/AndroidKeyStoreECDSASignatureSpi.java

+25 −0
Original line number Diff line number Diff line
@@ -43,6 +43,11 @@ abstract class AndroidKeyStoreECDSASignatureSpi extends AndroidKeyStoreSignature 
            super(KeymasterDefs.KM_DIGEST_NONE);

        }



        @Override

        protected String getAlgorithm() {

            return "NONEwithECDSA";

        }



        @Override

        protected KeyStoreCryptoOperationStreamer createMainDataStreamer(

                KeyStoreOperation operation) {
@@ -113,30 +118,50 @@ abstract class AndroidKeyStoreECDSASignatureSpi extends AndroidKeyStoreSignature 
        public SHA1() {

            super(KeymasterDefs.KM_DIGEST_SHA1);

        }

        @Override

        protected String getAlgorithm() {

            return "SHA1withECDSA";

        }

    }



    public final static class SHA224 extends AndroidKeyStoreECDSASignatureSpi {

        public SHA224() {

            super(KeymasterDefs.KM_DIGEST_SHA_2_224);

        }

        @Override

        protected String getAlgorithm() {

            return "SHA224withECDSA";

        }

    }



    public final static class SHA256 extends AndroidKeyStoreECDSASignatureSpi {

        public SHA256() {

            super(KeymasterDefs.KM_DIGEST_SHA_2_256);

        }

        @Override

        protected String getAlgorithm() {

            return "SHA256withECDSA";

        }

    }



    public final static class SHA384 extends AndroidKeyStoreECDSASignatureSpi {

        public SHA384() {

            super(KeymasterDefs.KM_DIGEST_SHA_2_384);

        }

        @Override

        protected String getAlgorithm() {

            return "SHA384withECDSA";

        }

    }



    public final static class SHA512 extends AndroidKeyStoreECDSASignatureSpi {

        public SHA512() {

            super(KeymasterDefs.KM_DIGEST_SHA_2_512);

        }

        @Override

        protected String getAlgorithm() {

            return "SHA512withECDSA";

        }

    }



    private final int mKeymasterDigest;