Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 23c438d7 authored by Eran Messeri's avatar Eran Messeri
Browse files

KeyChain: Provide public & private keys 

In order for the DevicePolicyManager to provide key generation
functionality, it has to return both the private and public keys
in form of a KeyPair.

Since the KeyChainService will perform the key generation on behalf
of the DevicePolicyManager (so that KeyChain will be the owner of
the generated keys outright), the DevicePolicyManager needs a way
to get both the private and public key representations from KeyChain.

A getKeyPair method is added that gets the private and public
key pair associated with a given alias from Keystore.
The getPrivateKey now delegates to the getKeyPair method and returns
only the private key.

Tested using existing CTS tests.

Bug: 63388672
Test: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement
Change-Id: I06b8511acd2049a0053ec8893de6de7429f7c92e
parent 78252a23

keystore/java/android/security/KeyChain.java

+14 −1
Original line number Diff line number Diff line
@@ -40,6 +40,7 @@ import android.security.keystore.KeyProperties; 


import java.io.ByteArrayInputStream;

import java.io.Closeable;

import java.security.KeyPair;

import java.security.Principal;

import java.security.PrivateKey;

import java.security.UnrecoverableKeyException;
@@ -418,6 +419,18 @@ public final class KeyChain { 
    @Nullable @WorkerThread

    public static PrivateKey getPrivateKey(@NonNull Context context, @NonNull String alias)

            throws KeyChainException, InterruptedException {

        KeyPair keyPair = getKeyPair(context, alias);

        if (keyPair != null) {

            return keyPair.getPrivate();

        }



        return null;

    }



    /** @hide */

    @Nullable @WorkerThread

    public static KeyPair getKeyPair(@NonNull Context context, @NonNull String alias)

            throws KeyChainException, InterruptedException {

        if (alias == null) {

            throw new NullPointerException("alias == null");

        }
@@ -439,7 +452,7 @@ public final class KeyChain { 
            return null;

        } else {

            try {

                return AndroidKeyStoreProvider.loadAndroidKeyStorePrivateKeyFromKeystore(

                return AndroidKeyStoreProvider.loadAndroidKeyStoreKeyPairFromKeystore(

                        KeyStore.getInstance(), keyId, KeyStore.UID_SELF);

            } catch (RuntimeException | UnrecoverableKeyException e) {

                throw new KeyChainException(e);