Keystore 2.0 SPI: Evolve the Crypto SPI. (4545933d) · Commits · e / os / android_frameworks_base

keystore/java/android/security/keystore2/AndroidKeyStore3DESCipherSpi.java

+32 −19

Original line number	Diff line number	Diff line
		@@ -16,10 +16,11 @@

		package android.security.keystore2;

		import android.security.keymaster.KeymasterArguments;
		import android.annotation.NonNull;
		import android.security.keymaster.KeymasterDefs;
		import android.security.keystore.ArrayUtils;
		import android.security.keystore.KeyProperties;
		import android.system.keystore2.KeyParameter;

		import java.security.AlgorithmParameters;
		import java.security.InvalidAlgorithmParameterException;
		@@ -30,6 +31,7 @@ import java.security.ProviderException;
		import java.security.spec.AlgorithmParameterSpec;
		import java.security.spec.InvalidParameterSpecException;
		import java.util.Arrays;
		import java.util.List;

		import javax.crypto.CipherSpi;
		import javax.crypto.spec.IvParameterSpec;
		@@ -67,15 +69,13 @@ public class AndroidKeyStore3DESCipherSpi extends AndroidKeyStoreCipherSpiBase {
		super(KeymasterDefs.KM_MODE_ECB, keymasterPadding, false);
		}

		public static class NoPadding extends
		AndroidKeyStore3DESCipherSpi.ECB {
		public static class NoPadding extends ECB {
		public NoPadding() {
		super(KeymasterDefs.KM_PAD_NONE);
		}
		}

		public static class PKCS7Padding extends
		AndroidKeyStore3DESCipherSpi.ECB {
		public static class PKCS7Padding extends ECB {
		public PKCS7Padding() {
		super(KeymasterDefs.KM_PAD_PKCS7);
		}
		@@ -87,15 +87,13 @@ public class AndroidKeyStore3DESCipherSpi extends AndroidKeyStoreCipherSpiBase {
		super(KeymasterDefs.KM_MODE_CBC, keymasterPadding, true);
		}

		public static class NoPadding extends
		AndroidKeyStore3DESCipherSpi.CBC {
		public static class NoPadding extends CBC {
		public NoPadding() {
		super(KeymasterDefs.KM_PAD_NONE);
		}
		}

		public static class PKCS7Padding extends
		AndroidKeyStore3DESCipherSpi.CBC {
		public static class PKCS7Padding extends CBC {
		public PKCS7Padding() {
		super(KeymasterDefs.KM_PAD_PKCS7);
		}
		@@ -254,7 +252,7 @@ public class AndroidKeyStore3DESCipherSpi extends AndroidKeyStoreCipherSpiBase {
		}

		@Override
		protected void addAlgorithmSpecificParametersToBegin(KeymasterArguments keymasterArgs) {
		protected void addAlgorithmSpecificParametersToBegin(@NonNull List<KeyParameter> parameters) {
		if ((isEncrypting()) && (mIvRequired) && (mIvHasBeenUsed)) {
		// IV is being reused for encryption: this violates security best practices.
		throw new IllegalStateException(
		@@ -262,23 +260,38 @@ public class AndroidKeyStore3DESCipherSpi extends AndroidKeyStoreCipherSpiBase {
		+ " practices.");
		}

		keymasterArgs.addEnum(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_3DES);
		keymasterArgs.addEnum(KeymasterDefs.KM_TAG_BLOCK_MODE, mKeymasterBlockMode);
		keymasterArgs.addEnum(KeymasterDefs.KM_TAG_PADDING, mKeymasterPadding);
		if ((mIvRequired) && (mIv != null)) {
		keymasterArgs.addBytes(KeymasterDefs.KM_TAG_NONCE, mIv);
		parameters.add(KeyStore2ParameterUtils.makeEnum(
		KeymasterDefs.KM_TAG_ALGORITHM,
		KeymasterDefs.KM_ALGORITHM_3DES
		));
		parameters.add(KeyStore2ParameterUtils.makeEnum(
		KeymasterDefs.KM_TAG_BLOCK_MODE,
		mKeymasterBlockMode
		));
		parameters.add(KeyStore2ParameterUtils.makeEnum(
		KeymasterDefs.KM_TAG_PADDING,
		mKeymasterPadding
		));

		if (mIvRequired && (mIv != null)) {
		parameters.add(KeyStore2ParameterUtils.makeBytes(KeymasterDefs.KM_TAG_NONCE, mIv));
		}
		}

		@Override
		protected void loadAlgorithmSpecificParametersFromBeginResult(
		KeymasterArguments keymasterArgs) {
		KeyParameter[] parameters) {
		mIvHasBeenUsed = true;

		// NOTE: Keymaster doesn't always return an IV, even if it's used.
		byte[] returnedIv = keymasterArgs.getBytes(KeymasterDefs.KM_TAG_NONCE, null);
		if ((returnedIv != null) && (returnedIv.length == 0)) {
		returnedIv = null;
		byte[] returnedIv = null;
		if (parameters != null) {
		for (KeyParameter p : parameters) {
		if (p.tag == KeymasterDefs.KM_TAG_NONCE) {
		returnedIv = p.blob;
		break;
		}
		}
		}

		if (mIvRequired) {

keystore/java/android/security/keystore2/AndroidKeyStoreAuthenticatedAESCipherSpi.java

+50 −65

Original line number	Diff line number	Diff line
		@@ -18,15 +18,13 @@ package android.security.keystore2;

		import android.annotation.NonNull;
		import android.annotation.Nullable;
		import android.os.IBinder;
		import android.security.KeyStore;
		import android.security.KeyStoreException;
		import android.security.keymaster.KeymasterArguments;
		import android.security.KeyStoreOperation;
		import android.security.keymaster.KeymasterDefs;
		import android.security.keymaster.OperationResult;
		import android.security.keystore.ArrayUtils;
		import android.security.keystore.KeyProperties;
		import android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer.Stream;
		import android.system.keystore2.KeyParameter;

		import libcore.util.EmptyArray;

		@@ -41,6 +39,7 @@ import java.security.ProviderException;
		import java.security.spec.AlgorithmParameterSpec;
		import java.security.spec.InvalidParameterSpecException;
		import java.util.Arrays;
		import java.util.List;

		import javax.crypto.CipherSpi;
		import javax.crypto.spec.GCMParameterSpec;
		@@ -175,26 +174,25 @@ abstract class AndroidKeyStoreAuthenticatedAESCipherSpi extends AndroidKeyStoreC
		@NonNull
		@Override
		protected KeyStoreCryptoOperationStreamer createMainDataStreamer(
		KeyStore keyStore, IBinder operationToken) {
		KeyStoreCryptoOperationStreamer
		streamer = new KeyStoreCryptoOperationChunkedStreamer(
		KeyStoreOperation operation) {
		KeyStoreCryptoOperationStreamer streamer = new KeyStoreCryptoOperationChunkedStreamer(
		new KeyStoreCryptoOperationChunkedStreamer.MainDataStream(
		keyStore, operationToken), 0);
		operation), 0);
		if (isEncrypting()) {
		return streamer;
		} else {
		// When decrypting, to avoid leaking unauthenticated plaintext, do not return any
		// plaintext before ciphertext is authenticated by KeyStore.finish.
		return new AndroidKeyStoreAuthenticatedAESCipherSpi.BufferAllOutputUntilDoFinalStreamer(streamer);
		return new BufferAllOutputUntilDoFinalStreamer(streamer);
		}
		}

		@NonNull
		@Override
		protected final KeyStoreCryptoOperationStreamer createAdditionalAuthenticationDataStreamer(
		KeyStore keyStore, IBinder operationToken) {
		KeyStoreOperation operation) {
		return new KeyStoreCryptoOperationChunkedStreamer(
		new AndroidKeyStoreAuthenticatedAESCipherSpi.AdditionalAuthenticationDataStream(keyStore, operationToken), 0);
		new AdditionalAuthenticationDataStream(operation), 0);
		}

		@Override
		@@ -214,17 +212,19 @@ abstract class AndroidKeyStoreAuthenticatedAESCipherSpi extends AndroidKeyStoreC

		@Override
		protected final void addAlgorithmSpecificParametersToBegin(
		@NonNull KeymasterArguments keymasterArgs) {
		super.addAlgorithmSpecificParametersToBegin(keymasterArgs);
		keymasterArgs.addUnsignedInt(KeymasterDefs.KM_TAG_MAC_LENGTH, mTagLengthBits);
		@NonNull List<KeyParameter> parameters) {
		super.addAlgorithmSpecificParametersToBegin(parameters);
		parameters.add(KeyStore2ParameterUtils.makeInt(
		KeymasterDefs.KM_TAG_MAC_LENGTH,
		mTagLengthBits
		));
		}

		protected final int getTagLengthBits() {
		return mTagLengthBits;
		}

		public static final class NoPadding extends
		AndroidKeyStoreAuthenticatedAESCipherSpi.GCM {
		public static final class NoPadding extends GCM {
		public NoPadding() {
		super(KeymasterDefs.KM_PAD_NONE);
		}
		@@ -290,31 +290,45 @@ abstract class AndroidKeyStoreAuthenticatedAESCipherSpi extends AndroidKeyStoreC

		@Override
		protected void addAlgorithmSpecificParametersToBegin(
		@NonNull KeymasterArguments keymasterArgs) {
		@NonNull List<KeyParameter> parameters) {
		if ((isEncrypting()) && (mIvHasBeenUsed)) {
		// IV is being reused for encryption: this violates security best practices.
		throw new IllegalStateException(
		"IV has already been used. Reusing IV in encryption mode violates security best"
		+ " practices.");
		}
		parameters.add(KeyStore2ParameterUtils.makeEnum(
		KeymasterDefs.KM_TAG_ALGORITHM,
		KeymasterDefs.KM_ALGORITHM_AES
		));
		parameters.add(KeyStore2ParameterUtils.makeEnum(
		KeymasterDefs.KM_TAG_BLOCK_MODE,
		mKeymasterBlockMode
		));
		parameters.add(KeyStore2ParameterUtils.makeEnum(
		KeymasterDefs.KM_TAG_PADDING,
		mKeymasterPadding
		));

		keymasterArgs.addEnum(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_AES);
		keymasterArgs.addEnum(KeymasterDefs.KM_TAG_BLOCK_MODE, mKeymasterBlockMode);
		keymasterArgs.addEnum(KeymasterDefs.KM_TAG_PADDING, mKeymasterPadding);
		if (mIv != null) {
		keymasterArgs.addBytes(KeymasterDefs.KM_TAG_NONCE, mIv);
		parameters.add(KeyStore2ParameterUtils.makeBytes(KeymasterDefs.KM_TAG_NONCE, mIv));
		}
		}

		@Override
		protected final void loadAlgorithmSpecificParametersFromBeginResult(
		@NonNull KeymasterArguments keymasterArgs) {
		KeyParameter[] parameters) {
		mIvHasBeenUsed = true;

		// NOTE: Keymaster doesn't always return an IV, even if it's used.
		byte[] returnedIv = keymasterArgs.getBytes(KeymasterDefs.KM_TAG_NONCE, null);
		if ((returnedIv != null) && (returnedIv.length == 0)) {
		returnedIv = null;
		byte[] returnedIv = null;
		if (parameters != null) {
		for (KeyParameter p : parameters) {
		if (p.tag == KeymasterDefs.KM_TAG_NONCE) {
		returnedIv = p.blob;
		break;
		}
		}
		}

		if (mIv == null) {
		@@ -353,8 +367,7 @@ abstract class AndroidKeyStoreAuthenticatedAESCipherSpi extends AndroidKeyStoreC
		private ByteArrayOutputStream mBufferedOutput = new ByteArrayOutputStream();
		private long mProducedOutputSizeBytes;

		private BufferAllOutputUntilDoFinalStreamer(
		KeyStoreCryptoOperationStreamer delegate) {
		private BufferAllOutputUntilDoFinalStreamer(KeyStoreCryptoOperationStreamer delegate) {
		mDelegate = delegate;
		}

		@@ -374,9 +387,8 @@ abstract class AndroidKeyStoreAuthenticatedAESCipherSpi extends AndroidKeyStoreC

		@Override
		public byte[] doFinal(byte[] input, int inputOffset, int inputLength,
		byte[] signature, byte[] additionalEntropy) throws KeyStoreException {
		byte[] output = mDelegate.doFinal(input, inputOffset, inputLength, signature,
		additionalEntropy);
		byte[] signature) throws KeyStoreException {
		byte[] output = mDelegate.doFinal(input, inputOffset, inputLength, signature);
		if (output != null) {
		try {
		mBufferedOutput.write(output);
		@@ -407,48 +419,21 @@ abstract class AndroidKeyStoreAuthenticatedAESCipherSpi extends AndroidKeyStoreC
		*/
		private static class AdditionalAuthenticationDataStream implements Stream {

		private final KeyStore mKeyStore;
		private final IBinder mOperationToken;
		private final KeyStoreOperation mOperation;

		private AdditionalAuthenticationDataStream(KeyStore keyStore, IBinder operationToken) {
		mKeyStore = keyStore;
		mOperationToken = operationToken;
		private AdditionalAuthenticationDataStream(KeyStoreOperation operation) {
		mOperation = operation;
		}

		@Override
		public OperationResult update(byte[] input) {
		KeymasterArguments keymasterArgs = new KeymasterArguments();
		keymasterArgs.addBytes(KeymasterDefs.KM_TAG_ASSOCIATED_DATA, input);

		// KeyStore does not reflect AAD in inputConsumed, but users of Stream rely on this
		// field. We fix this discrepancy here. KeyStore.update contract is that all of AAD
		// has been consumed if the method succeeds.
		OperationResult result = mKeyStore.update(mOperationToken, keymasterArgs, null);
		if (result.resultCode == KeyStore.NO_ERROR) {
		result = new OperationResult(
		result.resultCode,
		result.token,
		result.operationHandle,
		input.length, // inputConsumed
		result.output,
		result.outParams);
		}
		return result;
		public byte[] update(byte[] input) throws KeyStoreException {
		mOperation.updateAad(input);
		return null;
		}

		@Override
		public OperationResult finish(byte[] input, byte[] signature, byte[] additionalEntropy) {
		if ((additionalEntropy != null) && (additionalEntropy.length > 0)) {
		throw new ProviderException("AAD stream does not support additional entropy");
		}
		return new OperationResult(
		KeyStore.NO_ERROR,
		mOperationToken,
		0, // operation handle -- nobody cares about this being returned from finish
		0, // inputConsumed
		EmptyArray.BYTE, // output
		new KeymasterArguments() // additional params returned by finish
		);
		public byte[] finish(byte[] input, byte[] signature) {
		return null;
		}
		}
		}
		No newline at end of file

keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java

+76 −94

File changed.

Preview size limit exceeded, changes collapsed.

keystore/java/android/security/keystore2/AndroidKeyStoreECDSASignatureSpi.java

+23 −19

Original line number	Diff line number	Diff line
		@@ -17,19 +17,19 @@
		package android.security.keystore2;

		import android.annotation.NonNull;
		import android.os.IBinder;
		import android.security.KeyStore;
		import android.security.KeyStoreException;
		import android.security.keymaster.KeyCharacteristics;
		import android.security.keymaster.KeymasterArguments;
		import android.security.KeyStoreOperation;
		import android.security.keymaster.KeymasterDefs;
		import android.security.keystore.KeyProperties;
		import android.system.keystore2.Authorization;
		import android.system.keystore2.KeyParameter;

		import libcore.util.EmptyArray;

		import java.io.ByteArrayOutputStream;
		import java.security.InvalidKeyException;
		import java.security.SignatureSpi;
		import java.util.List;

		/**
		* Base class for {@link SignatureSpi} providing Android KeyStore backed ECDSA signatures.
		@@ -44,10 +44,10 @@ abstract class AndroidKeyStoreECDSASignatureSpi extends AndroidKeyStoreSignature
		}

		@Override
		protected KeyStoreCryptoOperationStreamer createMainDataStreamer(KeyStore keyStore,
		IBinder operationToken) {
		protected KeyStoreCryptoOperationStreamer createMainDataStreamer(
		KeyStoreOperation operation) {
		return new TruncateToFieldSizeMessageStreamer(
		super.createMainDataStreamer(keyStore, operationToken),
		super.createMainDataStreamer(operation),
		getGroupSizeBits());
		}

		@@ -81,8 +81,8 @@ abstract class AndroidKeyStoreECDSASignatureSpi extends AndroidKeyStoreSignature
		}

		@Override
		public byte[] doFinal(byte[] input, int inputOffset, int inputLength, byte[] signature,
		byte[] additionalEntropy) throws KeyStoreException {
		public byte[] doFinal(byte[] input, int inputOffset, int inputLength, byte[] signature)
		throws KeyStoreException {
		if (inputLength > 0) {
		mConsumedInputSizeBytes += inputLength;
		mInputBuffer.write(input, inputOffset, inputLength);
		@@ -94,7 +94,7 @@ abstract class AndroidKeyStoreECDSASignatureSpi extends AndroidKeyStoreSignature
		return mDelegate.doFinal(bufferedInput,
		0,
		Math.min(bufferedInput.length, ((mGroupSizeBits + 7) / 8)),
		signature, additionalEntropy);
		signature);
		}

		@Override
		@@ -154,13 +154,13 @@ abstract class AndroidKeyStoreECDSASignatureSpi extends AndroidKeyStoreSignature
		+ ". Only" + KeyProperties.KEY_ALGORITHM_EC + " supported");
		}

		KeyCharacteristics keyCharacteristics = new KeyCharacteristics();
		int errorCode = getKeyStore().getKeyCharacteristics(
		key.getAlias(), null, null, key.getUid(), keyCharacteristics);
		if (errorCode != KeyStore.NO_ERROR) {
		throw getKeyStore().getInvalidKeyException(key.getAlias(), key.getUid(), errorCode);
		long keySizeBits = -1;
		for (Authorization a : key.getAuthorizations()) {
		if (a.keyParameter.tag == KeymasterDefs.KM_TAG_KEY_SIZE) {
		keySizeBits = KeyStore2ParameterUtils.getUnsignedInt(a);
		}
		}
		long keySizeBits = keyCharacteristics.getUnsignedInt(KeymasterDefs.KM_TAG_KEY_SIZE, -1);

		if (keySizeBits == -1) {
		throw new InvalidKeyException("Size of key not known");
		} else if (keySizeBits > Integer.MAX_VALUE) {
		@@ -184,9 +184,13 @@ abstract class AndroidKeyStoreECDSASignatureSpi extends AndroidKeyStoreSignature

		@Override
		protected final void addAlgorithmSpecificParametersToBegin(
		@NonNull KeymasterArguments keymasterArgs) {
		keymasterArgs.addEnum(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_EC);
		keymasterArgs.addEnum(KeymasterDefs.KM_TAG_DIGEST, mKeymasterDigest);
		@NonNull List<KeyParameter> parameters) {
		parameters.add(KeyStore2ParameterUtils.makeEnum(
		KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_EC
		));
		parameters.add(KeyStore2ParameterUtils.makeEnum(
		KeymasterDefs.KM_TAG_DIGEST, mKeymasterDigest
		));
		}

		@Override

keystore/java/android/security/keystore2/AndroidKeyStoreHmacSpi.java

+52 −61

Original line number	Diff line number	Diff line
		@@ -16,21 +16,20 @@

		package android.security.keystore2;

		import android.os.IBinder;
		import android.security.KeyStore;
		import android.security.KeyStoreException;
		import android.security.keymaster.KeymasterArguments;
		import android.security.KeyStoreOperation;
		import android.security.keymaster.KeymasterDefs;
		import android.security.keymaster.OperationResult;
		import android.security.keystore.KeyStoreConnectException;
		import android.security.keystore.KeyStoreCryptoOperation;
		import android.security.keystore.KeymasterUtils;
		import android.system.keystore2.KeyParameter;

		import java.security.InvalidAlgorithmParameterException;
		import java.security.InvalidKeyException;
		import java.security.Key;
		import java.security.ProviderException;
		import java.security.spec.AlgorithmParameterSpec;
		import java.util.ArrayList;
		import java.util.List;

		import javax.crypto.MacSpi;

		@@ -41,6 +40,8 @@ import javax.crypto.MacSpi;
		*/
		public abstract class AndroidKeyStoreHmacSpi extends MacSpi implements KeyStoreCryptoOperation {

		private static final String TAG = "AndroidKeyStoreHmacSpi";

		public static class HmacSHA1 extends AndroidKeyStoreHmacSpi {
		public HmacSHA1() {
		super(KeymasterDefs.KM_DIGEST_SHA1);
		@@ -71,7 +72,6 @@ public abstract class AndroidKeyStoreHmacSpi extends MacSpi implements KeyStoreC
		}
		}

		private final KeyStore mKeyStore = KeyStore.getInstance();
		private final int mKeymasterDigest;
		private final int mMacSizeBits;

		@@ -80,12 +80,16 @@ public abstract class AndroidKeyStoreHmacSpi extends MacSpi implements KeyStoreC

		// Fields below are reset when engineDoFinal succeeds.
		private KeyStoreCryptoOperationChunkedStreamer mChunkedStreamer;
		private IBinder mOperationToken;
		private long mOperationHandle;
		private KeyStoreOperation mOperation;
		private long mOperationChallenge;

		protected AndroidKeyStoreHmacSpi(int keymasterDigest) {
		mKeymasterDigest = keymasterDigest;
		mMacSizeBits = KeymasterUtils.getDigestOutputSizeBits(keymasterDigest);
		mOperation = null;
		mOperationChallenge = 0;
		mKey = null;
		mChunkedStreamer = null;
		}

		@Override
		@@ -127,24 +131,21 @@ public abstract class AndroidKeyStoreHmacSpi extends MacSpi implements KeyStoreC

		}

		private void abortOperation() {
		KeyStoreCryptoOperationUtils.abortOperation(mOperation);
		mOperation = null;
		}

		private void resetAll() {
		abortOperation();
		mOperationChallenge = 0;
		mKey = null;
		IBinder operationToken = mOperationToken;
		if (operationToken != null) {
		mKeyStore.abort(operationToken);
		}
		mOperationToken = null;
		mOperationHandle = 0;
		mChunkedStreamer = null;
		}

		private void resetWhilePreservingInitState() {
		IBinder operationToken = mOperationToken;
		if (operationToken != null) {
		mKeyStore.abort(operationToken);
		}
		mOperationToken = null;
		mOperationHandle = 0;
		abortOperation();
		mOperationChallenge = 0;
		mChunkedStreamer = null;
		}

		@@ -161,45 +162,40 @@ public abstract class AndroidKeyStoreHmacSpi extends MacSpi implements KeyStoreC
		throw new IllegalStateException("Not initialized");
		}

		KeymasterArguments keymasterArgs = new KeymasterArguments();
		keymasterArgs.addEnum(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_HMAC);
		keymasterArgs.addEnum(KeymasterDefs.KM_TAG_DIGEST, mKeymasterDigest);
		keymasterArgs.addUnsignedInt(KeymasterDefs.KM_TAG_MAC_LENGTH, mMacSizeBits);

		OperationResult opResult = mKeyStore.begin(
		mKey.getAlias(),
		KeymasterDefs.KM_PURPOSE_SIGN,
		true,
		keymasterArgs,
		null, // no additional entropy needed for HMAC because it's deterministic
		mKey.getUid());

		if (opResult == null) {
		throw new KeyStoreConnectException();
		}

		// Store operation token and handle regardless of the error code returned by KeyStore to
		// ensure that the operation gets aborted immediately if the code below throws an exception.
		mOperationToken = opResult.token;
		mOperationHandle = opResult.operationHandle;
		List<KeyParameter> parameters = new ArrayList<>();
		parameters.add(KeyStore2ParameterUtils.makeEnum(
		KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_HMAC
		));
		parameters.add(KeyStore2ParameterUtils.makeEnum(
		KeymasterDefs.KM_TAG_DIGEST, mKeymasterDigest
		));
		parameters.add(KeyStore2ParameterUtils.makeInt(
		KeymasterDefs.KM_TAG_MAC_LENGTH, mMacSizeBits
		));

		try {
		mOperation = mKey.getSecurityLevel().createOperation(
		mKey.getKeyIdDescriptor(),
		parameters
		);
		} catch (KeyStoreException keyStoreException) {
		// If necessary, throw an exception due to KeyStore operation having failed.
		InvalidKeyException e = KeyStoreCryptoOperationUtils.getInvalidKeyExceptionForInit(
		mKeyStore, mKey, opResult.resultCode);
		InvalidKeyException e = KeyStoreCryptoOperationUtils.getInvalidKeyException(
		mKey, keyStoreException);
		if (e != null) {
		throw e;
		}

		if (mOperationToken == null) {
		throw new ProviderException("Keystore returned null operation token");
		}
		if (mOperationHandle == 0) {
		throw new ProviderException("Keystore returned invalid operation handle");
		}

		// Now we check if we got an operation challenge. This indicates that user authorization
		// is required. And if we got a challenge we check if the authorization can possibly
		// succeed.
		mOperationChallenge = KeyStoreCryptoOperationUtils.getOrMakeOperationChallenge(
		mOperation, mKey);

		mChunkedStreamer = new KeyStoreCryptoOperationChunkedStreamer(
		new KeyStoreCryptoOperationChunkedStreamer.MainDataStream(
		mKeyStore, mOperationToken));
		mOperation));
		}

		@Override
		@@ -238,9 +234,7 @@ public abstract class AndroidKeyStoreHmacSpi extends MacSpi implements KeyStoreC
		try {
		result = mChunkedStreamer.doFinal(
		null, 0, 0,
		null, // no signature provided -- this invocation will generate one
		null // no additional entropy needed -- HMAC is deterministic
		);
		null); // no signature provided -- this invocation will generate one
		} catch (KeyStoreException e) {
		throw new ProviderException("Keystore operation failed", e);
		}
		@@ -252,10 +246,7 @@ public abstract class AndroidKeyStoreHmacSpi extends MacSpi implements KeyStoreC
		@Override
		public void finalize() throws Throwable {
		try {
		IBinder operationToken = mOperationToken;
		if (operationToken != null) {
		mKeyStore.abort(operationToken);
		}
		abortOperation();
		} finally {
		super.finalize();
		}
		@@ -263,6 +254,6 @@ public abstract class AndroidKeyStoreHmacSpi extends MacSpi implements KeyStoreC

		@Override
		public long getOperationHandle() {
		return mOperationHandle;
		return mOperationChallenge;
		}
		}