Merge "Revert "Keystore: Validate curve names in XDH and ED25519"" into main

        }

    }

    // For curve 25519, KeyMint uses the KM_ALGORITHM_EC constant, but in the Java layer we need

    // to distinguish between Curve 25519 and other EC algorithms, so we use a different constant

    // with a value that is outside the range of the enum used for KeyMint algorithms.

    private static final int ALGORITHM_XDH = KeymasterDefs.KM_ALGORITHM_EC + 1200;

    private static final int ALGORITHM_ED25519 = ALGORITHM_XDH + 1;

    /**

     * XDH represents Curve 25519 agreement key provider.

     * XDH represents Curve 25519 providers.

     */

    public static class XDH extends AndroidKeyStoreKeyPairGeneratorSpi {

        // XDH is treated as EC.

        public XDH() {

            super(ALGORITHM_XDH);

        }

    }

    /**

     * ED25519 represents Curve 25519 signing key provider.

     */

    public static class ED25519 extends AndroidKeyStoreKeyPairGeneratorSpi {

        // ED25519 is treated as EC.

        public ED25519() {

            super(ALGORITHM_ED25519);

            super(KeymasterDefs.KM_ALGORITHM_EC);

        }

    }

            KeyGenParameterSpec spec;

            boolean encryptionAtRestRequired = false;

            int keymasterAlgorithm = (mOriginalKeymasterAlgorithm == ALGORITHM_XDH

                    || mOriginalKeymasterAlgorithm == ALGORITHM_ED25519)

                    ? KeymasterDefs.KM_ALGORITHM_EC : mOriginalKeymasterAlgorithm;

            int keymasterAlgorithm = mOriginalKeymasterAlgorithm;

            if (params instanceof KeyGenParameterSpec) {

                spec = (KeyGenParameterSpec) params;

            } else if (params instanceof KeyPairGeneratorSpec) {

                if (algSpecificSpec instanceof ECGenParameterSpec) {

                    ECGenParameterSpec ecSpec = (ECGenParameterSpec) algSpecificSpec;

                    mEcCurveName = ecSpec.getName();

                    if (mOriginalKeymasterAlgorithm == ALGORITHM_XDH

                            && !mEcCurveName.equalsIgnoreCase("x25519")) {

                        throw new InvalidAlgorithmParameterException("XDH algorithm only supports"

                                + " x25519 curve.");

                    } else if (mOriginalKeymasterAlgorithm == ALGORITHM_ED25519

                            && !mEcCurveName.equalsIgnoreCase("ed25519")) {

                        throw new InvalidAlgorithmParameterException("Ed25519 algorithm only"

                                + " supports ed25519 curve.");

                    }

                    final Integer ecSpecKeySizeBits = SUPPORTED_EC_CURVE_NAME_TO_SIZE.get(

                            mEcCurveName.toLowerCase(Locale.US));

                    if (ecSpecKeySizeBits == null) {

        put("KeyPairGenerator.EC", PACKAGE_NAME + ".AndroidKeyStoreKeyPairGeneratorSpi$EC");

        put("KeyPairGenerator.RSA", PACKAGE_NAME +  ".AndroidKeyStoreKeyPairGeneratorSpi$RSA");

        put("KeyPairGenerator.XDH", PACKAGE_NAME +  ".AndroidKeyStoreKeyPairGeneratorSpi$XDH");

        put("KeyPairGenerator.ED25519", PACKAGE_NAME

                +  ".AndroidKeyStoreKeyPairGeneratorSpi$ED25519");

        // java.security.KeyFactory

        putKeyFactoryImpl("EC");

        putKeyFactoryImpl("RSA");

        putKeyFactoryImpl("XDH");

        putKeyFactoryImpl("ED25519");

        // javax.crypto.KeyGenerator

        put("KeyGenerator.AES", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$AES");