Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9d7faa91 authored by Brian Carlstrom's avatar Brian Carlstrom
Browse files

Change KeyChain to assume PEM encoded keystore entries 

Summary:
- Changed KeyChain to assume PEM encoded keystore entries
- Moved convertToPem from CertInstaller for reuse with other Credentials helpers
- Added convertFromPem for use decoding keystore entries

Change-Id: I340168b88aefa458d01e81324824e2e08b1d7c4e
parent a4a48a48

keystore/java/android/security/Credentials.java

+46 −1
Original line number Diff line number Diff line
@@ -20,8 +20,19 @@ import android.content.ActivityNotFoundException; 
import android.content.Context;

import android.content.Intent;

import android.util.Log;



import com.android.org.bouncycastle.openssl.PEMReader;

import com.android.org.bouncycastle.openssl.PEMWriter;

import java.io.ByteArrayInputStream;

import java.io.ByteArrayOutputStream;

import java.io.IOException;

import java.io.InputStreamReader;

import java.io.OutputStreamWriter;

import java.io.Reader;

import java.io.Writer;

import java.nio.charset.Charsets;

import java.security.KeyPair;

import java.util.ArrayList;

import java.util.List;



/**

 * {@hide}
@@ -60,6 +71,40 @@ public class Credentials { 
    /** Data type for PKCS12. */

    public static final String PKCS12 = "PKCS12";



    /**

     * Convert objects to a PEM format, which is used for

     * CA_CERTIFICATE, USER_CERTIFICATE, and USER_PRIVATE_KEY

     * entries.

     */

    public static byte[] convertToPem(Object... objects) throws IOException {

        ByteArrayOutputStream bao = new ByteArrayOutputStream();

        Writer writer = new OutputStreamWriter(bao, Charsets.US_ASCII);

        PEMWriter pw = new PEMWriter(writer);

        for (Object o : objects) {

            pw.writeObject(o);

        }

        pw.close();

        return bao.toByteArray();

    }

    /**

     * Convert objects from PEM format, which is used for

     * CA_CERTIFICATE, USER_CERTIFICATE, and USER_PRIVATE_KEY

     * entries.

     */

    public static List<Object> convertFromPem(byte[] bytes) throws IOException {

        ByteArrayInputStream bai = new ByteArrayInputStream(bytes);

        Reader reader = new InputStreamReader(bai, Charsets.US_ASCII);

        PEMReader pr = new PEMReader(reader);



        List<Object> result = new ArrayList<Object>();

        Object o;

        while ((o = pr.readObject()) != null) {

            result.add(o);

        }

        pr.close();

        return result;

    }



    private static Credentials singleton;



    public static Credentials getInstance() {

keystore/java/android/security/KeyChain.java

+4 −5
Original line number Diff line number Diff line
@@ -34,6 +34,7 @@ import java.io.ByteArrayInputStream; 
import java.io.Closeable;

import java.io.IOException;

import java.security.KeyFactory;

import java.security.KeyPair;

import java.security.NoSuchAlgorithmException;

import java.security.PrivateKey;

import java.security.cert.Certificate;
@@ -185,11 +186,9 @@ public final class KeyChain { 
            throw new IllegalArgumentException("bytes == null");

        }

        try {

            KeyFactory keyFactory = KeyFactory.getInstance("RSA");

            return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bytes));

        } catch (NoSuchAlgorithmException e) {

            throw new AssertionError(e);

        } catch (InvalidKeySpecException e) {

            KeyPair keyPair = (KeyPair) Credentials.convertFromPem(bytes).get(0);

            return keyPair.getPrivate();

        } catch (IOException e) {

            throw new AssertionError(e);

        }

    }