Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a3f9e964 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Automerger Merge Worker
Browse files

Merge "Keystore: Wire up Ed25519 signing" into tm-dev am: e41f27bf am: 3fdec0b7 am: 34be84b9 

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/18281070



Change-Id: I5f0001f3f1737da53b01c477ddfc225cf58c2ddc
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 8efc78c5 34be84b9

keystore/java/android/security/keystore2/AndroidKeyStoreBCWorkaroundProvider.java

+2 −0
Original line number Diff line number Diff line
@@ -206,6 +206,8 @@ class AndroidKeyStoreBCWorkaroundProvider extends Provider { 


        putSignatureImpl("NONEwithECDSA",

                PACKAGE_NAME + ".AndroidKeyStoreECDSASignatureSpi$NONE");

        putSignatureImpl("Ed25519",

                PACKAGE_NAME + ".AndroidKeyStoreECDSASignatureSpi$Ed25519");



        putSignatureImpl("SHA1withECDSA", PACKAGE_NAME + ".AndroidKeyStoreECDSASignatureSpi$SHA1");

        put("Alg.Alias.Signature.ECDSA", "SHA1withECDSA");

keystore/java/android/security/keystore2/AndroidKeyStoreECDSASignatureSpi.java

+22 −2
Original line number Diff line number Diff line
@@ -29,7 +29,10 @@ import libcore.util.EmptyArray; 
import java.io.ByteArrayOutputStream;

import java.security.InvalidKeyException;

import java.security.SignatureSpi;

import java.security.spec.NamedParameterSpec;

import java.util.Arrays;

import java.util.List;

import java.util.Set;



/**

 * Base class for {@link SignatureSpi} providing Android KeyStore backed ECDSA signatures.
@@ -37,6 +40,10 @@ import java.util.List; 
 * @hide

 */

abstract class AndroidKeyStoreECDSASignatureSpi extends AndroidKeyStoreSignatureSpiBase {

    private static final Set<String> ACCEPTED_SIGNING_SCHEMES = Set.of(

            KeyProperties.KEY_ALGORITHM_EC.toLowerCase(),

            NamedParameterSpec.ED25519.getName().toLowerCase(),

            "eddsa");



    public final static class NONE extends AndroidKeyStoreECDSASignatureSpi {

        public NONE() {
@@ -114,6 +121,18 @@ abstract class AndroidKeyStoreECDSASignatureSpi extends AndroidKeyStoreSignature 
        }

    }



    public static final class Ed25519 extends AndroidKeyStoreECDSASignatureSpi {

        public Ed25519() {

            // Ed25519 uses an internal digest system.

            super(KeymasterDefs.KM_DIGEST_NONE);

        }



        @Override

        protected String getAlgorithm() {

            return NamedParameterSpec.ED25519.getName();

        }

    }



    public final static class SHA1 extends AndroidKeyStoreECDSASignatureSpi {

        public SHA1() {

            super(KeymasterDefs.KM_DIGEST_SHA1);
@@ -174,9 +193,10 @@ abstract class AndroidKeyStoreECDSASignatureSpi extends AndroidKeyStoreSignature 


    @Override

    protected final void initKey(AndroidKeyStoreKey key) throws InvalidKeyException {

        if (!KeyProperties.KEY_ALGORITHM_EC.equalsIgnoreCase(key.getAlgorithm())) {

        if (!ACCEPTED_SIGNING_SCHEMES.contains(key.getAlgorithm().toLowerCase())) {

            throw new InvalidKeyException("Unsupported key algorithm: " + key.getAlgorithm()

                    + ". Only" + KeyProperties.KEY_ALGORITHM_EC + " supported");

                    + ". Only" + Arrays.toString(ACCEPTED_SIGNING_SCHEMES.stream().toArray())

                    + " supported");

        }



        long keySizeBits = -1;