Merge "Flatten KeyStoreKeyProperties constants." into mnc-dev

  }

  public abstract class KeyStoreKeyProperties {

  }

  public static abstract class KeyStoreKeyProperties.Algorithm {

    field public static final java.lang.String AES = "AES";

    field public static final java.lang.String EC = "EC";

    field public static final java.lang.String HMAC_SHA1 = "HmacSHA1";

    field public static final java.lang.String HMAC_SHA224 = "HmacSHA224";

    field public static final java.lang.String HMAC_SHA256 = "HmacSHA256";

    field public static final java.lang.String HMAC_SHA384 = "HmacSHA384";

    field public static final java.lang.String HMAC_SHA512 = "HmacSHA512";

    field public static final java.lang.String RSA = "RSA";

  }

  public static abstract class KeyStoreKeyProperties.BlockMode {

    field public static final java.lang.String CBC = "CBC";

    field public static final java.lang.String CTR = "CTR";

    field public static final java.lang.String ECB = "ECB";

    field public static final java.lang.String GCM = "GCM";

  }

  public static abstract class KeyStoreKeyProperties.Digest {

    field public static final java.lang.String MD5 = "MD5";

    field public static final java.lang.String NONE = "NONE";

    field public static final java.lang.String SHA1 = "SHA-1";

    field public static final java.lang.String SHA224 = "SHA-224";

    field public static final java.lang.String SHA256 = "SHA-256";

    field public static final java.lang.String SHA384 = "SHA-384";

    field public static final java.lang.String SHA512 = "SHA-512";

  }

  public static abstract class KeyStoreKeyProperties.EncryptionPadding {

    field public static final java.lang.String NONE = "NoPadding";

    field public static final java.lang.String PKCS7 = "PKCS7Padding";

    field public static final java.lang.String RSA_OAEP = "OAEPPadding";

    field public static final java.lang.String RSA_PKCS1 = "PKCS1Padding";

  }

  public static abstract class KeyStoreKeyProperties.Origin {

    field public static final int GENERATED = 1; // 0x1

    field public static final int IMPORTED = 2; // 0x2

    field public static final int UNKNOWN = 4; // 0x4

  }

  public static abstract class KeyStoreKeyProperties.Purpose {

    field public static final int DECRYPT = 2; // 0x2

    field public static final int ENCRYPT = 1; // 0x1

    field public static final int SIGN = 4; // 0x4

    field public static final int VERIFY = 8; // 0x8

  }

  public static abstract class KeyStoreKeyProperties.SignaturePadding {

    field public static final java.lang.String RSA_PKCS1 = "PKCS1";

    field public static final java.lang.String RSA_PSS = "PSS";

    field public static final java.lang.String BLOCK_MODE_CBC = "CBC";

    field public static final java.lang.String BLOCK_MODE_CTR = "CTR";

    field public static final java.lang.String BLOCK_MODE_ECB = "ECB";

    field public static final java.lang.String BLOCK_MODE_GCM = "GCM";

    field public static final java.lang.String DIGEST_MD5 = "MD5";

    field public static final java.lang.String DIGEST_NONE = "NONE";

    field public static final java.lang.String DIGEST_SHA1 = "SHA-1";

    field public static final java.lang.String DIGEST_SHA224 = "SHA-224";

    field public static final java.lang.String DIGEST_SHA256 = "SHA-256";

    field public static final java.lang.String DIGEST_SHA384 = "SHA-384";

    field public static final java.lang.String DIGEST_SHA512 = "SHA-512";

    field public static final java.lang.String ENCRYPTION_PADDING_NONE = "NoPadding";

    field public static final java.lang.String ENCRYPTION_PADDING_PKCS7 = "PKCS7Padding";

    field public static final java.lang.String ENCRYPTION_PADDING_RSA_OAEP = "OAEPPadding";

    field public static final java.lang.String ENCRYPTION_PADDING_RSA_PKCS1 = "PKCS1Padding";

    field public static final java.lang.String KEY_ALGORITHM_AES = "AES";

    field public static final java.lang.String KEY_ALGORITHM_EC = "EC";

    field public static final java.lang.String KEY_ALGORITHM_HMAC_SHA1 = "HmacSHA1";

    field public static final java.lang.String KEY_ALGORITHM_HMAC_SHA224 = "HmacSHA224";

    field public static final java.lang.String KEY_ALGORITHM_HMAC_SHA256 = "HmacSHA256";

    field public static final java.lang.String KEY_ALGORITHM_HMAC_SHA384 = "HmacSHA384";

    field public static final java.lang.String KEY_ALGORITHM_HMAC_SHA512 = "HmacSHA512";

    field public static final java.lang.String KEY_ALGORITHM_RSA = "RSA";

    field public static final int ORIGIN_GENERATED = 1; // 0x1

    field public static final int ORIGIN_IMPORTED = 2; // 0x2

    field public static final int ORIGIN_UNKNOWN = 4; // 0x4

    field public static final int PURPOSE_DECRYPT = 2; // 0x2

    field public static final int PURPOSE_ENCRYPT = 1; // 0x1

    field public static final int PURPOSE_SIGN = 4; // 0x4

    field public static final int PURPOSE_VERIFY = 8; // 0x8

    field public static final java.lang.String SIGNATURE_PADDING_RSA_PKCS1 = "PKCS1";

    field public static final java.lang.String SIGNATURE_PADDING_RSA_PSS = "PSS";

  }

  public class KeyStoreKeySpec implements java.security.spec.KeySpec {

  }

  public abstract class KeyStoreKeyProperties {

  }

  public static abstract class KeyStoreKeyProperties.Algorithm {

    field public static final java.lang.String AES = "AES";

    field public static final java.lang.String EC = "EC";

    field public static final java.lang.String HMAC_SHA1 = "HmacSHA1";

    field public static final java.lang.String HMAC_SHA224 = "HmacSHA224";

    field public static final java.lang.String HMAC_SHA256 = "HmacSHA256";

    field public static final java.lang.String HMAC_SHA384 = "HmacSHA384";

    field public static final java.lang.String HMAC_SHA512 = "HmacSHA512";

    field public static final java.lang.String RSA = "RSA";

  }

  public static abstract class KeyStoreKeyProperties.BlockMode {

    field public static final java.lang.String CBC = "CBC";

    field public static final java.lang.String CTR = "CTR";

    field public static final java.lang.String ECB = "ECB";

    field public static final java.lang.String GCM = "GCM";

  }

  public static abstract class KeyStoreKeyProperties.Digest {

    field public static final java.lang.String MD5 = "MD5";

    field public static final java.lang.String NONE = "NONE";

    field public static final java.lang.String SHA1 = "SHA-1";

    field public static final java.lang.String SHA224 = "SHA-224";

    field public static final java.lang.String SHA256 = "SHA-256";

    field public static final java.lang.String SHA384 = "SHA-384";

    field public static final java.lang.String SHA512 = "SHA-512";

  }

  public static abstract class KeyStoreKeyProperties.EncryptionPadding {

    field public static final java.lang.String NONE = "NoPadding";

    field public static final java.lang.String PKCS7 = "PKCS7Padding";

    field public static final java.lang.String RSA_OAEP = "OAEPPadding";

    field public static final java.lang.String RSA_PKCS1 = "PKCS1Padding";

  }

  public static abstract class KeyStoreKeyProperties.Origin {

    field public static final int GENERATED = 1; // 0x1

    field public static final int IMPORTED = 2; // 0x2

    field public static final int UNKNOWN = 4; // 0x4

  }

  public static abstract class KeyStoreKeyProperties.Purpose {

    field public static final int DECRYPT = 2; // 0x2

    field public static final int ENCRYPT = 1; // 0x1

    field public static final int SIGN = 4; // 0x4

    field public static final int VERIFY = 8; // 0x8

  }

  public static abstract class KeyStoreKeyProperties.SignaturePadding {

    field public static final java.lang.String RSA_PKCS1 = "PKCS1";

    field public static final java.lang.String RSA_PSS = "PSS";

    field public static final java.lang.String BLOCK_MODE_CBC = "CBC";

    field public static final java.lang.String BLOCK_MODE_CTR = "CTR";

    field public static final java.lang.String BLOCK_MODE_ECB = "ECB";

    field public static final java.lang.String BLOCK_MODE_GCM = "GCM";

    field public static final java.lang.String DIGEST_MD5 = "MD5";

    field public static final java.lang.String DIGEST_NONE = "NONE";

    field public static final java.lang.String DIGEST_SHA1 = "SHA-1";

    field public static final java.lang.String DIGEST_SHA224 = "SHA-224";

    field public static final java.lang.String DIGEST_SHA256 = "SHA-256";

    field public static final java.lang.String DIGEST_SHA384 = "SHA-384";

    field public static final java.lang.String DIGEST_SHA512 = "SHA-512";

    field public static final java.lang.String ENCRYPTION_PADDING_NONE = "NoPadding";

    field public static final java.lang.String ENCRYPTION_PADDING_PKCS7 = "PKCS7Padding";

    field public static final java.lang.String ENCRYPTION_PADDING_RSA_OAEP = "OAEPPadding";

    field public static final java.lang.String ENCRYPTION_PADDING_RSA_PKCS1 = "PKCS1Padding";

    field public static final java.lang.String KEY_ALGORITHM_AES = "AES";

    field public static final java.lang.String KEY_ALGORITHM_EC = "EC";

    field public static final java.lang.String KEY_ALGORITHM_HMAC_SHA1 = "HmacSHA1";

    field public static final java.lang.String KEY_ALGORITHM_HMAC_SHA224 = "HmacSHA224";

    field public static final java.lang.String KEY_ALGORITHM_HMAC_SHA256 = "HmacSHA256";

    field public static final java.lang.String KEY_ALGORITHM_HMAC_SHA384 = "HmacSHA384";

    field public static final java.lang.String KEY_ALGORITHM_HMAC_SHA512 = "HmacSHA512";

    field public static final java.lang.String KEY_ALGORITHM_RSA = "RSA";

    field public static final int ORIGIN_GENERATED = 1; // 0x1

    field public static final int ORIGIN_IMPORTED = 2; // 0x2

    field public static final int ORIGIN_UNKNOWN = 4; // 0x4

    field public static final int PURPOSE_DECRYPT = 2; // 0x2

    field public static final int PURPOSE_ENCRYPT = 1; // 0x1

    field public static final int PURPOSE_SIGN = 4; // 0x4

    field public static final int PURPOSE_VERIFY = 8; // 0x8

    field public static final java.lang.String SIGNATURE_PADDING_RSA_PKCS1 = "PKCS1";

    field public static final java.lang.String SIGNATURE_PADDING_RSA_PSS = "PSS";

  }

  public class KeyStoreKeySpec implements java.security.spec.KeySpec {

    public static class RSA extends AndroidKeyPairGenerator {

        public RSA() {

            super(KeyStoreKeyProperties.Algorithm.RSA);

            super(KeyStoreKeyProperties.KEY_ALGORITHM_RSA);

        }

    }

    public static class EC extends AndroidKeyPairGenerator {

        public EC() {

            super(KeyStoreKeyProperties.Algorithm.EC);

            super(KeyStoreKeyProperties.KEY_ALGORITHM_EC);

        }

    }

    private android.security.KeyStore mKeyStore;

    private KeyPairGeneratorSpec mSpec;

    private @KeyStoreKeyProperties.AlgorithmEnum String mKeyAlgorithm;

    private @KeyStoreKeyProperties.KeyAlgorithmEnum String mKeyAlgorithm;

    private int mKeyType;

    private int mKeySize;

    protected AndroidKeyPairGenerator(@KeyStoreKeyProperties.AlgorithmEnum String algorithm) {

    protected AndroidKeyPairGenerator(@KeyStoreKeyProperties.KeyAlgorithmEnum String algorithm) {

        mAlgorithm = algorithm;

    }

    public @KeyStoreKeyProperties.AlgorithmEnum String getAlgorithm() {

    @KeyStoreKeyProperties.KeyAlgorithmEnum String getAlgorithm() {

        return mAlgorithm;

    }

        return certGen.generate(privateKey);

    }

    private @KeyStoreKeyProperties.AlgorithmEnum String getKeyAlgorithm(KeyPairGeneratorSpec spec) {

    private @KeyStoreKeyProperties.KeyAlgorithmEnum String getKeyAlgorithm(

            KeyPairGeneratorSpec spec) {

        String result = spec.getKeyType();

        if (result != null) {

            return result;

    }

    private static String getDefaultSignatureAlgorithmForKeyAlgorithm(

            @KeyStoreKeyProperties.AlgorithmEnum String algorithm) {

        if (KeyStoreKeyProperties.Algorithm.RSA.equalsIgnoreCase(algorithm)) {

            @KeyStoreKeyProperties.KeyAlgorithmEnum String algorithm) {

        if (KeyStoreKeyProperties.KEY_ALGORITHM_RSA.equalsIgnoreCase(algorithm)) {

            return "sha256WithRSA";

        } else if (KeyStoreKeyProperties.Algorithm.EC.equalsIgnoreCase(algorithm)) {

        } else if (KeyStoreKeyProperties.KEY_ALGORITHM_EC.equalsIgnoreCase(algorithm)) {

            return "sha256WithECDSA";

        } else {

            throw new IllegalArgumentException("Unsupported key type " + algorithm);

        }

        KeyPairGeneratorSpec spec = (KeyPairGeneratorSpec) params;

        @KeyStoreKeyProperties.AlgorithmEnum String keyAlgorithm = getKeyAlgorithm(spec);

        @KeyStoreKeyProperties.KeyAlgorithmEnum String keyAlgorithm = getKeyAlgorithm(spec);

        int keyType = KeyStore.getKeyTypeForAlgorithm(keyAlgorithm);

        if (keyType == -1) {

            throw new InvalidAlgorithmParameterException(

                keymasterDigest = keymasterDigests.get(0);

            }

            @KeyStoreKeyProperties.AlgorithmEnum String keyAlgorithmString;

            @KeyStoreKeyProperties.KeyAlgorithmEnum String keyAlgorithmString;

            try {

                keyAlgorithmString =

                        KeyStoreKeyProperties.Algorithm.fromKeymasterSecretKeyAlgorithm(

                        KeyStoreKeyProperties.KeyAlgorithm.fromKeymasterSecretKeyAlgorithm(

                                keymasterAlgorithm, keymasterDigest);

            } catch (IllegalArgumentException e) {

                throw (UnrecoverableKeyException)

        int keymasterAlgorithm;

        int keymasterDigest;

        try {

            keymasterAlgorithm = KeyStoreKeyProperties.Algorithm.toKeymasterSecretKeyAlgorithm(

            keymasterAlgorithm = KeyStoreKeyProperties.KeyAlgorithm.toKeymasterSecretKeyAlgorithm(

                    keyAlgorithmString);

            keymasterDigest =

                    KeyStoreKeyProperties.Algorithm.toKeymasterDigest(keyAlgorithmString);

                    KeyStoreKeyProperties.KeyAlgorithm.toKeymasterDigest(keyAlgorithmString);

        } catch (IllegalArgumentException e) {

            throw new KeyStoreException("Unsupported secret key algorithm: " + keyAlgorithmString);

        }

        @KeyStoreKeyProperties.PurposeEnum int purposes = params.getPurposes();

        int[] keymasterBlockModes =

                KeyStoreKeyProperties.BlockMode.allToKeymaster(params.getBlockModes());

        if (((purposes & KeyStoreKeyProperties.Purpose.ENCRYPT) != 0)

        if (((purposes & KeyStoreKeyProperties.PURPOSE_ENCRYPT) != 0)

                && (params.isRandomizedEncryptionRequired())) {

            for (int keymasterBlockMode : keymasterBlockModes) {

                if (!KeymasterUtils.isKeymasterBlockModeIndCpaCompatible(keymasterBlockMode)) {

        // TODO: Remove this once keymaster does not require us to specify the size of imported key.

        args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, keyMaterial.length * 8);

        if (((purposes & KeyStoreKeyProperties.Purpose.ENCRYPT) != 0)

        if (((purposes & KeyStoreKeyProperties.PURPOSE_ENCRYPT) != 0)

                && (!params.isRandomizedEncryptionRequired())) {

            // Permit caller-provided IV when encrypting with this key

            args.addBoolean(KeymasterDefs.KM_TAG_CALLER_NONCE);

     */

    public static void choosePrivateKeyAlias(@NonNull Activity activity,

            @NonNull KeyChainAliasCallback response,

            @KeyStoreKeyProperties.AlgorithmEnum String[] keyTypes, Principal[] issuers,

            @KeyStoreKeyProperties.KeyAlgorithmEnum String[] keyTypes, Principal[] issuers,

            @Nullable String host, int port, @Nullable String alias) {

        choosePrivateKeyAlias(activity, response, keyTypes, issuers, host, port, null, alias);

    }

     */

    public static void choosePrivateKeyAlias(@NonNull Activity activity,

            @NonNull KeyChainAliasCallback response,

            @KeyStoreKeyProperties.AlgorithmEnum String[] keyTypes, Principal[] issuers,

            @KeyStoreKeyProperties.KeyAlgorithmEnum String[] keyTypes, Principal[] issuers,

            @Nullable String host, int port, @Nullable String url, @Nullable String alias) {

        /*

         * TODO currently keyTypes, issuers are unused. They are meant

     * "RSA").

     */

    public static boolean isKeyAlgorithmSupported(

            @NonNull @KeyStoreKeyProperties.AlgorithmEnum String algorithm) {

            @NonNull @KeyStoreKeyProperties.KeyAlgorithmEnum String algorithm) {

        final String algUpper = algorithm.toUpperCase(Locale.US);

        return KeyStoreKeyProperties.Algorithm.EC.equals(algUpper)

                || KeyStoreKeyProperties.Algorithm.RSA.equals(algUpper);

        return KeyStoreKeyProperties.KEY_ALGORITHM_EC.equals(algUpper)

                || KeyStoreKeyProperties.KEY_ALGORITHM_RSA.equals(algUpper);

    }

    /**

     * that makes it non-exportable.

     */

    public static boolean isBoundKeyAlgorithm(

            @NonNull @KeyStoreKeyProperties.AlgorithmEnum String algorithm) {

            @NonNull @KeyStoreKeyProperties.KeyAlgorithmEnum String algorithm) {

        if (!isKeyAlgorithmSupported(algorithm)) {

            return false;

        }