Credentials.java revision baf2838fd2c7ddf517bd5bd9917551a4706af5b6
19b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh/* 29b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * Copyright (C) 2009 The Android Open Source Project 39b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * 49b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * Licensed under the Apache License, Version 2.0 (the "License"); 59b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * you may not use this file except in compliance with the License. 69b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * You may obtain a copy of the License at 79b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * 89b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * http://www.apache.org/licenses/LICENSE-2.0 99b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * 109b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * Unless required by applicable law or agreed to in writing, software 119b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * distributed under the License is distributed on an "AS IS" BASIS, 129b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 139b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * See the License for the specific language governing permissions and 149b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * limitations under the License. 159b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh */ 169b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 179b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehpackage android.security; 189b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 199b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehimport android.content.ActivityNotFoundException; 209b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehimport android.content.Context; 219b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehimport android.content.Intent; 229b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehimport android.util.Log; 230efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport com.android.org.bouncycastle.util.io.pem.PemObject; 240efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport com.android.org.bouncycastle.util.io.pem.PemReader; 250efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport com.android.org.bouncycastle.util.io.pem.PemWriter; 269d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.ByteArrayInputStream; 279d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.ByteArrayOutputStream; 289d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.IOException; 299d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.InputStreamReader; 309d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.OutputStreamWriter; 319d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.Reader; 329d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.Writer; 33d396a448b2e36e29598c954b64bfddef73f3fae0Elliott Hughesimport java.nio.charset.StandardCharsets; 349b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehimport java.security.KeyPair; 350efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport java.security.cert.Certificate; 360efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport java.security.cert.CertificateEncodingException; 370efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport java.security.cert.CertificateException; 380efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport java.security.cert.CertificateFactory; 395423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Rootimport java.security.cert.X509Certificate; 409d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.util.ArrayList; 419d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.util.List; 429b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 439b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh/** 449b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * {@hide} 459b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh */ 469b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehpublic class Credentials { 479b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh private static final String LOGTAG = "Credentials"; 4844039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 4944039172627d1c15737ea73836ad375559d76211Chia-chi Yeh public static final String INSTALL_ACTION = "android.credentials.INSTALL"; 5044039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 513e7be43e2555bbdfe311dcbd9a36f7f05321a2d8Kenny Root public static final String INSTALL_AS_USER_ACTION = "android.credentials.INSTALL_AS_USER"; 523e7be43e2555bbdfe311dcbd9a36f7f05321a2d8Kenny Root 534a9e1a2494f2e48b157506d7c731187907b7fd4eBrian Carlstrom public static final String UNLOCK_ACTION = "com.android.credentials.UNLOCK"; 544a9e1a2494f2e48b157506d7c731187907b7fd4eBrian Carlstrom 559b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Key prefix for CA certificates. */ 569b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static final String CA_CERTIFICATE = "CACERT_"; 579b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 589b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Key prefix for user certificates. */ 599b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static final String USER_CERTIFICATE = "USRCERT_"; 609b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 619b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Key prefix for user private keys. */ 629b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static final String USER_PRIVATE_KEY = "USRPKEY_"; 639b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 64baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin /** Key prefix for user secret keys. */ 65baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin public static final String USER_SECRET_KEY = "USRSKEY_"; 66baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin 679b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Key prefix for VPN. */ 689b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static final String VPN = "VPN_"; 699b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 709b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Key prefix for WIFI. */ 719b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static final String WIFI = "WIFI_"; 729b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 7369ddab4575ff684c533c995e07ca15fe18543fc0Jeff Sharkey /** Key containing suffix of lockdown VPN profile. */ 7469ddab4575ff684c533c995e07ca15fe18543fc0Jeff Sharkey public static final String LOCKDOWN_VPN = "LOCKDOWN_VPN"; 7569ddab4575ff684c533c995e07ca15fe18543fc0Jeff Sharkey 769b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Data type for public keys. */ 77a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom public static final String EXTRA_PUBLIC_KEY = "KEY"; 789b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 799b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Data type for private keys. */ 80a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom public static final String EXTRA_PRIVATE_KEY = "PKEY"; 819b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 8267c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom // historically used by Android 8367c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom public static final String EXTENSION_CRT = ".crt"; 8467c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom public static final String EXTENSION_P12 = ".p12"; 8567c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom // commonly used on Windows 8667c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom public static final String EXTENSION_CER = ".cer"; 8767c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom public static final String EXTENSION_PFX = ".pfx"; 8867c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom 899d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom /** 903e7be43e2555bbdfe311dcbd9a36f7f05321a2d8Kenny Root * Intent extra: install the certificate bundle as this UID instead of 913e7be43e2555bbdfe311dcbd9a36f7f05321a2d8Kenny Root * system. 923e7be43e2555bbdfe311dcbd9a36f7f05321a2d8Kenny Root */ 933e7be43e2555bbdfe311dcbd9a36f7f05321a2d8Kenny Root public static final String EXTRA_INSTALL_AS_UID = "install_as_uid"; 943e7be43e2555bbdfe311dcbd9a36f7f05321a2d8Kenny Root 953e7be43e2555bbdfe311dcbd9a36f7f05321a2d8Kenny Root /** 965423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: name for the user's private key. 975423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 985423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_USER_PRIVATE_KEY_NAME = "user_private_key_name"; 995423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1005423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 1015423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: data for the user's private key in PEM-encoded PKCS#8. 1025423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 1035423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_USER_PRIVATE_KEY_DATA = "user_private_key_data"; 1045423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1055423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 1065423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: name for the user's certificate. 1075423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 1085423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_USER_CERTIFICATE_NAME = "user_certificate_name"; 1095423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1105423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 1115423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: data for the user's certificate in PEM-encoded X.509. 1125423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 1135423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_USER_CERTIFICATE_DATA = "user_certificate_data"; 1145423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1155423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 1165423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: name for CA certificate chain 1175423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 1185423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_CA_CERTIFICATES_NAME = "ca_certificates_name"; 1195423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1205423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 1215423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: data for CA certificate chain in PEM-encoded X.509. 1225423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 1235423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_CA_CERTIFICATES_DATA = "ca_certificates_data"; 1245423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1255423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 1260efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom * Convert objects to a PEM format which is used for 1270efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom * CA_CERTIFICATE and USER_CERTIFICATE entries. 1289d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom */ 1290efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom public static byte[] convertToPem(Certificate... objects) 1300efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom throws IOException, CertificateEncodingException { 1319d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom ByteArrayOutputStream bao = new ByteArrayOutputStream(); 132d396a448b2e36e29598c954b64bfddef73f3fae0Elliott Hughes Writer writer = new OutputStreamWriter(bao, StandardCharsets.US_ASCII); 1330efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom PemWriter pw = new PemWriter(writer); 1340efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom for (Certificate o : objects) { 1350efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom pw.writeObject(new PemObject("CERTIFICATE", o.getEncoded())); 1369d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom } 1379d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom pw.close(); 1389d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom return bao.toByteArray(); 1399d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom } 1409d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom /** 1419d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom * Convert objects from PEM format, which is used for 1420efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom * CA_CERTIFICATE and USER_CERTIFICATE entries. 1439d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom */ 1440efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom public static List<X509Certificate> convertFromPem(byte[] bytes) 1450efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom throws IOException, CertificateException { 1469d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom ByteArrayInputStream bai = new ByteArrayInputStream(bytes); 147d396a448b2e36e29598c954b64bfddef73f3fae0Elliott Hughes Reader reader = new InputStreamReader(bai, StandardCharsets.US_ASCII); 1480efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom PemReader pr = new PemReader(reader); 1490efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom 1500efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom CertificateFactory cf = CertificateFactory.getInstance("X509"); 1510efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom 1520efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom List<X509Certificate> result = new ArrayList<X509Certificate>(); 1530efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom PemObject o; 1540efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom while ((o = pr.readPemObject()) != null) { 1550efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom if (o.getType().equals("CERTIFICATE")) { 1560efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom Certificate c = cf.generateCertificate(new ByteArrayInputStream(o.getContent())); 1570efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom result.add((X509Certificate) c); 1580efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom } else { 1590efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom throw new IllegalArgumentException("Unknown type " + o.getType()); 1600efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom } 1619d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom } 1629d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom pr.close(); 1639d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom return result; 1649d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom } 1659d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom 16644039172627d1c15737ea73836ad375559d76211Chia-chi Yeh private static Credentials singleton; 16744039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 1689b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static Credentials getInstance() { 1699b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh if (singleton == null) { 1709b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh singleton = new Credentials(); 1719b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 1729b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh return singleton; 1739b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 1749b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 1759b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public void unlock(Context context) { 1769b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh try { 1774a9e1a2494f2e48b157506d7c731187907b7fd4eBrian Carlstrom Intent intent = new Intent(UNLOCK_ACTION); 1789b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh context.startActivity(intent); 1799b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } catch (ActivityNotFoundException e) { 1809b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh Log.w(LOGTAG, e.toString()); 1819b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 1829b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 1839b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 18467c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom public void install(Context context) { 18567c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom try { 186a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom Intent intent = KeyChain.createInstallIntent(); 18767c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom context.startActivity(intent); 18867c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom } catch (ActivityNotFoundException e) { 18967c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom Log.w(LOGTAG, e.toString()); 19067c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom } 19167c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom } 19267c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom 1939b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public void install(Context context, KeyPair pair) { 1949b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh try { 195a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom Intent intent = KeyChain.createInstallIntent(); 196a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom intent.putExtra(EXTRA_PRIVATE_KEY, pair.getPrivate().getEncoded()); 197a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom intent.putExtra(EXTRA_PUBLIC_KEY, pair.getPublic().getEncoded()); 1989b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh context.startActivity(intent); 1999b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } catch (ActivityNotFoundException e) { 2009b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh Log.w(LOGTAG, e.toString()); 2019b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 2029b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 2039b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 2049b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public void install(Context context, String type, byte[] value) { 2059b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh try { 206a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom Intent intent = KeyChain.createInstallIntent(); 2079b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh intent.putExtra(type, value); 2089b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh context.startActivity(intent); 2099b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } catch (ActivityNotFoundException e) { 2109b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh Log.w(LOGTAG, e.toString()); 2119b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 2129b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 213db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root 214db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root /** 215db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root * Delete all types (private key, certificate, CA certificate) for a 216db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root * particular {@code alias}. All three can exist for any given alias. 217db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root * Returns {@code true} if there was at least one of those types. 218db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root */ 219db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root static boolean deleteAllTypesForAlias(KeyStore keystore, String alias) { 220db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root /* 221db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root * Make sure every type is deleted. There can be all three types, so 222db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root * don't use a conditional here. 223db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root */ 224baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin return keystore.delete(Credentials.USER_PRIVATE_KEY + alias) 225baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin | keystore.delete(Credentials.USER_SECRET_KEY + alias) 226802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root | deleteCertificateTypesForAlias(keystore, alias); 227802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 228802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 229802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root /** 230802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root * Delete all types (private key, certificate, CA certificate) for a 231802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root * particular {@code alias}. All three can exist for any given alias. 232802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root * Returns {@code true} if there was at least one of those types. 233802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root */ 234802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root static boolean deleteCertificateTypesForAlias(KeyStore keystore, String alias) { 235802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root /* 236802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root * Make sure every certificate type is deleted. There can be two types, 237802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root * so don't use a conditional here. 238802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root */ 239802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root return keystore.delete(Credentials.USER_CERTIFICATE + alias) 240db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root | keystore.delete(Credentials.CA_CERTIFICATE + alias); 241db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root } 242baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin 243baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin /** 244baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin * Delete private key for a particular {@code alias}. 245baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin * Returns {@code true} if an entry was was deleted. 246baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin */ 247baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin static boolean deletePrivateKeyTypeForAlias(KeyStore keystore, String alias) { 248baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin return keystore.delete(Credentials.USER_PRIVATE_KEY + alias); 249baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin } 250baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin 251baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin /** 252baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin * Delete secret key for a particular {@code alias}. 253baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin * Returns {@code true} if an entry was was deleted. 254baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin */ 255baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin static boolean deleteSecretKeyTypeForAlias(KeyStore keystore, String alias) { 256baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin return keystore.delete(Credentials.USER_SECRET_KEY + alias); 257baf2838fd2c7ddf517bd5bd9917551a4706af5b6Alex Klyubin } 2589b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh} 259