1/*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package android.security;
18
19import android.content.Context;
20import android.text.TextUtils;
21
22import java.math.BigInteger;
23import java.security.PrivateKey;
24import java.security.cert.Certificate;
25import java.security.spec.AlgorithmParameterSpec;
26import java.util.Date;
27
28import javax.security.auth.x500.X500Principal;
29
30/**
31 * This provides the required parameters needed for initializing the KeyPair
32 * generator that works with
33 * <a href="{@docRoot}guide/topics/security/keystore.html">Android KeyStore
34 * facility</a>.
35 * @hide
36 */
37public class AndroidKeyPairGeneratorSpec implements AlgorithmParameterSpec {
38    private final String mKeystoreAlias;
39
40    private final Context mContext;
41
42    private final X500Principal mSubjectDN;
43
44    private final BigInteger mSerialNumber;
45
46    private final Date mStartDate;
47
48    private final Date mEndDate;
49
50    /**
51     * Parameter specification for the "{@code AndroidKeyPairGenerator}"
52     * instance of the {@link java.security.KeyPairGenerator} API. The
53     * {@code context} passed in may be used to pop up some UI to ask the user
54     * to unlock or initialize the Android keystore facility.
55     * <p>
56     * After generation, the {@code keyStoreAlias} is used with the
57     * {@link java.security.KeyStore#getEntry(String, java.security.KeyStore.ProtectionParameter)}
58     * interface to retrieve the {@link PrivateKey} and its associated
59     * {@link Certificate} chain.
60     * <p>
61     * The KeyPair generator will create a self-signed certificate with the
62     * properties of {@code subjectDN} as its X.509v3 Subject Distinguished Name
63     * and as its X.509v3 Issuer Distinguished Name, using the specified
64     * {@code serialNumber}, and the validity date starting at {@code startDate}
65     * and ending at {@code endDate}.
66     *
67     * @param context Android context for the activity
68     * @param keyStoreAlias name to use for the generated key in the Android
69     *            keystore
70     * @param subjectDN X.509 v3 Subject Distinguished Name
71     * @param serialNumber X509 v3 certificate serial number
72     * @param startDate the start of the self-signed certificate validity period
73     * @param endDate the end date of the self-signed certificate validity
74     *            period
75     * @throws IllegalArgumentException when any argument is {@code null} or
76     *             {@code endDate} is before {@code startDate}.
77     */
78    public AndroidKeyPairGeneratorSpec(Context context, String keyStoreAlias,
79            X500Principal subjectDN, BigInteger serialNumber, Date startDate, Date endDate) {
80        if (context == null) {
81            throw new IllegalArgumentException("context == null");
82        } else if (TextUtils.isEmpty(keyStoreAlias)) {
83            throw new IllegalArgumentException("keyStoreAlias must not be empty");
84        } else if (subjectDN == null) {
85            throw new IllegalArgumentException("subjectDN == null");
86        } else if (serialNumber == null) {
87            throw new IllegalArgumentException("serialNumber == null");
88        } else if (startDate == null) {
89            throw new IllegalArgumentException("startDate == null");
90        } else if (endDate == null) {
91            throw new IllegalArgumentException("endDate == null");
92        } else if (endDate.before(startDate)) {
93            throw new IllegalArgumentException("endDate < startDate");
94        }
95
96        mContext = context;
97        mKeystoreAlias = keyStoreAlias;
98        mSubjectDN = subjectDN;
99        mSerialNumber = serialNumber;
100        mStartDate = startDate;
101        mEndDate = endDate;
102    }
103
104    /**
105     * @hide
106     */
107    String getKeystoreAlias() {
108        return mKeystoreAlias;
109    }
110
111    /**
112     * @hide
113     */
114    Context getContext() {
115        return mContext;
116    }
117
118    /**
119     * @hide
120     */
121    X500Principal getSubjectDN() {
122        return mSubjectDN;
123    }
124
125    /**
126     * @hide
127     */
128    BigInteger getSerialNumber() {
129        return mSerialNumber;
130    }
131
132    /**
133     * @hide
134     */
135    Date getStartDate() {
136        return mStartDate;
137    }
138
139    /**
140     * @hide
141     */
142    Date getEndDate() {
143        return mEndDate;
144    }
145}
146