1/* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package android.security; 18 19import android.content.Context; 20import android.text.TextUtils; 21 22import java.math.BigInteger; 23import java.security.PrivateKey; 24import java.security.cert.Certificate; 25import java.security.spec.AlgorithmParameterSpec; 26import java.util.Date; 27 28import javax.security.auth.x500.X500Principal; 29 30/** 31 * This provides the required parameters needed for initializing the KeyPair 32 * generator that works with 33 * <a href="{@docRoot}guide/topics/security/keystore.html">Android KeyStore 34 * facility</a>. 35 * @hide 36 */ 37public class AndroidKeyPairGeneratorSpec implements AlgorithmParameterSpec { 38 private final String mKeystoreAlias; 39 40 private final Context mContext; 41 42 private final X500Principal mSubjectDN; 43 44 private final BigInteger mSerialNumber; 45 46 private final Date mStartDate; 47 48 private final Date mEndDate; 49 50 /** 51 * Parameter specification for the "{@code AndroidKeyPairGenerator}" 52 * instance of the {@link java.security.KeyPairGenerator} API. The 53 * {@code context} passed in may be used to pop up some UI to ask the user 54 * to unlock or initialize the Android keystore facility. 55 * <p> 56 * After generation, the {@code keyStoreAlias} is used with the 57 * {@link java.security.KeyStore#getEntry(String, java.security.KeyStore.ProtectionParameter)} 58 * interface to retrieve the {@link PrivateKey} and its associated 59 * {@link Certificate} chain. 60 * <p> 61 * The KeyPair generator will create a self-signed certificate with the 62 * properties of {@code subjectDN} as its X.509v3 Subject Distinguished Name 63 * and as its X.509v3 Issuer Distinguished Name, using the specified 64 * {@code serialNumber}, and the validity date starting at {@code startDate} 65 * and ending at {@code endDate}. 66 * 67 * @param context Android context for the activity 68 * @param keyStoreAlias name to use for the generated key in the Android 69 * keystore 70 * @param subjectDN X.509 v3 Subject Distinguished Name 71 * @param serialNumber X509 v3 certificate serial number 72 * @param startDate the start of the self-signed certificate validity period 73 * @param endDate the end date of the self-signed certificate validity 74 * period 75 * @throws IllegalArgumentException when any argument is {@code null} or 76 * {@code endDate} is before {@code startDate}. 77 */ 78 public AndroidKeyPairGeneratorSpec(Context context, String keyStoreAlias, 79 X500Principal subjectDN, BigInteger serialNumber, Date startDate, Date endDate) { 80 if (context == null) { 81 throw new IllegalArgumentException("context == null"); 82 } else if (TextUtils.isEmpty(keyStoreAlias)) { 83 throw new IllegalArgumentException("keyStoreAlias must not be empty"); 84 } else if (subjectDN == null) { 85 throw new IllegalArgumentException("subjectDN == null"); 86 } else if (serialNumber == null) { 87 throw new IllegalArgumentException("serialNumber == null"); 88 } else if (startDate == null) { 89 throw new IllegalArgumentException("startDate == null"); 90 } else if (endDate == null) { 91 throw new IllegalArgumentException("endDate == null"); 92 } else if (endDate.before(startDate)) { 93 throw new IllegalArgumentException("endDate < startDate"); 94 } 95 96 mContext = context; 97 mKeystoreAlias = keyStoreAlias; 98 mSubjectDN = subjectDN; 99 mSerialNumber = serialNumber; 100 mStartDate = startDate; 101 mEndDate = endDate; 102 } 103 104 /** 105 * @hide 106 */ 107 String getKeystoreAlias() { 108 return mKeystoreAlias; 109 } 110 111 /** 112 * @hide 113 */ 114 Context getContext() { 115 return mContext; 116 } 117 118 /** 119 * @hide 120 */ 121 X500Principal getSubjectDN() { 122 return mSubjectDN; 123 } 124 125 /** 126 * @hide 127 */ 128 BigInteger getSerialNumber() { 129 return mSerialNumber; 130 } 131 132 /** 133 * @hide 134 */ 135 Date getStartDate() { 136 return mStartDate; 137 } 138 139 /** 140 * @hide 141 */ 142 Date getEndDate() { 143 return mEndDate; 144 } 145} 146