Credentials.java revision 0efca17105d112a0ff568602831b22bdafa00433
19b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh/* 29b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * Copyright (C) 2009 The Android Open Source Project 39b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * 49b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * Licensed under the Apache License, Version 2.0 (the "License"); 59b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * you may not use this file except in compliance with the License. 69b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * You may obtain a copy of the License at 79b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * 89b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * http://www.apache.org/licenses/LICENSE-2.0 99b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * 109b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * Unless required by applicable law or agreed to in writing, software 119b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * distributed under the License is distributed on an "AS IS" BASIS, 129b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 139b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * See the License for the specific language governing permissions and 149b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * limitations under the License. 159b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh */ 169b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 179b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehpackage android.security; 189b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 199b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehimport android.content.ActivityNotFoundException; 209b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehimport android.content.Context; 219b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehimport android.content.Intent; 229b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehimport android.util.Log; 230efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport com.android.org.bouncycastle.util.io.pem.PemObject; 240efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport com.android.org.bouncycastle.util.io.pem.PemReader; 250efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport com.android.org.bouncycastle.util.io.pem.PemWriter; 269d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.ByteArrayInputStream; 279d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.ByteArrayOutputStream; 289d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.IOException; 299d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.InputStreamReader; 305423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Rootimport java.io.ObjectOutputStream; 319d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.OutputStreamWriter; 329d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.Reader; 339d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.io.Writer; 349d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.nio.charset.Charsets; 359b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehimport java.security.KeyPair; 360efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport java.security.cert.Certificate; 370efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport java.security.cert.CertificateEncodingException; 380efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport java.security.cert.CertificateException; 390efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport java.security.cert.CertificateFactory; 405423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Rootimport java.security.cert.X509Certificate; 419d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.util.ArrayList; 429d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstromimport java.util.List; 439b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 449b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh/** 459b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh * {@hide} 469b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh */ 479b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yehpublic class Credentials { 489b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh private static final String LOGTAG = "Credentials"; 4944039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 5044039172627d1c15737ea73836ad375559d76211Chia-chi Yeh public static final String INSTALL_ACTION = "android.credentials.INSTALL"; 5144039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 524a9e1a2494f2e48b157506d7c731187907b7fd4eBrian Carlstrom public static final String UNLOCK_ACTION = "com.android.credentials.UNLOCK"; 534a9e1a2494f2e48b157506d7c731187907b7fd4eBrian Carlstrom 549b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Key prefix for CA certificates. */ 559b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static final String CA_CERTIFICATE = "CACERT_"; 569b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 579b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Key prefix for user certificates. */ 589b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static final String USER_CERTIFICATE = "USRCERT_"; 599b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 609b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Key prefix for user private keys. */ 619b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static final String USER_PRIVATE_KEY = "USRPKEY_"; 629b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 639b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Key prefix for VPN. */ 649b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static final String VPN = "VPN_"; 659b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 669b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Key prefix for WIFI. */ 679b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static final String WIFI = "WIFI_"; 689b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 6969ddab4575ff684c533c995e07ca15fe18543fc0Jeff Sharkey /** Key containing suffix of lockdown VPN profile. */ 7069ddab4575ff684c533c995e07ca15fe18543fc0Jeff Sharkey public static final String LOCKDOWN_VPN = "LOCKDOWN_VPN"; 7169ddab4575ff684c533c995e07ca15fe18543fc0Jeff Sharkey 729b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Data type for public keys. */ 73a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom public static final String EXTRA_PUBLIC_KEY = "KEY"; 749b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 759b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh /** Data type for private keys. */ 76a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom public static final String EXTRA_PRIVATE_KEY = "PKEY"; 779b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 7867c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom // historically used by Android 7967c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom public static final String EXTENSION_CRT = ".crt"; 8067c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom public static final String EXTENSION_P12 = ".p12"; 8167c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom // commonly used on Windows 8267c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom public static final String EXTENSION_CER = ".cer"; 8367c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom public static final String EXTENSION_PFX = ".pfx"; 8467c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom 859d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom /** 865423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: name for the user's private key. 875423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 885423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_USER_PRIVATE_KEY_NAME = "user_private_key_name"; 895423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 905423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 915423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: data for the user's private key in PEM-encoded PKCS#8. 925423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 935423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_USER_PRIVATE_KEY_DATA = "user_private_key_data"; 945423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 955423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 965423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: name for the user's certificate. 975423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 985423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_USER_CERTIFICATE_NAME = "user_certificate_name"; 995423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1005423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 1015423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: data for the user's certificate in PEM-encoded X.509. 1025423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 1035423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_USER_CERTIFICATE_DATA = "user_certificate_data"; 1045423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1055423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 1065423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: name for CA certificate chain 1075423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 1085423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_CA_CERTIFICATES_NAME = "ca_certificates_name"; 1095423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1105423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 1115423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root * Intent extra: data for CA certificate chain in PEM-encoded X.509. 1125423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root */ 1135423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public static final String EXTRA_CA_CERTIFICATES_DATA = "ca_certificates_data"; 1145423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1155423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root /** 1160efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom * Convert objects to a PEM format which is used for 1170efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom * CA_CERTIFICATE and USER_CERTIFICATE entries. 1189d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom */ 1190efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom public static byte[] convertToPem(Certificate... objects) 1200efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom throws IOException, CertificateEncodingException { 1219d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom ByteArrayOutputStream bao = new ByteArrayOutputStream(); 1229d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom Writer writer = new OutputStreamWriter(bao, Charsets.US_ASCII); 1230efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom PemWriter pw = new PemWriter(writer); 1240efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom for (Certificate o : objects) { 1250efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom pw.writeObject(new PemObject("CERTIFICATE", o.getEncoded())); 1269d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom } 1279d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom pw.close(); 1289d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom return bao.toByteArray(); 1299d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom } 1309d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom /** 1319d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom * Convert objects from PEM format, which is used for 1320efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom * CA_CERTIFICATE and USER_CERTIFICATE entries. 1339d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom */ 1340efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom public static List<X509Certificate> convertFromPem(byte[] bytes) 1350efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom throws IOException, CertificateException { 1369d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom ByteArrayInputStream bai = new ByteArrayInputStream(bytes); 1379d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom Reader reader = new InputStreamReader(bai, Charsets.US_ASCII); 1380efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom PemReader pr = new PemReader(reader); 1390efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom 1400efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom CertificateFactory cf = CertificateFactory.getInstance("X509"); 1410efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom 1420efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom List<X509Certificate> result = new ArrayList<X509Certificate>(); 1430efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom PemObject o; 1440efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom while ((o = pr.readPemObject()) != null) { 1450efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom if (o.getType().equals("CERTIFICATE")) { 1460efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom Certificate c = cf.generateCertificate(new ByteArrayInputStream(o.getContent())); 1470efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom result.add((X509Certificate) c); 1480efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom } else { 1490efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom throw new IllegalArgumentException("Unknown type " + o.getType()); 1500efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom } 1519d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom } 1529d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom pr.close(); 1539d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom return result; 1549d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom } 1559d7faa91be6661eccf73494f1ab96ae9a28d42d7Brian Carlstrom 15644039172627d1c15737ea73836ad375559d76211Chia-chi Yeh private static Credentials singleton; 15744039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 1589b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public static Credentials getInstance() { 1599b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh if (singleton == null) { 1609b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh singleton = new Credentials(); 1619b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 1629b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh return singleton; 1639b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 1649b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 1659b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public void unlock(Context context) { 1669b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh try { 1674a9e1a2494f2e48b157506d7c731187907b7fd4eBrian Carlstrom Intent intent = new Intent(UNLOCK_ACTION); 1689b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh context.startActivity(intent); 1699b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } catch (ActivityNotFoundException e) { 1709b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh Log.w(LOGTAG, e.toString()); 1719b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 1729b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 1739b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 17467c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom public void install(Context context) { 17567c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom try { 176a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom Intent intent = KeyChain.createInstallIntent(); 17767c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom context.startActivity(intent); 17867c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom } catch (ActivityNotFoundException e) { 17967c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom Log.w(LOGTAG, e.toString()); 18067c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom } 18167c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom } 18267c30dfe8e4bff11a4660ac23e8679b5deb59457Brian Carlstrom 1839b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public void install(Context context, KeyPair pair) { 1849b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh try { 185a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom Intent intent = KeyChain.createInstallIntent(); 186a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom intent.putExtra(EXTRA_PRIVATE_KEY, pair.getPrivate().getEncoded()); 187a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom intent.putExtra(EXTRA_PUBLIC_KEY, pair.getPublic().getEncoded()); 1889b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh context.startActivity(intent); 1899b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } catch (ActivityNotFoundException e) { 1909b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh Log.w(LOGTAG, e.toString()); 1919b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 1929b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 1939b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh 1949b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh public void install(Context context, String type, byte[] value) { 1959b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh try { 196a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom Intent intent = KeyChain.createInstallIntent(); 1979b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh intent.putExtra(type, value); 1989b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh context.startActivity(intent); 1999b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } catch (ActivityNotFoundException e) { 2009b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh Log.w(LOGTAG, e.toString()); 2019b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 2029b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh } 203db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root 204db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root /** 205db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root * Delete all types (private key, certificate, CA certificate) for a 206db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root * particular {@code alias}. All three can exist for any given alias. 207db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root * Returns {@code true} if there was at least one of those types. 208db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root */ 209db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root static boolean deleteAllTypesForAlias(KeyStore keystore, String alias) { 210db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root /* 211db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root * Make sure every type is deleted. There can be all three types, so 212db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root * don't use a conditional here. 213db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root */ 214db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root return keystore.delKey(Credentials.USER_PRIVATE_KEY + alias) 215802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root | deleteCertificateTypesForAlias(keystore, alias); 216802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 217802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 218802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root /** 219802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root * Delete all types (private key, certificate, CA certificate) for a 220802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root * particular {@code alias}. All three can exist for any given alias. 221802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root * Returns {@code true} if there was at least one of those types. 222802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root */ 223802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root static boolean deleteCertificateTypesForAlias(KeyStore keystore, String alias) { 224802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root /* 225802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root * Make sure every certificate type is deleted. There can be two types, 226802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root * so don't use a conditional here. 227802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root */ 228802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root return keystore.delete(Credentials.USER_CERTIFICATE + alias) 229db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root | keystore.delete(Credentials.CA_CERTIFICATE + alias); 230db026710ec0adcf7f72dfb24c65d38a882ee26d8Kenny Root } 2319b7a3f1a6437605022568cad0b92d5006a2ab391Chia-chi Yeh} 232