KeyStore.java revision 2eeda7286f3c7cb79f7eb71ae6464cad213d12a3
144039172627d1c15737ea73836ad375559d76211Chia-chi Yeh/* 244039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * Copyright (C) 2009 The Android Open Source Project 344039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * 444039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * Licensed under the Apache License, Version 2.0 (the "License"); 544039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * you may not use this file except in compliance with the License. 644039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * You may obtain a copy of the License at 744039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * 844039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * http://www.apache.org/licenses/LICENSE-2.0 944039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * 1044039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * Unless required by applicable law or agreed to in writing, software 1144039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * distributed under the License is distributed on an "AS IS" BASIS, 1244039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1344039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * See the License for the specific language governing permissions and 1444039172627d1c15737ea73836ad375559d76211Chia-chi Yeh * limitations under the License. 1544039172627d1c15737ea73836ad375559d76211Chia-chi Yeh */ 1644039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 1744039172627d1c15737ea73836ad375559d76211Chia-chi Yehpackage android.security; 1844039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 196b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Rootimport android.os.RemoteException; 206b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Rootimport android.os.ServiceManager; 216b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Rootimport android.util.Log; 2244039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 2344039172627d1c15737ea73836ad375559d76211Chia-chi Yeh/** 2446703b099516c383a6882815bcf9cd4df0ec538dBrian Carlstrom * @hide This should not be made public in its present form because it 2546703b099516c383a6882815bcf9cd4df0ec538dBrian Carlstrom * assumes that private and secret key bytes are available and would 2646703b099516c383a6882815bcf9cd4df0ec538dBrian Carlstrom * preclude the use of hardware crypto. 2744039172627d1c15737ea73836ad375559d76211Chia-chi Yeh */ 2844039172627d1c15737ea73836ad375559d76211Chia-chi Yehpublic class KeyStore { 296b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root private static final String TAG = "KeyStore"; 305cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom 315cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom // ResponseCodes 327e4b1a488dd02c4bf6156379e36834e9e01c5b1bBrian Carlstrom public static final int NO_ERROR = 1; 337e4b1a488dd02c4bf6156379e36834e9e01c5b1bBrian Carlstrom public static final int LOCKED = 2; 347e4b1a488dd02c4bf6156379e36834e9e01c5b1bBrian Carlstrom public static final int UNINITIALIZED = 3; 357e4b1a488dd02c4bf6156379e36834e9e01c5b1bBrian Carlstrom public static final int SYSTEM_ERROR = 4; 367e4b1a488dd02c4bf6156379e36834e9e01c5b1bBrian Carlstrom public static final int PROTOCOL_ERROR = 5; 377e4b1a488dd02c4bf6156379e36834e9e01c5b1bBrian Carlstrom public static final int PERMISSION_DENIED = 6; 387e4b1a488dd02c4bf6156379e36834e9e01c5b1bBrian Carlstrom public static final int KEY_NOT_FOUND = 7; 397e4b1a488dd02c4bf6156379e36834e9e01c5b1bBrian Carlstrom public static final int VALUE_CORRUPTED = 8; 407e4b1a488dd02c4bf6156379e36834e9e01c5b1bBrian Carlstrom public static final int UNDEFINED_ACTION = 9; 417e4b1a488dd02c4bf6156379e36834e9e01c5b1bBrian Carlstrom public static final int WRONG_PASSWORD = 10; 425cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom 432eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root // Used for UID field to indicate the calling UID. 442eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root public static final int UID_SELF = -1; 452eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root 462eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root // Flags for "put" "import" and "generate" 472eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root public static final int FLAG_NONE = 0; 48a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root public static final int FLAG_ENCRYPTED = 1; 49a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root 505cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom // States 515cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom public enum State { UNLOCKED, LOCKED, UNINITIALIZED }; 5244039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 5344039172627d1c15737ea73836ad375559d76211Chia-chi Yeh private int mError = NO_ERROR; 5444039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 556b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root private final IKeystoreService mBinder; 566b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root 576b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root private KeyStore(IKeystoreService binder) { 586b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root mBinder = binder; 596b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 6044039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 6144039172627d1c15737ea73836ad375559d76211Chia-chi Yeh public static KeyStore getInstance() { 626b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root IKeystoreService keystore = IKeystoreService.Stub.asInterface(ServiceManager 636b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root .getService("android.security.keystore")); 646b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return new KeyStore(keystore); 6544039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 6644039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 675cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom public State state() { 686b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root final int ret; 696b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 706b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root ret = mBinder.test(); 716b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 726b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 736b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root throw new AssertionError(e); 746b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 756b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root 766b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root switch (ret) { 775cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom case NO_ERROR: return State.UNLOCKED; 785cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom case LOCKED: return State.LOCKED; 795cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom case UNINITIALIZED: return State.UNINITIALIZED; 805cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom default: throw new AssertionError(mError); 815cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom } 82b9594ce9ebb3f5f303a280f04312ae5754ce3560Kenny Root } 83b9594ce9ebb3f5f303a280f04312ae5754ce3560Kenny Root 84b9594ce9ebb3f5f303a280f04312ae5754ce3560Kenny Root public boolean isUnlocked() { 85b9594ce9ebb3f5f303a280f04312ae5754ce3560Kenny Root return state() == State.UNLOCKED; 8644039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 8744039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 885cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom public byte[] get(String key) { 896b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 906b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mBinder.get(key); 916b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 926b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 936b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return null; 946b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 9544039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 9644039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 97a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root public boolean put(String key, byte[] value, int uid, int flags) { 986b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 99a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root return mBinder.insert(key, value, uid, flags) == NO_ERROR; 1006b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 1016b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 1026b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 1036b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 10444039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 10544039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 106a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root public boolean put(String key, byte[] value, int uid) { 107a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root return put(key, value, uid, FLAG_ENCRYPTED); 108a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root } 109a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root 11078ad849163a7b01073b46fbd7d818392720005d1Kenny Root public boolean put(String key, byte[] value) { 1112eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root return put(key, value, UID_SELF); 11278ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 11378ad849163a7b01073b46fbd7d818392720005d1Kenny Root 11478ad849163a7b01073b46fbd7d818392720005d1Kenny Root public boolean delete(String key, int uid) { 1156b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 11678ad849163a7b01073b46fbd7d818392720005d1Kenny Root return mBinder.del(key, uid) == NO_ERROR; 1176b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 1186b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 1196b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 1206b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 12144039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 12244039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 12378ad849163a7b01073b46fbd7d818392720005d1Kenny Root public boolean delete(String key) { 1242eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root return delete(key, UID_SELF); 12578ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 12678ad849163a7b01073b46fbd7d818392720005d1Kenny Root 12778ad849163a7b01073b46fbd7d818392720005d1Kenny Root public boolean contains(String key, int uid) { 1286b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 12978ad849163a7b01073b46fbd7d818392720005d1Kenny Root return mBinder.exist(key, uid) == NO_ERROR; 1306b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 1316b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 1326b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 1336b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 13444039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 13544039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 13678ad849163a7b01073b46fbd7d818392720005d1Kenny Root public boolean contains(String key) { 1372eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root return contains(key, UID_SELF); 13878ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 13978ad849163a7b01073b46fbd7d818392720005d1Kenny Root 14078ad849163a7b01073b46fbd7d818392720005d1Kenny Root public String[] saw(String prefix, int uid) { 1416b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 14278ad849163a7b01073b46fbd7d818392720005d1Kenny Root return mBinder.saw(prefix, uid); 1436b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 1446b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 14544039172627d1c15737ea73836ad375559d76211Chia-chi Yeh return null; 14644039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 14744039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 14844039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 14978ad849163a7b01073b46fbd7d818392720005d1Kenny Root public String[] saw(String prefix) { 1502eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root return saw(prefix, UID_SELF); 15178ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 15278ad849163a7b01073b46fbd7d818392720005d1Kenny Root 15344039172627d1c15737ea73836ad375559d76211Chia-chi Yeh public boolean reset() { 1546b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 1556b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mBinder.reset() == NO_ERROR; 1566b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 1576b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 1586b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 1596b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 16044039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 16144039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 16244039172627d1c15737ea73836ad375559d76211Chia-chi Yeh public boolean password(String password) { 1636b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 1646b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mBinder.password(password) == NO_ERROR; 1656b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 1666b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 1676b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 1686b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 16944039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 17044039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 17144039172627d1c15737ea73836ad375559d76211Chia-chi Yeh public boolean lock() { 1726b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 1736b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mBinder.lock() == NO_ERROR; 1746b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 1756b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 1766b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 1776b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 17844039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 17944039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 18044039172627d1c15737ea73836ad375559d76211Chia-chi Yeh public boolean unlock(String password) { 1816b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 1826b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root mError = mBinder.unlock(password); 1836b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mError == NO_ERROR; 1846b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 1856b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 1866b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 1876b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 18844039172627d1c15737ea73836ad375559d76211Chia-chi Yeh } 18944039172627d1c15737ea73836ad375559d76211Chia-chi Yeh 1905cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom public boolean isEmpty() { 1916b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 1926b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mBinder.zero() == KEY_NOT_FOUND; 1936b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 1946b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 1956b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 1966b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 1975423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 1985423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 199a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root public boolean generate(String key, int uid, int flags) { 2006b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 201a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root return mBinder.generate(key, uid, flags) == NO_ERROR; 2026b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 2036b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 2046b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 2056b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 2065423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 2075423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 208a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root public boolean generate(String key, int uid) { 209a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root return generate(key, uid, FLAG_ENCRYPTED); 210a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root } 211a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root 21278ad849163a7b01073b46fbd7d818392720005d1Kenny Root public boolean generate(String key) { 2132eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root return generate(key, UID_SELF); 21478ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 21578ad849163a7b01073b46fbd7d818392720005d1Kenny Root 216a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root public boolean importKey(String keyName, byte[] key, int uid, int flags) { 2176b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 218a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root return mBinder.import_key(keyName, key, uid, flags) == NO_ERROR; 2196b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 2206b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 2216b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 2226b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 2235423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 2245423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 225a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root public boolean importKey(String keyName, byte[] key, int uid) { 226a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root return importKey(keyName, key, uid, FLAG_ENCRYPTED); 227a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root } 228a3788b00bb221e20abdd42f747d2af419e0a088cKenny Root 22978ad849163a7b01073b46fbd7d818392720005d1Kenny Root public boolean importKey(String keyName, byte[] key) { 2302eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root return importKey(keyName, key, UID_SELF); 23178ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 23278ad849163a7b01073b46fbd7d818392720005d1Kenny Root 2335423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public byte[] getPubkey(String key) { 2346b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 2356b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mBinder.get_pubkey(key); 2366b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 2376b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 2386b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return null; 2396b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 2405423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 2415423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 24278ad849163a7b01073b46fbd7d818392720005d1Kenny Root public boolean delKey(String key, int uid) { 2436b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 24478ad849163a7b01073b46fbd7d818392720005d1Kenny Root return mBinder.del_key(key, uid) == NO_ERROR; 2456b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 2466b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 2476b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 2486b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 2495423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 2505423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 25178ad849163a7b01073b46fbd7d818392720005d1Kenny Root public boolean delKey(String key) { 2522eeda7286f3c7cb79f7eb71ae6464cad213d12a3Kenny Root return delKey(key, UID_SELF); 25378ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 25478ad849163a7b01073b46fbd7d818392720005d1Kenny Root 2555423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public byte[] sign(String key, byte[] data) { 2566b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 2576b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mBinder.sign(key, data); 2586b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 2596b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 2606b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return null; 2616b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 2625423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 2635423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 2645423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public boolean verify(String key, byte[] data, byte[] signature) { 2656b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 2666b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mBinder.verify(key, data, signature) == NO_ERROR; 2676b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 2686b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 2696b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 2706b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 2715423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 2725423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 2735423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public boolean grant(String key, int uid) { 2746b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 2756b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mBinder.grant(key, uid) == NO_ERROR; 2766b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 2776b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 2786b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 2796b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } 2805423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 2815423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 2825423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public boolean ungrant(String key, int uid) { 2836b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root try { 2846b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mBinder.ungrant(key, uid) == NO_ERROR; 2856b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 2866b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 2876b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return false; 288473c712b19bad992ab4eafcd43175fdce77b913dKenny Root } 289473c712b19bad992ab4eafcd43175fdce77b913dKenny Root } 290473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 291473c712b19bad992ab4eafcd43175fdce77b913dKenny Root /** 292473c712b19bad992ab4eafcd43175fdce77b913dKenny Root * Returns the last modification time of the key in milliseconds since the 293473c712b19bad992ab4eafcd43175fdce77b913dKenny Root * epoch. Will return -1L if the key could not be found or other error. 294473c712b19bad992ab4eafcd43175fdce77b913dKenny Root */ 295473c712b19bad992ab4eafcd43175fdce77b913dKenny Root public long getmtime(String key) { 2965b1f037829bff93877a6257db69f4e7723a27e20Brian Carlstrom try { 297e66769ad5194cb4533d1087416a2e804ac384285Kenny Root final long millis = mBinder.getmtime(key); 298e66769ad5194cb4533d1087416a2e804ac384285Kenny Root if (millis == -1L) { 299e66769ad5194cb4533d1087416a2e804ac384285Kenny Root return -1L; 300e66769ad5194cb4533d1087416a2e804ac384285Kenny Root } 301e66769ad5194cb4533d1087416a2e804ac384285Kenny Root 302e66769ad5194cb4533d1087416a2e804ac384285Kenny Root return millis * 1000L; 3036b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root } catch (RemoteException e) { 3046b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 3056b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return -1L; 3065b1f037829bff93877a6257db69f4e7723a27e20Brian Carlstrom } 3075b1f037829bff93877a6257db69f4e7723a27e20Brian Carlstrom } 3085b1f037829bff93877a6257db69f4e7723a27e20Brian Carlstrom 3095f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root public boolean duplicate(String srcKey, int srcUid, String destKey, int destUid) { 310bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root try { 3115f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root return mBinder.duplicate(srcKey, srcUid, destKey, destUid) == NO_ERROR; 312bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root } catch (RemoteException e) { 313bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 314bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root return false; 315bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root } 316bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root } 317bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 3185cb5cec6a4a4d5432d4ce6468c12de9508db1633Kenny Root public boolean isHardwareBacked() { 3195cb5cec6a4a4d5432d4ce6468c12de9508db1633Kenny Root try { 3205cb5cec6a4a4d5432d4ce6468c12de9508db1633Kenny Root return mBinder.is_hardware_backed() == NO_ERROR; 3215cb5cec6a4a4d5432d4ce6468c12de9508db1633Kenny Root } catch (RemoteException e) { 3225cb5cec6a4a4d5432d4ce6468c12de9508db1633Kenny Root Log.w(TAG, "Cannot connect to keystore", e); 3235cb5cec6a4a4d5432d4ce6468c12de9508db1633Kenny Root return false; 3245cb5cec6a4a4d5432d4ce6468c12de9508db1633Kenny Root } 3255cb5cec6a4a4d5432d4ce6468c12de9508db1633Kenny Root } 3265cb5cec6a4a4d5432d4ce6468c12de9508db1633Kenny Root 327d72317abd79ddf95d48c8f35bf1070900ff55b5eKenny Root public boolean clearUid(int uid) { 328d72317abd79ddf95d48c8f35bf1070900ff55b5eKenny Root try { 329d72317abd79ddf95d48c8f35bf1070900ff55b5eKenny Root return mBinder.clear_uid(uid) == NO_ERROR; 330d72317abd79ddf95d48c8f35bf1070900ff55b5eKenny Root } catch (RemoteException e) { 331d72317abd79ddf95d48c8f35bf1070900ff55b5eKenny Root Log.w(TAG, "Cannot connect to keystore", e); 332d72317abd79ddf95d48c8f35bf1070900ff55b5eKenny Root return false; 333d72317abd79ddf95d48c8f35bf1070900ff55b5eKenny Root } 334d72317abd79ddf95d48c8f35bf1070900ff55b5eKenny Root } 335d72317abd79ddf95d48c8f35bf1070900ff55b5eKenny Root 3366b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root public int getLastError() { 3376b77645aa9ac51ce33ea67adba226aaf1a6e8846Kenny Root return mError; 33834c47c855815d731e6deb55748ff690b0ec7b53fNick Kralevich } 33944039172627d1c15737ea73836ad375559d76211Chia-chi Yeh} 340