15d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 22a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 32a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// found in the LICENSE file. 42a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)package org.chromium.net; 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 7a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)import org.chromium.base.CalledByNative; 8a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)import org.chromium.base.JNINamespace; 9a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)/** 115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) * Specifies all the dependencies from the native OpenSSL engine on an Android KeyStore. 125d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) */ 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)@JNINamespace("net::android") 145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)public interface AndroidKeyStore { 152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) /** 172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Returns the public modulus of a given RSA private key as a byte 182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * buffer. 192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * This can be used by native code to convert the modulus into 202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * an OpenSSL BIGNUM object. Required to craft a custom native RSA 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * object where RSA_size() works as expected. 222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @param key A PrivateKey instance, must implement RSAKey. 242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @return A byte buffer corresponding to the modulus. This is 252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * big-endian representation of a BigInteger. 262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) */ 272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) @CalledByNative 285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) byte[] getRSAKeyModulus(AndroidPrivateKey key); 292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) /** 312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Returns the 'Q' parameter of a given DSA private key as a byte 322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * buffer. 332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * This can be used by native code to convert it into an OpenSSL BIGNUM 342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * object where DSA_size() works as expected. 352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @param key A PrivateKey instance. Must implement DSAKey. 372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @return A byte buffer corresponding to the Q parameter. This is 382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * a big-endian representation of a BigInteger. 392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) */ 402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) @CalledByNative 415d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) byte[] getDSAKeyParamQ(AndroidPrivateKey key); 422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 432a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) /** 442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Returns the 'order' parameter of a given ECDSA private key as a 452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * a byte buffer. 462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @param key A PrivateKey instance. Must implement ECKey. 472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @return A byte buffer corresponding to the 'order' parameter. 482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * This is a big-endian representation of a BigInteger. 492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) */ 502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) @CalledByNative 515d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) byte[] getECKeyOrder(AndroidPrivateKey key); 522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) /** 542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Returns the encoded data corresponding to a given PrivateKey. 552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Note that this will fail for platform keys on Android 4.0.4 562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * and higher. It can be used on 4.0.3 and older platforms to 572a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * route around the platform bug described below. 582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @param key A PrivateKey instance 592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @return encoded key as PKCS#8 byte array, can be null. 602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) */ 612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) @CalledByNative 625d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) byte[] getPrivateKeyEncodedBytes(AndroidPrivateKey key); 632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) /** 652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Sign a given message with a given PrivateKey object. This method 662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * shall only be used to implement signing in the context of SSL 672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * client certificate support. 682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 6958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) * The message will actually be a hash, computed by OpenSSL itself, 7058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) * depending on the type of the key. The result should match exactly 7158537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) * what the vanilla implementations of the following OpenSSL function 7258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) * calls do: 732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * - For a RSA private key, this should be equivalent to calling 7558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) * RSA_private_encrypt(..., RSA_PKCS1_PADDING), i.e. it must 7658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) * generate a raw RSA signature. The message must be either a 7758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) * combined, 36-byte MD5+SHA1 message digest or a DigestInfo 7858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) * value wrapping a message digest. 792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * - For a DSA and ECDSA private keys, this should be equivalent to 812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * calling DSA_sign(0,...) and ECDSA_sign(0,...) respectively. The 8258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) * message must be a hash and the function shall compute a direct 8358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) * DSA/ECDSA signature for it. 842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 855d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) * @param key The PrivateKey handle. 862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @param message The message to sign. 872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @return signature as a byte buffer. 882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Important: Due to a platform bug, this function will always fail on 902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Android < 4.2 for RSA PrivateKey objects. See the 912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * getOpenSSLHandleForPrivateKey() below for work-around. 922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) */ 932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) @CalledByNative 945d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) byte[] rawSignDigestWithPrivateKey(AndroidPrivateKey key, byte[] message); 952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) /** 972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Return the type of a given PrivateKey object. This is an integer 982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * that maps to one of the values defined by org.chromium.net.PrivateKeyType, 992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * which is itself auto-generated from net/android/private_key_type_list.h 1005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) * @param key The PrivateKey handle 1012a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @return key type, or PrivateKeyType.INVALID if unknown. 1022a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) */ 1032a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) @CalledByNative 1045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) int getPrivateKeyType(AndroidPrivateKey key); 1052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) /** 1072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Return the system EVP_PKEY handle corresponding to a given PrivateKey 1085d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) * object. 1092a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 1102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * This shall only be used when the "NONEwithRSA" signature is not 1112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * available, as described in rawSignDigestWithPrivateKey(). I.e. 1122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * never use this on Android 4.2 or higher. 1132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 1142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * This can only work in Android 4.0.4 and higher, for older versions 1152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * of the platform (e.g. 4.0.3), there is no system OpenSSL EVP_PKEY, 1162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * but the private key contents can be retrieved directly with 1172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * the getEncoded() method. 1182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 1192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * This assumes that the target device uses a vanilla AOSP 1202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * implementation of its java.security classes, which is also 1212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * based on OpenSSL (fortunately, no OEM has apperently changed to 1222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * a different implementation, according to the Android team). 1232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 1242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Note that the object returned was created with the platform version 1252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * of OpenSSL, and _not_ the one that comes with Chromium. Whether the 1262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * object can be used safely with the Chromium OpenSSL library depends 1272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * on differences between their actual ABI / implementation details. 1282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 1292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * To better understand what's going on below, please refer to the 1302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * following source files in the Android 4.0.4 and 4.1 source trees: 1312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * libcore/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLRSAPrivateKey.java 1322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * libcore/luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp 1332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 1345d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) * @param key The PrivateKey handle. 1352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * @return The EVP_PKEY handle, as a 32-bit integer (0 if not available) 1362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) */ 1372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) @CalledByNative 138a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) long getOpenSSLHandleForPrivateKey(AndroidPrivateKey key); 1392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1405d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) /** 141116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch * Return the OpenSSLEngine object corresponding to a given PrivateKey 142116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch * object. 143116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch * 144116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch * This shall only be used for Android 4.1 to work around a platform bug. 145116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch * See https://crbug.com/381465. 146116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch * 147116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch * @param key The PrivateKey handle. 148116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch * @return The OpenSSLEngine object (or null if not available) 149116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch */ 150116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch @CalledByNative 151116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch Object getOpenSSLEngineForPrivateKey(AndroidPrivateKey key); 152116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 153116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch /** 1545d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) * Called when the native OpenSSL engine no longer needs access to the underlying key. 1555d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) */ 1565d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) @CalledByNative 1575d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) void releaseKey(AndroidPrivateKey key); 1582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 159