| e4928a2912297751108c7045ce3343ec63edcc01 |
|
21-Jul-2015 |
Alex Klyubin <klyubin@google.com> |
Keymaster digest/padding NONE no longer means ANY.
This adjusts the public API documentation to no longer say that
digest/padding NONE means any digest/padding. This also changes the
implementation of legacy key generation and import to explicitly
list which digests/paddings the generated/imported key is authorized
for. Previously, such keys were simply authorized for digest NONE and
padding NONE.
Bug: 22556114
Change-Id: Id02d9450a07de16ccb795b76b6de0006dd49dcca
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| b6e628644a981b8077b3755b9def4550ff4a46a0 |
|
06-Jul-2015 |
Alex Klyubin <klyubin@google.com> |
Avoid IllegalStateException when generating/importing keys.
This avoids IllegalStateException when generating/importing keys which
require user authentication when the system is not configured to
generate/import such keys (e.g., secure lock screen not set up).
The documentation states that before generating/importing such keys
apps should check (using public API) whether the system is in a
suitable state. However, some apps are not doing that and instead
catching the IllegalStateException thrown during key
generation/import. This is a bad practice because this exception is an
undocumented implementation detail and should thus not be depended
upon.
This CL addresses this issue as follows:
1. Key(Pair)Generator.init now throws a checked
InvalidAlgorithmParameterException when the system is in a wrong
state. Because in most uses of Key(Pair)Generator .init is
immediately followed by .generate, this prevents .generate from
encountering this state and does so using a checked exception
which is part of public API.
2. Key import rethrows the IllegalStateException as a checked
KeyStoreException which is meant to be thrown if the key cannot be
imported for any reason. Key(Pair)Generator.generate unfortunately
cannot throw any checked exceptions and thus has to continue
throwing unchecked exceptions.
Bug: 22262809
Change-Id: Ic0f7b7a90e0ba63df9139c79b80a8649d2645d2a
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| fdbc02a433e87da7bc730bd2e773e6d1c84d4e99 |
|
29-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Enforce IND-CPA requirement when generating asymmetric keys.
This enforces the randomized encryption requirement (IND-CPA), if
requested, when generating asymmetric key pairs. Whether randomized
encryption is used depends on the encryption padding modes authorized
for the key pair. Thus, if randomized encryption is required, the
KeyPairGenerator must reject attempts to generate keys authorized for
encryption using non-compliant padding schemes.
This is similar to the existing check in AndroidKeyStoreImpl during
asymmetric key import.
Bug: 22179911
Change-Id: I3d85367259c17bd44198a736ace853d0d3567d5e
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| ae6cb7aad56bb006769cd8a69b92af7236644fc1 |
|
23-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Keymaster INT, LONG and DATE tag values are unsigned.
This CL ensures that Android Keystore framework code complies with
signedness of keymaster tags. In particular:
* INT tags are unsigned 32-bit numbers, and
* LONG and DATE tags are unsigned 64-bit numbers.
The ensure compliance, KeymasterArguments and KeyCharacteristics
classes through which Android Keystore interacts with Keymaster tags
have been modified as follows:
* ENUM and INT tags which used to be conflated are now added/queried
via separate methods, because ENUM can remain represented as an int
data type whereas INT is now represented as a long data type with
permitted range being [0; 2^32).
* Methods for adding/quering LONG tags have been switched from the long
data type to the BigInteger data type and now ensure that the value
is in the permitted [0; 2^63).
* Methods for adding/querying DATE tags now ensure the Date value is
in the permitted range [0; 2^63) ms since Unix epoch.
* Methods for adding tags throw an IllegalArgumentException if the tag
type is unsuitable for the method. This is to ensure that tags with
invalid values cannot be added through similar methods (e.g., INT tag
added via an ENUM tag addition method invoked with a negative value).
Bug: 22008538
Change-Id: I6eefd5cbb561cc52d27de952691af4d9d5e1af1e
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| 90c9e4eb54a9c4b4fbc821b1992f2aee2f2b1e8c |
|
23-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Merge "Keymaster key validity dates are optional." into mnc-dev
|
| d6c7799b9a8b00d160a1d2d32c7326132cbc7b7b |
|
23-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Keymaster key validity dates are optional.
This CL makes Android Keystore framework code add
KM_TAG_ACTIVE_DATETIME, KM_TAG_ORIGINATION_EXPIRE_DATETIME, and
KM_TAG_USAGE_EXPIRE_DATETIME tags to the authorizations set only
if the corresponding time instants were specified through the
framework-level API. This is fine because these tags are optional as
it turns out.
Bug: 18088752
Change-Id: I6a5ae4cadb441e61576231815e6bec6e9248bc72
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| 856aebe571e2efe332c1258b3131bfbae6f4b396 |
|
23-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Don't fail if self-signed certificate can't be signed.
This makes Android Keystore's KeyPairGenerator fall back to generating
a self-signed certificate with an invalid/fake signature when the
attempt to generate a self-signed certificate with a valid signature
fails.
There is a growing number of reasons/authorizations due to which the
generated private key cannot be used to sign the self-signed
certificate. It's safer for KeyPairGenerator to succeed than to fail.
Bug: 22033161
Change-Id: I1ecbd421346166bfd536b5cfbaea169b11f0b1c8
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| 6e90ade5dd7a3c3cd8a3949c863c6e72f9912233 |
|
22-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Adjust minimum size of PKCS#1 RSA padding overhead.
This raises the space overhead estimate by one byte, due to me having
originally forgotten that when signing using RSA PKCS#1 padding
scheme, the plaintext of the RSA operation needs a leading 0 byte.
Bug: 21955742
Change-Id: If78efcd375afd8902a14a2217ddedfea87d4d337
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| 2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60 |
|
17-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Remove unnecessary PKCS#1 authorization on legacy keys.
There is no need to authorize PKCS#1 signature padding scheme when
NONE padding scheme is authorized. NONE authorizes the use of any
padding scheme.
Bug: 18088752
Change-Id: I73ccb373d577c988acde372d972092278923c4e4
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| bf5c91c8cd00cf5f24ff4c3f7957c2e57c956887 |
|
17-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Drop support for P-192 EC keys.
The minimum EC keys size is now 224 bit. This is because keymaster 1.0
does not support EC keys smaller than 224 bit.
Bug: 18088752
Change-Id: I8010ff2d6ccaeea7dcf86f697aee1d9ebd683cb2
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| f78dd677e991ba8f76f3a6d4272ff5deef3faa69 |
|
16-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Fix Android Keystore key gen for keys requiring user auth.
When Android Keystore generates an asymmetric key pair, it needs to
create a self-signed certificate for that pair, in order to expose
the key pair in the JCA KeyStore abstraction through which keys are
later retrieved. The self-signed certificate is normally signed with
the private key.
This CL avoids using the private key to sign the certificate if the
private key can be used only once the user has been authenticated.
For such keys, a fake (non-verifying) signature is used on the
certificate, same as for cases where the key is not authorized for
signing.
Bug: 21852844
Change-Id: Id78bc1f51d12950db4e37c1e0da6c60057d4e693
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| 6cb8e30bb7e79cb694bf44d185da201e9deb9363 |
|
12-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Merge "Fix Android Keystore KeyPairGenerator for RSA PSS keys." into mnc-dev
|
| 7c475cc7c3f1159d5a8115382deb5332aca76144 |
|
12-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Fix Android Keystore KeyPairGenerator for RSA PSS keys.
This fixes a bug where key pair generation fails for RSA signing keys
which are not authorized for PKCS#1 signature padding, such as keys
authorized only for the RSA PSS signature padding scheme.
The issue was that the KeyPairGenerator was failing when attempting to
sign the self-signed certificate (needed by Android Keystore) using
PKCS#1 padding for which such keys are not authorized. The solution is
to not attempt to sign these certificates and instead use a fake
signature.
Bug: 21809600
Change-Id: I4f04fcf78174937046d2534e0485c6940eae673f
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| dcf3d35f23ba46f17251d4181eee4675691f3380 |
|
11-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Update Javadocs to reflect meaning of digest and padding NONE.
This also adds information about what digests and paddings may need to
be specified for keys used in TLS/SSL for client or server
authentication.
Bug: 21777596
Change-Id: Icd495458c38c4f912b21a64ca7aab2c88d76461c
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| 4a0ff7ca984d29bd34b02e54441957cad65e8b53 |
|
09-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Android Keystore keys are no longer backed by Conscrypt.
This switches Android Keystore asymmetric keys from being backed by
Conscrypt (via keystore-engine which is an OpenSSL/BoringSSL ENGINE
which talks to keystore via the old KeyStore API) to being backed by
the AndroidKeyStore Provider which talks to keystore via the new
KeyStore API. In effect, this switches asymmetric crypto offered by
Android Keystore from old Keystore API to new KeyStore API, enabling
all the new features such as enforcement of authorizations on key use.
Some algorithms offered by Android Keystore, such as RSA with OAEP
or PSS padding schemes, are not supported by other providers. This
complicates matters because Android Keystore only supports public key
operations if the corresponding private key is in the keystore. Thus,
Android Keystore can only offer these operations for its own public
keys only. This requires AndroidKeyStore to use its own subclasses of
PublicKey everywhere. The ugliest place is where it needs to return
its own subclass of X509Certificate only to be able to return its
own subclass of PublicKey from Certificate.getPublicKey().
Bug: 18088752
Bug: 19284418
Bug: 20912868
Change-Id: Id234f9ab9ff72d353ca1ff66768bd3d46da50d64
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| 3ceb1a04b44539c2b2c3afec6df487fe128911f2 |
|
06-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Switch Android Keystore key gen and import to new KeyStore API.
This makes Android Keystore's asymmetric key generation and import
use the new KeyStore API (similar to keymaster 1.0 API).
Because the resulting private keys will be used through
Conscrypt/keystore-engine which uses the old Keystore API, this CL
implements a temporary workaround where all generated and imported
keys are authorized for padding NONE and digest NONE, in addition to
padding schemes and digests requested by the user of the Android
Keystore API. This workaround is needed because keystore-engine uses
digest NONE and padding NONE for all its crypto operations.
Bug: 18088752
Bug: 20912868
Change-Id: Idc709039d091294265bd000160b5507f13825849
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| 4350babc028822e8905190d88a9f5b8c6ffce8ec |
|
08-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Remove deprecated android.security.KeyStore methods.
* delKey -> delete
* getPubkey -> exportKey
* saw -> list.
Bug: 18088752
Change-Id: Ifb794f91a42646d67da1340ee16765cbaf255a49
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| 4bbfeb4856468271829f7291c3df102746806c83 |
|
04-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Reliably delete keys if key generation fails.
Bug: 18088752
Change-Id: Iea68f3f96fc872d5628f163a1314ebd080c9d39e
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|
| e21f0231765492718f1284442136c2ae45e6dd93 |
|
19-May-2015 |
Alex Klyubin <klyubin@google.com> |
Use consistent name for KeyPairGeneratorSpi.
This renames AndroidKeyPairGeneratorSpi to
AndroidKeyStoreKeyPairGeneratorSpi for consistency with other SPI
implementations of AndroidKeyStore provider.
Bug: 18088752
Change-Id: Iea1c4d35987b3e64f92dd1706273ffb75a6addd6
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
|