Add KeyPairGenerator for Android keystore

This allows end-users to generate keys in the keystore without the private part of the key ever needing to leave the device. The generation process also generates a self-signed certificate. Change-Id: I114ffb8e0cbe3b1edaae7e69e8aa578cb835efc9
author: Kenny Root <kroot@google.com> 2012-08-20 10:48:46 -0700
committer: Kenny Root <kroot@google.com> 2012-08-22 08:52:55 -0700
commit: db026710ec0adcf7f72dfb24c65d38a882ee26d8 (patch)
tree: cff080fbecd17c5d6e6a60a7bc2adccbd6761b20 /keystore/java/android/security/AndroidKeyStore.java
parent: e29df16cb57b69995df597e8a6d95d986c1c43fc (diff)
1 files changed, 4 insertions, 20 deletions
diff --git a/keystore/java/android/security/AndroidKeyStore.java b/keystore/java/android/security/AndroidKeyStore.java
index a629f8dfa676..e19217f25a2d 100644
--- a/keystore/java/android/security/AndroidKeyStore.java
+++ b/keystore/java/android/security/AndroidKeyStore.java
@@ -46,9 +46,8 @@ import java.util.Iterator;
 import java.util.Set;
 
 /**
- * A java.security.KeyStore interface for the Android KeyStore. This class is
- * hidden from the Android API, but an instance of it can be created via the
- * {@link java.security.KeyStore#getInstance(String)
+ * A java.security.KeyStore interface for the Android KeyStore. An instance of
+ * it can be created via the {@link java.security.KeyStore#getInstance(String)
  * KeyStore.getInstance("AndroidKeyStore")} interface. This returns a
  * java.security.KeyStore backed by this "AndroidKeyStore" implementation.
  * <p>
@@ -277,7 +276,7 @@ public class AndroidKeyStore extends KeyStoreSpi {
          * Make sure we clear out all the types we know about before trying to
          * write.
          */
-        deleteAllTypesForAlias(alias);
+        Credentials.deleteAllTypesForAlias(mKeyStore, alias);
 
         if (!mKeyStore.importKey(Credentials.USER_PRIVATE_KEY + alias, keyBytes)) {
             throw new KeyStoreException("Couldn't put private key in keystore");
@@ -315,26 +314,11 @@ public class AndroidKeyStore extends KeyStoreSpi {
 
     @Override
     public void engineDeleteEntry(String alias) throws KeyStoreException {
-        if (!deleteAllTypesForAlias(alias)) {
+        if (!Credentials.deleteAllTypesForAlias(mKeyStore, alias)) {
             throw new KeyStoreException("No such entry " + alias);
         }
     }
 
-    /**
-     * Delete all types (private key, certificate, CA certificate) for a
-     * particular {@code alias}. All three can exist for any given alias.
-     * Returns {@code true} if there was at least one of those types.
-     */
-    private boolean deleteAllTypesForAlias(String alias) {
-        /*
-         * Make sure every type is deleted. There can be all three types, so
-         * don't use a conditional here.
-         */
-        return mKeyStore.delKey(Credentials.USER_PRIVATE_KEY + alias)
-                | mKeyStore.delete(Credentials.USER_CERTIFICATE + alias)
-                | mKeyStore.delete(Credentials.CA_CERTIFICATE + alias);
-    }
-
     private Set<String> getUniqueAliases() {
         final String[] rawAliases = mKeyStore.saw("");
         if (rawAliases == null) {
author	Kenny Root <kroot@google.com>	2012-08-20 10:48:46 -0700
committer	Kenny Root <kroot@google.com>	2012-08-22 08:52:55 -0700
commit	db026710ec0adcf7f72dfb24c65d38a882ee26d8 (patch)
tree	cff080fbecd17c5d6e6a60a7bc2adccbd6761b20 /keystore/java/android/security/AndroidKeyStore.java
parent	e29df16cb57b69995df597e8a6d95d986c1c43fc (diff)