Use JCA names for block modes, paddings, and digests.

This replaces int-based enums from KeyStoreKeyConstraints with
String values commonly used in JCA API.

As part of under the hood refactoring:
* KeyStoreKeyCharacteristics and KeyStoreKeyConstraints have been
  merged into KeyStoreKeyProperties.
* KeymasterUtils methods operating on KeymasterArguments and
  KeymasterCharacteristics have been moved to their respective
  classes.

Bug: 18088752
Change-Id: I9c8b984cb3c28184adb617e34d87f2837bd1d3a1

1 files changed, 37 insertions, 35 deletions

diff --git a/keystore/java/android/security/KeyStoreKeySpec.java b/keystore/java/android/security/KeyStoreKeySpec.java
index 27b444e75562..861ed34a39f8 100644
--- a/keystore/java/android/security/KeyStoreKeySpec.java
+++ b/keystore/java/android/security/KeyStoreKeySpec.java
@@ -29,17 +29,17 @@ public class KeyStoreKeySpec implements KeySpec {
     private final String mKeystoreAlias;
     private final int mKeySize;
     private final boolean mTeeBacked;
-    private final @KeyStoreKeyCharacteristics.OriginEnum int mOrigin;
+    private final @KeyStoreKeyProperties.OriginEnum int mOrigin;
     private final Date mKeyValidityStart;
     private final Date mKeyValidityForOriginationEnd;
     private final Date mKeyValidityForConsumptionEnd;
-    private final @KeyStoreKeyConstraints.PurposeEnum int mPurposes;
-    private final @KeyStoreKeyConstraints.AlgorithmEnum int mAlgorithm;
-    private final @KeyStoreKeyConstraints.PaddingEnum int mPaddings;
-    private final @KeyStoreKeyConstraints.DigestEnum int mDigests;
-    private final @KeyStoreKeyConstraints.BlockModeEnum int mBlockModes;
-    private final @KeyStoreKeyConstraints.UserAuthenticatorEnum int mUserAuthenticators;
-    private final @KeyStoreKeyConstraints.UserAuthenticatorEnum int mTeeEnforcedUserAuthenticators;
+    private final @KeyStoreKeyProperties.PurposeEnum int mPurposes;
+    private final String[] mEncryptionPaddings;
+    private final String[] mSignaturePaddings;
+    private final String[] mDigests;
+    private final String[] mBlockModes;
+    private final @KeyStoreKeyProperties.UserAuthenticatorEnum int mUserAuthenticators;
+    private final @KeyStoreKeyProperties.UserAuthenticatorEnum int mTeeEnforcedUserAuthenticators;
     private final int mUserAuthenticationValidityDurationSeconds;
 
 
@@ -48,18 +48,18 @@ public class KeyStoreKeySpec implements KeySpec {
      */
     KeyStoreKeySpec(String keystoreKeyAlias,
             boolean teeBacked,
-            @KeyStoreKeyCharacteristics.OriginEnum int origin,
+            @KeyStoreKeyProperties.OriginEnum int origin,
             int keySize,
             Date keyValidityStart,
             Date keyValidityForOriginationEnd,
             Date keyValidityForConsumptionEnd,
-            @KeyStoreKeyConstraints.PurposeEnum int purposes,
-            @KeyStoreKeyConstraints.AlgorithmEnum int algorithm,
-            @KeyStoreKeyConstraints.PaddingEnum int paddings,
-            @KeyStoreKeyConstraints.DigestEnum int digests,
-            @KeyStoreKeyConstraints.BlockModeEnum int blockModes,
-            @KeyStoreKeyConstraints.UserAuthenticatorEnum int userAuthenticators,
-            @KeyStoreKeyConstraints.UserAuthenticatorEnum int teeEnforcedUserAuthenticators,
+            @KeyStoreKeyProperties.PurposeEnum int purposes,
+            String[] encryptionPaddings,
+            String[] signaturePaddings,
+            String[] digests,
+            String[] blockModes,
+            @KeyStoreKeyProperties.UserAuthenticatorEnum int userAuthenticators,
+            @KeyStoreKeyProperties.UserAuthenticatorEnum int teeEnforcedUserAuthenticators,
             int userAuthenticationValidityDurationSeconds) {
         mKeystoreAlias = keystoreKeyAlias;
         mTeeBacked = teeBacked;
@@ -69,10 +69,12 @@ public class KeyStoreKeySpec implements KeySpec {
         mKeyValidityForOriginationEnd = keyValidityForOriginationEnd;
         mKeyValidityForConsumptionEnd = keyValidityForConsumptionEnd;
         mPurposes = purposes;
-        mAlgorithm = algorithm;
-        mPaddings = paddings;
-        mDigests = digests;
-        mBlockModes = blockModes;
+        mEncryptionPaddings =
+                ArrayUtils.cloneIfNotEmpty(ArrayUtils.nullToEmpty(encryptionPaddings));
+        mSignaturePaddings =
+                ArrayUtils.cloneIfNotEmpty(ArrayUtils.nullToEmpty(signaturePaddings));
+        mDigests = ArrayUtils.cloneIfNotEmpty(ArrayUtils.nullToEmpty(digests));
+        mBlockModes = ArrayUtils.cloneIfNotEmpty(ArrayUtils.nullToEmpty(blockModes));
         mUserAuthenticators = userAuthenticators;
         mTeeEnforcedUserAuthenticators = teeEnforcedUserAuthenticators;
         mUserAuthenticationValidityDurationSeconds = userAuthenticationValidityDurationSeconds;
@@ -96,7 +98,7 @@ public class KeyStoreKeySpec implements KeySpec {
     /**
      * Gets the origin of the key.
      */
-    public @KeyStoreKeyCharacteristics.OriginEnum int getOrigin() {
+    public @KeyStoreKeyProperties.OriginEnum int getOrigin() {
         return mOrigin;
     }
 
@@ -137,36 +139,36 @@ public class KeyStoreKeySpec implements KeySpec {
     /**
      * Gets the set of purposes for which the key can be used.
      */
-    public @KeyStoreKeyConstraints.PurposeEnum int getPurposes() {
+    public @KeyStoreKeyProperties.PurposeEnum int getPurposes() {
         return mPurposes;
     }
 
     /**
-     * Gets the algorithm of the key.
+     * Gets the set of block modes with which the key can be used.
      */
-    public @KeyStoreKeyConstraints.AlgorithmEnum int getAlgorithm() {
-        return mAlgorithm;
+    public String[] getBlockModes() {
+        return ArrayUtils.cloneIfNotEmpty(mBlockModes);
     }
 
     /**
-     * Gets the set of block modes with which the key can be used.
+     * Gets the set of padding modes with which the key can be used when encrypting/decrypting.
      */
-    public @KeyStoreKeyConstraints.BlockModeEnum int getBlockModes() {
-        return mBlockModes;
+    public String[] getEncryptionPaddings() {
+        return ArrayUtils.cloneIfNotEmpty(mEncryptionPaddings);
     }
 
     /**
-     * Gets the set of padding modes with which the key can be used.
+     * Gets the set of padding modes with which the key can be used when signing/verifying.
      */
-    public @KeyStoreKeyConstraints.PaddingEnum int getPaddings() {
-        return mPaddings;
+    public String[] getSignaturePaddings() {
+        return ArrayUtils.cloneIfNotEmpty(mSignaturePaddings);
     }
 
     /**
      * Gets the set of digest algorithms with which the key can be used.
      */
-    public @KeyStoreKeyConstraints.DigestEnum int getDigests() {
-        return mDigests;
+    public String[] getDigests() {
+        return ArrayUtils.cloneIfNotEmpty(mDigests);
     }
 
     /**
@@ -175,7 +177,7 @@ public class KeyStoreKeySpec implements KeySpec {
      *
      * @return user authenticators or {@code 0} if the key can be used without user authentication.
      */
-    public @KeyStoreKeyConstraints.UserAuthenticatorEnum int getUserAuthenticators() {
+    public @KeyStoreKeyProperties.UserAuthenticatorEnum int getUserAuthenticators() {
         return mUserAuthenticators;
     }
 
@@ -184,7 +186,7 @@ public class KeyStoreKeySpec implements KeySpec {
      * key. This is a subset of the user authentications returned by
      * {@link #getUserAuthenticators()}.
      */
-    public @KeyStoreKeyConstraints.UserAuthenticatorEnum int getTeeEnforcedUserAuthenticators() {
+    public @KeyStoreKeyProperties.UserAuthenticatorEnum int getTeeEnforcedUserAuthenticators() {
         return mTeeEnforcedUserAuthenticators;
     }