Merge "Migrate recoverablekeystore to KeyStore V2."

author: Dmitry Dementyev <dementyev@google.com> 2021-02-26 06:13:35 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2021-02-26 06:13:35 +0000
commit: dbf8a7c1bd0f301aec8383d1c24054c6d47c32ef (patch)
tree: 47f2c3ee48c0b19a471eac9a40f2b8033aee370f /keystore
parent: 594e8def4c99b90ea6fcfbd2eb7f845ed67d3a14 (diff)
parent: 16491e131633466e95923d78e30a4162251d24d7 (diff)
1 files changed, 15 insertions, 2 deletions
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java b/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java
index 35059ac929c3..d36695b9b410 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java
@@ -43,6 +43,7 @@ import java.security.interfaces.RSAPublicKey;
 
 import javax.crypto.Cipher;
 import javax.crypto.Mac;
+import javax.crypto.SecretKey;
 
 /**
  * A provider focused on providing JCA interfaces for the Android KeyStore.
@@ -299,13 +300,26 @@ public class AndroidKeyStoreProvider extends Provider {
         }
     }
 
+    /** @hide **/
+    @NonNull
+    public static SecretKey loadAndroidKeyStoreSecretKeyFromKeystore(
+            @NonNull KeyStore2 keyStore, @NonNull KeyDescriptor descriptor)
+            throws UnrecoverableKeyException, KeyPermanentlyInvalidatedException {
+
+        AndroidKeyStoreKey key =
+                loadAndroidKeyStoreKeyFromKeystore(keyStore, descriptor);
+        if (key instanceof SecretKey) {
+            return (SecretKey) key;
+        } else {
+            throw new UnrecoverableKeyException("No secret key found by the given alias.");
+        }
+    }
 
     @NonNull
     private static AndroidKeyStoreSecretKey makeAndroidKeyStoreSecretKeyFromKeyEntryResponse(
             @NonNull KeyDescriptor descriptor,
             @NonNull KeyEntryResponse response, int algorithm, int digest)
             throws UnrecoverableKeyException {
-
         @KeyProperties.KeyAlgorithmEnum String keyAlgorithmString;
         try {
             keyAlgorithmString = KeyProperties.KeyAlgorithm.fromKeymasterSecretKeyAlgorithm(
@@ -337,7 +351,6 @@ public class AndroidKeyStoreProvider extends Provider {
     public static AndroidKeyStoreKey loadAndroidKeyStoreKeyFromKeystore(
             @NonNull KeyStore2 keyStore, @NonNull String alias, int namespace)
             throws UnrecoverableKeyException, KeyPermanentlyInvalidatedException {
-
         KeyDescriptor descriptor = new KeyDescriptor();
         if (namespace == KeyProperties.NAMESPACE_APPLICATION) {
             descriptor.nspace = KeyProperties.NAMESPACE_APPLICATION; // ignored;
author	Dmitry Dementyev <dementyev@google.com>	2021-02-26 06:13:35 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2021-02-26 06:13:35 +0000
commit	dbf8a7c1bd0f301aec8383d1c24054c6d47c32ef (patch)
tree	47f2c3ee48c0b19a471eac9a40f2b8033aee370f /keystore
parent	594e8def4c99b90ea6fcfbd2eb7f845ed67d3a14 (diff)
parent	16491e131633466e95923d78e30a4162251d24d7 (diff)