diff options
Diffstat (limited to 'keystore')
15 files changed, 210 insertions, 42 deletions
diff --git a/keystore/java/android/security/Credentials.java b/keystore/java/android/security/Credentials.java index 7abcfdc98bc6..9e1fb54bedbe 100644 --- a/keystore/java/android/security/Credentials.java +++ b/keystore/java/android/security/Credentials.java @@ -19,9 +19,9 @@ package android.security; import android.compat.annotation.UnsupportedAppUsage; import android.os.Build; -import com.android.org.bouncycastle.util.io.pem.PemObject; -import com.android.org.bouncycastle.util.io.pem.PemReader; -import com.android.org.bouncycastle.util.io.pem.PemWriter; +import com.android.internal.org.bouncycastle.util.io.pem.PemObject; +import com.android.internal.org.bouncycastle.util.io.pem.PemReader; +import com.android.internal.org.bouncycastle.util.io.pem.PemWriter; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; diff --git a/keystore/java/android/security/IKeyChainService.aidl b/keystore/java/android/security/IKeyChainService.aidl index 97da3cc6f80f..1ae6a631dbcb 100644 --- a/keystore/java/android/security/IKeyChainService.aidl +++ b/keystore/java/android/security/IKeyChainService.aidl @@ -46,6 +46,7 @@ interface IKeyChainService { boolean installKeyPair( in byte[] privateKey, in byte[] userCert, in byte[] certChain, String alias, int uid); boolean removeKeyPair(String alias); + boolean containsKeyPair(String alias); // APIs used by Settings boolean deleteCaCertificate(String alias); diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java index 4a67135227dd..e19d88c182ff 100644 --- a/keystore/java/android/security/KeyStore.java +++ b/keystore/java/android/security/KeyStore.java @@ -45,8 +45,8 @@ import android.security.keystore.KeystoreResponse; import android.security.keystore.UserNotAuthenticatedException; import android.util.Log; -import com.android.org.bouncycastle.asn1.ASN1InputStream; -import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import com.android.internal.org.bouncycastle.asn1.ASN1InputStream; +import com.android.internal.org.bouncycastle.asn1.pkcs.PrivateKeyInfo; import java.io.ByteArrayInputStream; import java.io.IOException; diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java index 6ad8d2c0aca3..334b1110d651 100644 --- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java +++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java @@ -26,24 +26,24 @@ import android.security.keymaster.KeymasterArguments; import android.security.keymaster.KeymasterCertificateChain; import android.security.keymaster.KeymasterDefs; -import com.android.org.bouncycastle.asn1.ASN1EncodableVector; -import com.android.org.bouncycastle.asn1.ASN1InputStream; -import com.android.org.bouncycastle.asn1.ASN1Integer; -import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier; -import com.android.org.bouncycastle.asn1.DERBitString; -import com.android.org.bouncycastle.asn1.DERNull; -import com.android.org.bouncycastle.asn1.DERSequence; -import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import com.android.org.bouncycastle.asn1.x509.Certificate; -import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; -import com.android.org.bouncycastle.asn1.x509.TBSCertificate; -import com.android.org.bouncycastle.asn1.x509.Time; -import com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator; -import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers; -import com.android.org.bouncycastle.jce.X509Principal; -import com.android.org.bouncycastle.jce.provider.X509CertificateObject; -import com.android.org.bouncycastle.x509.X509V3CertificateGenerator; +import com.android.internal.org.bouncycastle.asn1.ASN1EncodableVector; +import com.android.internal.org.bouncycastle.asn1.ASN1InputStream; +import com.android.internal.org.bouncycastle.asn1.ASN1Integer; +import com.android.internal.org.bouncycastle.asn1.ASN1ObjectIdentifier; +import com.android.internal.org.bouncycastle.asn1.DERBitString; +import com.android.internal.org.bouncycastle.asn1.DERNull; +import com.android.internal.org.bouncycastle.asn1.DERSequence; +import com.android.internal.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import com.android.internal.org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import com.android.internal.org.bouncycastle.asn1.x509.Certificate; +import com.android.internal.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import com.android.internal.org.bouncycastle.asn1.x509.TBSCertificate; +import com.android.internal.org.bouncycastle.asn1.x509.Time; +import com.android.internal.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator; +import com.android.internal.org.bouncycastle.asn1.x9.X9ObjectIdentifiers; +import com.android.internal.org.bouncycastle.jce.X509Principal; +import com.android.internal.org.bouncycastle.jce.provider.X509CertificateObject; +import com.android.internal.org.bouncycastle.x509.X509V3CertificateGenerator; import libcore.util.EmptyArray; diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreProvider.java b/keystore/java/android/security/keystore/AndroidKeyStoreProvider.java index b1b6306e0cf6..16bf5469296f 100644 --- a/keystore/java/android/security/keystore/AndroidKeyStoreProvider.java +++ b/keystore/java/android/security/keystore/AndroidKeyStoreProvider.java @@ -23,7 +23,6 @@ import android.security.KeyStore; import android.security.keymaster.ExportResult; import android.security.keymaster.KeyCharacteristics; import android.security.keymaster.KeymasterDefs; -import android.sysprop.Keystore2Properties; import java.io.IOException; import java.security.KeyFactory; @@ -117,8 +116,6 @@ public class AndroidKeyStoreProvider extends Provider { putSecretKeyFactoryImpl("HmacSHA512"); } - private static boolean sKeystore2Enabled; - /** * This function indicates whether or not Keystore 2.0 is enabled. Some parts of the * Keystore SPI must behave subtly differently when Keystore 2.0 is enabled. However, @@ -133,10 +130,9 @@ public class AndroidKeyStoreProvider extends Provider { * @hide */ public static boolean isKeystore2Enabled() { - return sKeystore2Enabled; + return android.security.keystore2.AndroidKeyStoreProvider.isInstalled(); } - /** * Installs a new instance of this provider (and the * {@link AndroidKeyStoreBCWorkaroundProvider}). @@ -164,11 +160,6 @@ public class AndroidKeyStoreProvider extends Provider { // priority. Security.addProvider(workaroundProvider); } - - // {@code install()} is run by zygote when this property is still accessible. We store its - // value so that the Keystore SPI can act accordingly without having to access an internal - // property. - sKeystore2Enabled = Keystore2Properties.keystore2_enabled().orElse(false); } private void putSecretKeyFactoryImpl(String algorithm) { diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java index 3694d635422f..d2678c71813c 100644 --- a/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java +++ b/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java @@ -215,7 +215,8 @@ public class AndroidKeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { // Keystore 1.0 does not tell us the exact security level of the key // so we report an unknown but secure security level. insideSecureHardware ? KeyProperties.SECURITY_LEVEL_UNKNOWN_SECURE - : KeyProperties.SECURITY_LEVEL_SOFTWARE); + : KeyProperties.SECURITY_LEVEL_SOFTWARE, + KeyProperties.UNRESTRICTED_USAGE_COUNT); } private static BigInteger getGateKeeperSecureUserId() throws ProviderException { diff --git a/keystore/java/android/security/keystore/KeyGenParameterSpec.java b/keystore/java/android/security/keystore/KeyGenParameterSpec.java index e9aac7ddb56d..c2a7b2ee6323 100644 --- a/keystore/java/android/security/keystore/KeyGenParameterSpec.java +++ b/keystore/java/android/security/keystore/KeyGenParameterSpec.java @@ -274,6 +274,7 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu private final boolean mUserConfirmationRequired; private final boolean mUnlockedDeviceRequired; private final boolean mCriticalToDeviceEncryption; + private final int mMaxUsageCount; /* * ***NOTE***: All new fields MUST also be added to the following: * ParcelableKeyGenParameterSpec class. @@ -313,7 +314,8 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu boolean isStrongBoxBacked, boolean userConfirmationRequired, boolean unlockedDeviceRequired, - boolean criticalToDeviceEncryption) { + boolean criticalToDeviceEncryption, + int maxUsageCount) { if (TextUtils.isEmpty(keyStoreAlias)) { throw new IllegalArgumentException("keyStoreAlias must not be empty"); } @@ -366,6 +368,7 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu mUserConfirmationRequired = userConfirmationRequired; mUnlockedDeviceRequired = unlockedDeviceRequired; mCriticalToDeviceEncryption = criticalToDeviceEncryption; + mMaxUsageCount = maxUsageCount; } /** @@ -782,7 +785,7 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu } /** - * Return whether this key is critical to the device encryption flow. + * Returns whether this key is critical to the device encryption flow. * * @see android.security.KeyStore#FLAG_CRITICAL_TO_DEVICE_ENCRYPTION * @hide @@ -792,6 +795,17 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu } /** + * Returns the maximum number of times the limited use key is allowed to be used or + * {@link KeyProperties#UNRESTRICTED_USAGE_COUNT} if there’s no restriction on the number of + * times the key can be used. + * + * @see Builder#setMaxUsageCount(int) + */ + public int getMaxUsageCount() { + return mMaxUsageCount; + } + + /** * Builder of {@link KeyGenParameterSpec} instances. */ public final static class Builder { @@ -827,6 +841,7 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu private boolean mUserConfirmationRequired; private boolean mUnlockedDeviceRequired = false; private boolean mCriticalToDeviceEncryption = false; + private int mMaxUsageCount = KeyProperties.UNRESTRICTED_USAGE_COUNT; /** * Creates a new instance of the {@code Builder}. @@ -894,6 +909,7 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu mUserConfirmationRequired = sourceSpec.isUserConfirmationRequired(); mUnlockedDeviceRequired = sourceSpec.isUnlockedDeviceRequired(); mCriticalToDeviceEncryption = sourceSpec.isCriticalToDeviceEncryption(); + mMaxUsageCount = sourceSpec.getMaxUsageCount(); } /** @@ -1553,6 +1569,47 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu } /** + * Sets the maximum number of times the key is allowed to be used. After every use of the + * key, the use counter will decrease. This authorization applies only to secret key and + * private key operations. Public key operations are not restricted. For example, after + * successfully encrypting and decrypting data using methods such as + * {@link Cipher#doFinal()}, the use counter of the secret key will decrease. After + * successfully signing data using methods such as {@link Signature#sign()}, the use + * counter of the private key will decrease. + * + * When the use counter is depleted, the key will be marked for deletion by Android + * Keystore and any subsequent attempt to use the key will throw + * {@link KeyPermanentlyInvalidatedException}. There is no key to be loaded from the + * Android Keystore once the exhausted key is permanently deleted, as if the key never + * existed before. + * + * <p>By default, there is no restriction on the usage of key. + * + * <p>Some secure hardware may not support this feature at all, in which case it will + * be enforced in software, some secure hardware may support it but only with + * maxUsageCount = 1, and some secure hardware may support it with larger value + * of maxUsageCount. + * + * <p>The PackageManger feature flags: + * {@link android.content.pm.PackageManager#FEATURE_KEYSTORE_SINGLE_USE_KEY} and + * {@link android.content.pm.PackageManager#FEATURE_KEYSTORE_LIMITED_USE_KEY} can be used + * to check whether the secure hardware cannot enforce this feature, can only enforce it + * with maxUsageCount = 1, or can enforce it with larger value of maxUsageCount. + * + * @param maxUsageCount maximum number of times the key is allowed to be used or + * {@link KeyProperties#UNRESTRICTED_USAGE_COUNT} if there is no restriction on the + * usage. + */ + @NonNull + public Builder setMaxUsageCount(int maxUsageCount) { + if (maxUsageCount == KeyProperties.UNRESTRICTED_USAGE_COUNT || maxUsageCount > 0) { + mMaxUsageCount = maxUsageCount; + return this; + } + throw new IllegalArgumentException("maxUsageCount is not valid"); + } + + /** * Builds an instance of {@code KeyGenParameterSpec}. */ @NonNull @@ -1587,7 +1644,8 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu mIsStrongBoxBacked, mUserConfirmationRequired, mUnlockedDeviceRequired, - mCriticalToDeviceEncryption); + mCriticalToDeviceEncryption, + mMaxUsageCount); } } } diff --git a/keystore/java/android/security/keystore/KeyInfo.java b/keystore/java/android/security/keystore/KeyInfo.java index 7158d0cf248e..f50efd2c3328 100644 --- a/keystore/java/android/security/keystore/KeyInfo.java +++ b/keystore/java/android/security/keystore/KeyInfo.java @@ -85,6 +85,7 @@ public class KeyInfo implements KeySpec { private final boolean mInvalidatedByBiometricEnrollment; private final boolean mUserConfirmationRequired; private final @KeyProperties.SecurityLevelEnum int mSecurityLevel; + private final int mRemainingUsageCount; /** * @hide @@ -109,7 +110,8 @@ public class KeyInfo implements KeySpec { boolean trustedUserPresenceRequired, boolean invalidatedByBiometricEnrollment, boolean userConfirmationRequired, - @KeyProperties.SecurityLevelEnum int securityLevel) { + @KeyProperties.SecurityLevelEnum int securityLevel, + int remainingUsageCount) { mKeystoreAlias = keystoreKeyAlias; mInsideSecureHardware = insideSecureHardware; mOrigin = origin; @@ -134,6 +136,7 @@ public class KeyInfo implements KeySpec { mInvalidatedByBiometricEnrollment = invalidatedByBiometricEnrollment; mUserConfirmationRequired = userConfirmationRequired; mSecurityLevel = securityLevel; + mRemainingUsageCount = remainingUsageCount; } /** @@ -374,4 +377,15 @@ public class KeyInfo implements KeySpec { public @KeyProperties.SecurityLevelEnum int getSecurityLevel() { return mSecurityLevel; } + + /** + * Returns the remaining number of times the key is allowed to be used or + * {@link KeyProperties#UNRESTRICTED_USAGE_COUNT} if there's no restriction on the number of + * times the key can be used. Note that this gives a best effort count and need not be + * accurate (as there might be usages happening in parallel and the count maintained here need + * not be in sync with the usage). + */ + public int getRemainingUsageCount() { + return mRemainingUsageCount; + } } diff --git a/keystore/java/android/security/keystore/KeyProperties.java b/keystore/java/android/security/keystore/KeyProperties.java index 459c9af27ee8..3ebca6ad302d 100644 --- a/keystore/java/android/security/keystore/KeyProperties.java +++ b/keystore/java/android/security/keystore/KeyProperties.java @@ -922,4 +922,9 @@ public abstract class KeyProperties { + uid); } } + + /** + * This value indicates that there is no restriction on the number of times the key can be used. + */ + public static final int UNRESTRICTED_USAGE_COUNT = -1; } diff --git a/keystore/java/android/security/keystore/KeyProtection.java b/keystore/java/android/security/keystore/KeyProtection.java index 2e793dea3e05..76ce23efd05b 100644 --- a/keystore/java/android/security/keystore/KeyProtection.java +++ b/keystore/java/android/security/keystore/KeyProtection.java @@ -235,6 +235,7 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { private final boolean mUserConfirmationRequired; private final boolean mUnlockedDeviceRequired; private final boolean mIsStrongBoxBacked; + private final int mMaxUsageCount; private KeyProtection( Date keyValidityStart, @@ -256,7 +257,8 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { boolean criticalToDeviceEncryption, boolean userConfirmationRequired, boolean unlockedDeviceRequired, - boolean isStrongBoxBacked) { + boolean isStrongBoxBacked, + int maxUsageCount) { mKeyValidityStart = Utils.cloneIfNotNull(keyValidityStart); mKeyValidityForOriginationEnd = Utils.cloneIfNotNull(keyValidityForOriginationEnd); mKeyValidityForConsumptionEnd = Utils.cloneIfNotNull(keyValidityForConsumptionEnd); @@ -279,6 +281,7 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { mUserConfirmationRequired = userConfirmationRequired; mUnlockedDeviceRequired = unlockedDeviceRequired; mIsStrongBoxBacked = isStrongBoxBacked; + mMaxUsageCount = maxUsageCount; } /** @@ -548,6 +551,17 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { } /** + * Returns the maximum number of times the limited use key is allowed to be used or + * {@link KeyProperties#UNRESTRICTED_USAGE_COUNT} if there’s no restriction on the number of + * times the key can be used. + * + * @see Builder#setMaxUsageCount(int) + */ + public int getMaxUsageCount() { + return mMaxUsageCount; + } + + /** * Builder of {@link KeyProtection} instances. */ public final static class Builder { @@ -574,6 +588,7 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { private long mBoundToSecureUserId = GateKeeper.INVALID_SECURE_USER_ID; private boolean mCriticalToDeviceEncryption = false; private boolean mIsStrongBoxBacked = false; + private int mMaxUsageCount = KeyProperties.UNRESTRICTED_USAGE_COUNT; /** * Creates a new instance of the {@code Builder}. @@ -1040,6 +1055,47 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { } /** + * Sets the maximum number of times the key is allowed to be used. After every use of the + * key, the use counter will decrease. This authorization applies only to secret key and + * private key operations. Public key operations are not restricted. For example, after + * successfully encrypting and decrypting data using methods such as + * {@link Cipher#doFinal()}, the use counter of the secret key will decrease. After + * successfully signing data using methods such as {@link Signature#sign()}, the use + * counter of the private key will decrease. + * + * When the use counter is depleted, the key will be marked for deletion by Android + * Keystore and any subsequent attempt to use the key will throw + * {@link KeyPermanentlyInvalidatedException}. There is no key to be loaded from the + * Android Keystore once the exhausted key is permanently deleted, as if the key never + * existed before. + * + * <p>By default, there is no restriction on the usage of key. + * + * <p>Some secure hardware may not support this feature at all, in which case it will + * be enforced in software, some secure hardware may support it but only with + * maxUsageCount = 1, and some secure hardware may support it with larger value + * of maxUsageCount. + * + * <p>The PackageManger feature flags: + * {@link android.content.pm.PackageManager#FEATURE_KEYSTORE_SINGLE_USE_KEY} and + * {@link android.content.pm.PackageManager#FEATURE_KEYSTORE_LIMITED_USE_KEY} can be used + * to check whether the secure hardware cannot enforce this feature, can only enforce it + * with maxUsageCount = 1, or can enforce it with larger value of maxUsageCount. + * + * @param maxUsageCount maximum number of times the key is allowed to be used or + * {@link KeyProperties#UNRESTRICTED_USAGE_COUNT} if there is no restriction on the + * usage. + */ + @NonNull + public Builder setMaxUsageCount(int maxUsageCount) { + if (maxUsageCount == KeyProperties.UNRESTRICTED_USAGE_COUNT || maxUsageCount > 0) { + mMaxUsageCount = maxUsageCount; + return this; + } + throw new IllegalArgumentException("maxUsageCount is not valid"); + } + + /** * Builds an instance of {@link KeyProtection}. * * @throws IllegalArgumentException if a required field is missing @@ -1066,7 +1122,8 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { mCriticalToDeviceEncryption, mUserConfirmationRequired, mUnlockedDeviceRequired, - mIsStrongBoxBacked); + mIsStrongBoxBacked, + mMaxUsageCount); } } } diff --git a/keystore/java/android/security/keystore/ParcelableKeyGenParameterSpec.java b/keystore/java/android/security/keystore/ParcelableKeyGenParameterSpec.java index 69c15cca68bf..8163472abdfb 100644 --- a/keystore/java/android/security/keystore/ParcelableKeyGenParameterSpec.java +++ b/keystore/java/android/security/keystore/ParcelableKeyGenParameterSpec.java @@ -108,6 +108,7 @@ public final class ParcelableKeyGenParameterSpec implements Parcelable { out.writeBoolean(mSpec.isUserConfirmationRequired()); out.writeBoolean(mSpec.isUnlockedDeviceRequired()); out.writeBoolean(mSpec.isCriticalToDeviceEncryption()); + out.writeInt(mSpec.getMaxUsageCount()); } private static Date readDateOrNull(Parcel in) { @@ -166,6 +167,7 @@ public final class ParcelableKeyGenParameterSpec implements Parcelable { final boolean userConfirmationRequired = in.readBoolean(); final boolean unlockedDeviceRequired = in.readBoolean(); final boolean criticalToDeviceEncryption = in.readBoolean(); + final int maxUsageCount = in.readInt(); // The KeyGenParameterSpec is intentionally not constructed using a Builder here: // The intention is for this class to break if new parameters are added to the // KeyGenParameterSpec constructor (whereas using a builder would silently drop them). @@ -199,7 +201,8 @@ public final class ParcelableKeyGenParameterSpec implements Parcelable { isStrongBoxBacked, userConfirmationRequired, unlockedDeviceRequired, - criticalToDeviceEncryption); + criticalToDeviceEncryption, + maxUsageCount); } public static final @android.annotation.NonNull Creator<ParcelableKeyGenParameterSpec> CREATOR = new Creator<ParcelableKeyGenParameterSpec>() { diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreKeyGeneratorSpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreKeyGeneratorSpi.java index 233f352989ab..1575bb411562 100644 --- a/keystore/java/android/security/keystore2/AndroidKeyStoreKeyGeneratorSpi.java +++ b/keystore/java/android/security/keystore2/AndroidKeyStoreKeyGeneratorSpi.java @@ -366,6 +366,13 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { )); } + if (spec.getMaxUsageCount() != KeyProperties.UNRESTRICTED_USAGE_COUNT) { + params.add(KeyStore2ParameterUtils.makeInt( + KeymasterDefs.KM_TAG_USAGE_COUNT_LIMIT, + spec.getMaxUsageCount() + )); + } + byte[] additionalEntropy = KeyStoreCryptoOperationUtils.getRandomBytesToMixIntoKeystoreRng( mRng, (mKeySizeBits + 7) / 8); diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java index df0e1462a492..6a92980de37c 100644 --- a/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java +++ b/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java @@ -586,6 +586,13 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato )); } + if (mSpec.getMaxUsageCount() != KeyProperties.UNRESTRICTED_USAGE_COUNT) { + params.add(KeyStore2ParameterUtils.makeInt( + KeymasterDefs.KM_TAG_USAGE_COUNT_LIMIT, + mSpec.getMaxUsageCount() + )); + } + addAlgorithmSpecificParameters(params); if (mSpec.isUniqueIdIncluded()) { diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreSecretKeyFactorySpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreSecretKeyFactorySpi.java index 74503e1eecfa..fe05989c3846 100644 --- a/keystore/java/android/security/keystore2/AndroidKeyStoreSecretKeyFactorySpi.java +++ b/keystore/java/android/security/keystore2/AndroidKeyStoreSecretKeyFactorySpi.java @@ -95,6 +95,7 @@ public class AndroidKeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { boolean userAuthenticationValidWhileOnBody = false; boolean trustedUserPresenceRequired = false; boolean trustedUserConfirmationRequired = false; + int remainingUsageCount = KeyProperties.UNRESTRICTED_USAGE_COUNT; try { for (Authorization a : key.getAuthorizations()) { switch (a.keyParameter.tag) { @@ -195,6 +196,16 @@ public class AndroidKeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { trustedUserConfirmationRequired = KeyStore2ParameterUtils.isSecureHardware(a.securityLevel); break; + case KeymasterDefs.KM_TAG_USAGE_COUNT_LIMIT: + long remainingUsageCountUnsigned = + KeyStore2ParameterUtils.getUnsignedInt(a); + if (remainingUsageCountUnsigned > Integer.MAX_VALUE) { + throw new ProviderException( + "Usage count of limited use key too long: " + + remainingUsageCountUnsigned); + } + remainingUsageCount = (int) remainingUsageCountUnsigned; + break; } } } catch (IllegalArgumentException e) { @@ -247,7 +258,8 @@ public class AndroidKeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { trustedUserPresenceRequired, invalidatedByBiometricEnrollment, trustedUserConfirmationRequired, - securityLevel); + securityLevel, + remainingUsageCount); } private static BigInteger getGateKeeperSecureUserId() throws ProviderException { diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java index 07169cedc1d9..8c8acc418a0e 100644 --- a/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java +++ b/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java @@ -535,6 +535,12 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi { spec.getKeyValidityForConsumptionEnd() )); } + if (spec.getMaxUsageCount() != KeyProperties.UNRESTRICTED_USAGE_COUNT) { + importArgs.add(KeyStore2ParameterUtils.makeInt( + KeymasterDefs.KM_TAG_USAGE_COUNT_LIMIT, + spec.getMaxUsageCount() + )); + } } catch (IllegalArgumentException | IllegalStateException e) { throw new KeyStoreException(e); } @@ -772,6 +778,12 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi { params.getKeyValidityForConsumptionEnd() )); } + if (params.getMaxUsageCount() != KeyProperties.UNRESTRICTED_USAGE_COUNT) { + importArgs.add(KeyStore2ParameterUtils.makeInt( + KeymasterDefs.KM_TAG_USAGE_COUNT_LIMIT, + params.getMaxUsageCount() + )); + } } catch (IllegalArgumentException | IllegalStateException e) { throw new KeyStoreException(e); } |