From db026710ec0adcf7f72dfb24c65d38a882ee26d8 Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Mon, 20 Aug 2012 10:48:46 -0700 Subject: Add KeyPairGenerator for Android keystore This allows end-users to generate keys in the keystore without the private part of the key ever needing to leave the device. The generation process also generates a self-signed certificate. Change-Id: I114ffb8e0cbe3b1edaae7e69e8aa578cb835efc9 --- .../java/android/security/AndroidKeyStore.java | 24 ++++------------------ 1 file changed, 4 insertions(+), 20 deletions(-) (limited to 'keystore/java/android/security/AndroidKeyStore.java') diff --git a/keystore/java/android/security/AndroidKeyStore.java b/keystore/java/android/security/AndroidKeyStore.java index a629f8dfa676..e19217f25a2d 100644 --- a/keystore/java/android/security/AndroidKeyStore.java +++ b/keystore/java/android/security/AndroidKeyStore.java @@ -46,9 +46,8 @@ import java.util.Iterator; import java.util.Set; /** - * A java.security.KeyStore interface for the Android KeyStore. This class is - * hidden from the Android API, but an instance of it can be created via the - * {@link java.security.KeyStore#getInstance(String) + * A java.security.KeyStore interface for the Android KeyStore. An instance of + * it can be created via the {@link java.security.KeyStore#getInstance(String) * KeyStore.getInstance("AndroidKeyStore")} interface. This returns a * java.security.KeyStore backed by this "AndroidKeyStore" implementation. *

@@ -277,7 +276,7 @@ public class AndroidKeyStore extends KeyStoreSpi { * Make sure we clear out all the types we know about before trying to * write. */ - deleteAllTypesForAlias(alias); + Credentials.deleteAllTypesForAlias(mKeyStore, alias); if (!mKeyStore.importKey(Credentials.USER_PRIVATE_KEY + alias, keyBytes)) { throw new KeyStoreException("Couldn't put private key in keystore"); @@ -315,26 +314,11 @@ public class AndroidKeyStore extends KeyStoreSpi { @Override public void engineDeleteEntry(String alias) throws KeyStoreException { - if (!deleteAllTypesForAlias(alias)) { + if (!Credentials.deleteAllTypesForAlias(mKeyStore, alias)) { throw new KeyStoreException("No such entry " + alias); } } - /** - * Delete all types (private key, certificate, CA certificate) for a - * particular {@code alias}. All three can exist for any given alias. - * Returns {@code true} if there was at least one of those types. - */ - private boolean deleteAllTypesForAlias(String alias) { - /* - * Make sure every type is deleted. There can be all three types, so - * don't use a conditional here. - */ - return mKeyStore.delKey(Credentials.USER_PRIVATE_KEY + alias) - | mKeyStore.delete(Credentials.USER_CERTIFICATE + alias) - | mKeyStore.delete(Credentials.CA_CERTIFICATE + alias); - } - private Set getUniqueAliases() { final String[] rawAliases = mKeyStore.saw(""); if (rawAliases == null) { -- cgit v1.2.3