summaryrefslogtreecommitdiffstats
path: root/keystore/java/android/security/KeyStoreParameter.java
diff options
context:
space:
mode:
authorAlex Klyubin <klyubin@google.com>2015-04-02 09:58:08 -0700
committerAlex Klyubin <klyubin@google.com>2015-04-02 10:04:33 -0700
commit855fa31eb5ff68d131f3e496920594d875841cb0 (patch)
tree0bacc9d483981cbb9e2e3bd15dc7cde588f8ccae /keystore/java/android/security/KeyStoreParameter.java
parent64c8a07345cb7cb01b3e98442b52c51d473fbf2d (diff)
downloadframeworks_base-855fa31eb5ff68d131f3e496920594d875841cb0.zip
frameworks_base-855fa31eb5ff68d131f3e496920594d875841cb0.tar.gz
frameworks_base-855fa31eb5ff68d131f3e496920594d875841cb0.tar.bz2
Expose new key use constraints in KeyPairGeneratorSpec.
The constraints are currently ignored. Bug: 18088752 Change-Id: Iabd2018200afb2bf8ac1748d1def47af74bfb9d3
Diffstat (limited to 'keystore/java/android/security/KeyStoreParameter.java')
-rw-r--r--keystore/java/android/security/KeyStoreParameter.java35
1 files changed, 23 insertions, 12 deletions
diff --git a/keystore/java/android/security/KeyStoreParameter.java b/keystore/java/android/security/KeyStoreParameter.java
index 2428c2a..998e1d9 100644
--- a/keystore/java/android/security/KeyStoreParameter.java
+++ b/keystore/java/android/security/KeyStoreParameter.java
@@ -60,8 +60,10 @@ public final class KeyStoreParameter implements ProtectionParameter {
private final Set<Integer> mUserAuthenticators;
private final Integer mUserAuthenticationValidityDurationSeconds;
- private KeyStoreParameter(int flags, Date keyValidityStart,
- Date keyValidityForOriginationEnd, Date keyValidityForConsumptionEnd,
+ private KeyStoreParameter(int flags,
+ Date keyValidityStart,
+ Date keyValidityForOriginationEnd,
+ Date keyValidityForConsumptionEnd,
@KeyStoreKeyConstraints.PurposeEnum Integer purposes,
@KeyStoreKeyConstraints.AlgorithmEnum Integer algorithm,
@KeyStoreKeyConstraints.PaddingEnum Integer padding,
@@ -174,8 +176,8 @@ public final class KeyStoreParameter implements ProtectionParameter {
}
/**
- * Gets the digest to which the key is restricted when generating Message Authentication Codes
- * (MACs).
+ * Gets the digest to which the key is restricted when generating signatures or Message
+ * Authentication Codes (MACs).
*
* @return digest or {@code null} if the digest is not restricted.
*
@@ -404,12 +406,13 @@ public final class KeyStoreParameter implements ProtectionParameter {
}
/**
- * Restricts the key to being used only with the provided digest when generating Message
- * Authentication Codes (MACs). Attempts to use the key with any other digest will be
- * rejected.
+ * Restricts the key to being used only with the provided digest when generating signatures
+ * or Message Authentication Codes (MACs). Attempts to use the key with any other digest
+ * will be rejected.
*
* <p>For MAC keys, the default is to restrict to the digest specified in the key algorithm
- * name.
+ * name. For asymmetric signing keys this constraint must be specified because there is no
+ * default.
*
* @see java.security.Key#getAlgorithm()
*
@@ -502,10 +505,18 @@ public final class KeyStoreParameter implements ProtectionParameter {
* @return built instance of {@code KeyStoreParameter}
*/
public KeyStoreParameter build() {
- return new KeyStoreParameter(mFlags, mKeyValidityStart,
- mKeyValidityForOriginationEnd, mKeyValidityForConsumptionEnd, mPurposes,
- mAlgorithm, mPadding, mDigest, mBlockMode, mMinSecondsBetweenOperations,
- mMaxUsesPerBoot, mUserAuthenticators,
+ return new KeyStoreParameter(mFlags,
+ mKeyValidityStart,
+ mKeyValidityForOriginationEnd,
+ mKeyValidityForConsumptionEnd,
+ mPurposes,
+ mAlgorithm,
+ mPadding,
+ mDigest,
+ mBlockMode,
+ mMinSecondsBetweenOperations,
+ mMaxUsesPerBoot,
+ mUserAuthenticators,
mUserAuthenticationValidityDurationSeconds);
}
}
generated by cgit v1.1 at 2024-06-08 05:04:16 +0000