diff options
author | Alex Klyubin <klyubin@google.com> | 2015-04-02 09:58:08 -0700 |
---|---|---|
committer | Alex Klyubin <klyubin@google.com> | 2015-04-02 10:04:33 -0700 |
commit | 855fa31eb5ff68d131f3e496920594d875841cb0 (patch) | |
tree | 0bacc9d483981cbb9e2e3bd15dc7cde588f8ccae /keystore/java/android/security/KeyStoreParameter.java | |
parent | 64c8a07345cb7cb01b3e98442b52c51d473fbf2d (diff) | |
download | frameworks_base-855fa31eb5ff68d131f3e496920594d875841cb0.zip frameworks_base-855fa31eb5ff68d131f3e496920594d875841cb0.tar.gz frameworks_base-855fa31eb5ff68d131f3e496920594d875841cb0.tar.bz2 |
Expose new key use constraints in KeyPairGeneratorSpec.
The constraints are currently ignored.
Bug: 18088752
Change-Id: Iabd2018200afb2bf8ac1748d1def47af74bfb9d3
Diffstat (limited to 'keystore/java/android/security/KeyStoreParameter.java')
-rw-r--r-- | keystore/java/android/security/KeyStoreParameter.java | 35 |
1 files changed, 23 insertions, 12 deletions
diff --git a/keystore/java/android/security/KeyStoreParameter.java b/keystore/java/android/security/KeyStoreParameter.java index 2428c2a..998e1d9 100644 --- a/keystore/java/android/security/KeyStoreParameter.java +++ b/keystore/java/android/security/KeyStoreParameter.java @@ -60,8 +60,10 @@ public final class KeyStoreParameter implements ProtectionParameter { private final Set<Integer> mUserAuthenticators; private final Integer mUserAuthenticationValidityDurationSeconds; - private KeyStoreParameter(int flags, Date keyValidityStart, - Date keyValidityForOriginationEnd, Date keyValidityForConsumptionEnd, + private KeyStoreParameter(int flags, + Date keyValidityStart, + Date keyValidityForOriginationEnd, + Date keyValidityForConsumptionEnd, @KeyStoreKeyConstraints.PurposeEnum Integer purposes, @KeyStoreKeyConstraints.AlgorithmEnum Integer algorithm, @KeyStoreKeyConstraints.PaddingEnum Integer padding, @@ -174,8 +176,8 @@ public final class KeyStoreParameter implements ProtectionParameter { } /** - * Gets the digest to which the key is restricted when generating Message Authentication Codes - * (MACs). + * Gets the digest to which the key is restricted when generating signatures or Message + * Authentication Codes (MACs). * * @return digest or {@code null} if the digest is not restricted. * @@ -404,12 +406,13 @@ public final class KeyStoreParameter implements ProtectionParameter { } /** - * Restricts the key to being used only with the provided digest when generating Message - * Authentication Codes (MACs). Attempts to use the key with any other digest will be - * rejected. + * Restricts the key to being used only with the provided digest when generating signatures + * or Message Authentication Codes (MACs). Attempts to use the key with any other digest + * will be rejected. * * <p>For MAC keys, the default is to restrict to the digest specified in the key algorithm - * name. + * name. For asymmetric signing keys this constraint must be specified because there is no + * default. * * @see java.security.Key#getAlgorithm() * @@ -502,10 +505,18 @@ public final class KeyStoreParameter implements ProtectionParameter { * @return built instance of {@code KeyStoreParameter} */ public KeyStoreParameter build() { - return new KeyStoreParameter(mFlags, mKeyValidityStart, - mKeyValidityForOriginationEnd, mKeyValidityForConsumptionEnd, mPurposes, - mAlgorithm, mPadding, mDigest, mBlockMode, mMinSecondsBetweenOperations, - mMaxUsesPerBoot, mUserAuthenticators, + return new KeyStoreParameter(mFlags, + mKeyValidityStart, + mKeyValidityForOriginationEnd, + mKeyValidityForConsumptionEnd, + mPurposes, + mAlgorithm, + mPadding, + mDigest, + mBlockMode, + mMinSecondsBetweenOperations, + mMaxUsesPerBoot, + mUserAuthenticators, mUserAuthenticationValidityDurationSeconds); } } |