Apps on SD card project.

A simple keystore to store system-only key material, by leveraging file system access permissions.

1 files changed, 113 insertions, 0 deletions

diff --git a/keystore/java/android/security/SystemKeyStore.java b/keystore/java/android/security/SystemKeyStore.java
new file mode 100644
index 0000000..452125a
--- /dev/null
+++ b/keystore/java/android/security/SystemKeyStore.java
@@ -0,0 +1,113 @@
+/*
+ * Copyright (C) 2010 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security;
+
+import android.os.Environment;
+import android.os.Process;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+
+/**
+ *@hide
+ */
+public class SystemKeyStore {
+
+    private static final String SYSTEM_KEYSTORE_DIRECTORY = "misc/systemkeys";
+    private static SystemKeyStore mInstance = new SystemKeyStore();
+
+    private SystemKeyStore() { }
+
+    public static SystemKeyStore getInstance() {
+        return mInstance;
+    }
+
+    public byte[] generateNewKey(int numBits, String algName, String keyName)
+            throws NoSuchAlgorithmException {
+
+        // Check if key with similar name exists. If so, return null.
+        File keyFile = getKeyFile(keyName);
+        if (keyFile.exists()) {
+            throw new IllegalArgumentException();
+        }
+
+        KeyGenerator skg = KeyGenerator.getInstance(algName);
+        SecureRandom srng = SecureRandom.getInstance("SHA1PRNG");
+        skg.init(numBits, srng);
+
+        SecretKey sk = skg.generateKey();
+        byte[] retKey = sk.getEncoded();
+
+        try {
+            // Store the key
+            if (!keyFile.createNewFile()) {
+                throw new IllegalArgumentException();
+            }
+
+            FileOutputStream fos = new FileOutputStream(keyFile);
+            fos.write(retKey);
+            fos.flush();
+            fos.close();
+        } catch (IOException ioe) {
+            return null;
+        }
+        return retKey;
+    }
+
+    private File getKeyFile(String keyName) {
+        File sysKeystoreDir = new File(Environment.getDataDirectory(),
+                SYSTEM_KEYSTORE_DIRECTORY);
+        File keyFile = new File(sysKeystoreDir, keyName);
+        return keyFile;
+    }
+
+    public byte[] retrieveKey(String keyName) {
+
+        File keyFile = getKeyFile(keyName);
+        if (!keyFile.exists()) {
+            return null;
+        }
+
+        try {
+            FileInputStream fis = new FileInputStream(keyFile);
+            int keyLen = fis.available();
+            byte[] retKey = new byte[keyLen];
+            fis.read(retKey);
+            fis.close();
+            return retKey;
+        } catch (IOException ioe) { }
+        throw new IllegalArgumentException();
+    }
+
+    public void deleteKey(String keyName) {
+
+        // Get the file first.
+        File keyFile = getKeyFile(keyName);
+        if (!keyFile.exists()) {
+            throw new IllegalArgumentException();
+        }
+
+        keyFile.delete();
+    }
+}