diff options
| author | Chung-yih Wang <cywang@google.com> | 2009-06-10 18:45:14 +0800 | 
|---|---|---|
| committer | Chung-yih Wang <cywang@google.com> | 2009-06-11 17:28:40 +0800 | 
| commit | 10e371f18247dc7fb64bfa0f0528501acc17be79 (patch) | |
| tree | 630ce090cba0314696dd405f6cd3155773cc445a /keystore/java | |
| parent | a05487dd856222bacf57a41f2dfe1194d3776f05 (diff) | |
| download | frameworks_base-10e371f18247dc7fb64bfa0f0528501acc17be79.zip frameworks_base-10e371f18247dc7fb64bfa0f0528501acc17be79.tar.gz frameworks_base-10e371f18247dc7fb64bfa0f0528501acc17be79.tar.bz2 | |
Provide the Keystore feature in the framework.
-- added the keystore library for Java application.
-- changed the marshalling of the keystore function return.
Diffstat (limited to 'keystore/java')
| -rw-r--r-- | keystore/java/android/security/Keystore.java | 103 | ||||
| -rw-r--r-- | keystore/java/android/security/ServiceCommand.java | 178 | 
2 files changed, 281 insertions, 0 deletions
| diff --git a/keystore/java/android/security/Keystore.java b/keystore/java/android/security/Keystore.java new file mode 100644 index 0000000..3f83473 --- /dev/null +++ b/keystore/java/android/security/Keystore.java @@ -0,0 +1,103 @@ +/* + * Copyright (C) 2009 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + *      http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.security; + +/** + * The Keystore class provides the functions to list the certs/keys in keystore. + * {@hide} + */ +public abstract class Keystore { +    private static final String TAG = "Keystore"; +    private static final String[] NOTFOUND = new String[0]; + +    /** +     */ +    public static Keystore getInstance() { +        return new FileKeystore(); +    } + +    /** +     */ +    public abstract String getUserkey(String key); + +    /** +     */ +    public abstract String getCertificate(String key); + +    /** +     */ +    public abstract String[] getAllCertificateKeys(); + +    /** +     */ +    public abstract String[] getAllUserkeyKeys(); + +    private static class FileKeystore extends Keystore { +        private static final String SERVICE_NAME = "keystore"; +        private static final String LIST_CERTIFICATES = "listcerts"; +        private static final String LIST_USERKEYS = "listuserkeys"; +        private static final String PATH = "/data/misc/keystore/"; +        private static final String USERKEY_PATH = PATH + "userkeys/"; +        private static final String CERT_PATH = PATH + "certs/"; +        private static final ServiceCommand mServiceCommand = +                new ServiceCommand(SERVICE_NAME); + +        @Override +        public String getUserkey(String key) { +            return USERKEY_PATH + key; +        } + +        @Override +        public String getCertificate(String key) { +            return CERT_PATH + key; +        } + +        /** +         * Returns the array of the certificate names in keystore if successful. +         * Or return an empty array if error. +         * +         * @return array of the certificates +         */ +        @Override +        public String[] getAllCertificateKeys() { +            try { +                String result = mServiceCommand.execute(LIST_CERTIFICATES); +                if (result != null) return result.split("\\s+"); +                return NOTFOUND; +            } catch (NumberFormatException ex) { +                return NOTFOUND; +            } +        } + +        /** +         * Returns the array of the names of private keys in keystore if successful. +         * Or return an empty array if errors. +         * +         * @return array of the user keys +         */ +        @Override +        public String[] getAllUserkeyKeys() { +            try { +                String result = mServiceCommand.execute(LIST_USERKEYS); +                if (result != null) return result.split("\\s+"); +                return NOTFOUND; +            } catch (NumberFormatException ex) { +                return NOTFOUND; +            } +        } +    } +} diff --git a/keystore/java/android/security/ServiceCommand.java b/keystore/java/android/security/ServiceCommand.java new file mode 100644 index 0000000..f1d4302 --- /dev/null +++ b/keystore/java/android/security/ServiceCommand.java @@ -0,0 +1,178 @@ +/* + * Copyright (C) 2009 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + *      http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.security; + +import android.net.LocalSocketAddress; +import android.net.LocalSocket; +import android.util.Config; +import android.util.Log; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.Socket; + +/* + * ServiceCommand is used to connect to a service throught the local socket, + * and send out the command, return the result to the caller. + * {@hide} + */ +public class ServiceCommand { +    public static final String SUCCESS = "0"; +    public static final String FAILED = "-1"; + +    private String mServiceName; +    private String mTag; +    private InputStream mIn; +    private OutputStream mOut; +    private LocalSocket mSocket; +    private static final int BUFFER_LENGTH = 1024; + +    private byte buf[] = new byte[BUFFER_LENGTH]; +    private int buflen = 0; + +    private boolean connect() { +        if (mSocket != null) { +            return true; +        } +        Log.i(mTag, "connecting..."); +        try { +            mSocket = new LocalSocket(); + +            LocalSocketAddress address = new LocalSocketAddress( +                    mServiceName, LocalSocketAddress.Namespace.RESERVED); + +            mSocket.connect(address); + +            mIn = mSocket.getInputStream(); +            mOut = mSocket.getOutputStream(); +        } catch (IOException ex) { +            disconnect(); +            return false; +        } +        return true; +    } + +    private void disconnect() { +        Log.i(mTag,"disconnecting..."); +        try { +            if (mSocket != null) mSocket.close(); +        } catch (IOException ex) { } +        try { +            if (mIn != null) mIn.close(); +        } catch (IOException ex) { } +        try { +            if (mOut != null) mOut.close(); +        } catch (IOException ex) { } +        mSocket = null; +        mIn = null; +        mOut = null; +    } + +    private boolean readBytes(byte buffer[], int len) { +        int off = 0, count; +        if (len < 0) return false; +        while (off != len) { +            try { +                count = mIn.read(buffer, off, len - off); +                if (count <= 0) { +                    Log.e(mTag, "read error " + count); +                    break; +                } +                off += count; +            } catch (IOException ex) { +                Log.e(mTag,"read exception"); +                break; +            } +        } +        if (off == len) return true; +        disconnect(); +        return false; +    } + +    private boolean readReply() { +        int len, ret; +        buflen = 0; + +        if (!readBytes(buf, 2)) return false; +        ret = (((int) buf[0]) & 0xff) | ((((int) buf[1]) & 0xff) << 8); +        if (ret != 0) return false; + +        if (!readBytes(buf, 2)) return false; +        len = (((int) buf[0]) & 0xff) | ((((int) buf[1]) & 0xff) << 8); +        if (len > BUFFER_LENGTH) { +            Log.e(mTag,"invalid reply length (" + len + ")"); +            disconnect(); +            return false; +        } +        if (!readBytes(buf, len)) return false; +        buflen = len; +        return true; +    } + +    private boolean writeCommand(String _cmd) { +        byte[] cmd = _cmd.getBytes(); +        int len = cmd.length; +        if ((len < 1) || (len > BUFFER_LENGTH)) return false; +        buf[0] = (byte) (len & 0xff); +        buf[1] = (byte) ((len >> 8) & 0xff); +        try { +            mOut.write(buf, 0, 2); +            mOut.write(cmd, 0, len); +        } catch (IOException ex) { +            Log.e(mTag,"write error"); +            disconnect(); +            return false; +        } +        return true; +    } + +    private String executeCommand(String cmd) { +        if (!writeCommand(cmd)) { +            /* If service died and restarted in the background +             * (unlikely but possible) we'll fail on the next +             * write (this one).  Try to reconnect and write +             * the command one more time before giving up. +             */ +            Log.e(mTag, "write command failed? reconnect!"); +            if (!connect() || !writeCommand(cmd)) { +                return null; +            } +        } +        if (readReply()) { +            return new String(buf, 0, buflen); +        } else { +            return null; +        } +    } + +    public synchronized String execute(String cmd) { +      String result; +      if (!connect()) { +          Log.e(mTag, "connection failed"); +          return null; +      } +      result = executeCommand(cmd); +      disconnect(); +      return result; +    } + +    public ServiceCommand(String service) { +        mServiceName = service; +        mTag = service; +    } +} | 
