KeyStore: add API to uid versions

In previous commits, we added the ability to specify which UID we want to target on certain operations. This commit adds the ability to reach those binder calls from the KeyStore class. Also fix a problem where saw() was not reading all the values returned via the Binder call. This changes the semantics to return a null instead of failing silently when it's not possible to search. Change-Id: I32098dc0eb42e09ace89f6b7455766842a72e9f4
author: Kenny Root <kroot@google.com> 2013-02-13 17:02:57 -0800
committer: Kenny Root <kroot@android.com> 2013-03-20 16:50:06 +0000
commit: 78ad849163a7b01073b46fbd7d818392720005d1 (patch)
tree: 8b177dc6137d8264e6e1a288e726de2aab6f040a /keystore/java
parent: ebebb80b4a629756128b5a4fcf483133f01dbfd7 (diff)
download: frameworks_base-78ad849163a7b01073b46fbd7d818392720005d1.zip
frameworks_base-78ad849163a7b01073b46fbd7d818392720005d1.tar.gz
frameworks_base-78ad849163a7b01073b46fbd7d818392720005d1.tar.bz2
2 files changed, 67 insertions, 34 deletions
diff --git a/keystore/java/android/security/AndroidKeyStore.java b/keystore/java/android/security/AndroidKeyStore.java
index 65d7b8f..8a9826b 100644
--- a/keystore/java/android/security/AndroidKeyStore.java
+++ b/keystore/java/android/security/AndroidKeyStore.java
@@ -453,17 +453,19 @@ public class AndroidKeyStore extends KeyStoreSpi {
          * convention.
          */
         final String[] certAliases = mKeyStore.saw(Credentials.USER_CERTIFICATE);
-        for (String alias : certAliases) {
-            final byte[] certBytes = mKeyStore.get(Credentials.USER_CERTIFICATE + alias);
-            if (certBytes == null) {
-                continue;
-            }
+        if (certAliases != null) {
+            for (String alias : certAliases) {
+                final byte[] certBytes = mKeyStore.get(Credentials.USER_CERTIFICATE + alias);
+                if (certBytes == null) {
+                    continue;
+                }
 
-            final Certificate c = toCertificate(certBytes);
-            nonCaEntries.add(alias);
+                final Certificate c = toCertificate(certBytes);
+                nonCaEntries.add(alias);
 
-            if (cert.equals(c)) {
-                return alias;
+                if (cert.equals(c)) {
+                    return alias;
+                }
             }
         }
 
@@ -472,19 +474,22 @@ public class AndroidKeyStore extends KeyStoreSpi {
          * PrivateKeyEntry we looked at above.
          */
         final String[] caAliases = mKeyStore.saw(Credentials.CA_CERTIFICATE);
-        for (String alias : caAliases) {
-            if (nonCaEntries.contains(alias)) {
-                continue;
-            }
+        if (certAliases != null) {
+            for (String alias : caAliases) {
+                if (nonCaEntries.contains(alias)) {
+                    continue;
+                }
 
-            final byte[] certBytes = mKeyStore.get(Credentials.CA_CERTIFICATE + alias);
-            if (certBytes == null) {
-                continue;
-            }
+                final byte[] certBytes = mKeyStore.get(Credentials.CA_CERTIFICATE + alias);
+                if (certBytes == null) {
+                    continue;
+                }
 
-            final Certificate c = toCertificate(mKeyStore.get(Credentials.CA_CERTIFICATE + alias));
-            if (cert.equals(c)) {
-                return alias;
+                final Certificate c =
+                        toCertificate(mKeyStore.get(Credentials.CA_CERTIFICATE + alias));
+                if (cert.equals(c)) {
+                    return alias;
+                }
             }
         }
 
diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java
index 4b69317..9000668 100644
--- a/keystore/java/android/security/KeyStore.java
+++ b/keystore/java/android/security/KeyStore.java
@@ -87,42 +87,58 @@ public class KeyStore {
         }
     }
 
-    public boolean put(String key, byte[] value) {
+    public boolean put(String key, byte[] value, int uid) {
         try {
-            return mBinder.insert(key, value, -1) == NO_ERROR;
+            return mBinder.insert(key, value, uid) == NO_ERROR;
         } catch (RemoteException e) {
             Log.w(TAG, "Cannot connect to keystore", e);
             return false;
         }
     }
 
-    public boolean delete(String key) {
+    public boolean put(String key, byte[] value) {
+        return put(key, value, -1);
+    }
+
+    public boolean delete(String key, int uid) {
         try {
-            return mBinder.del(key, -1) == NO_ERROR;
+            return mBinder.del(key, uid) == NO_ERROR;
         } catch (RemoteException e) {
             Log.w(TAG, "Cannot connect to keystore", e);
             return false;
         }
     }
 
-    public boolean contains(String key) {
+    public boolean delete(String key) {
+        return delete(key, -1);
+    }
+
+    public boolean contains(String key, int uid) {
         try {
-            return mBinder.exist(key, -1) == NO_ERROR;
+            return mBinder.exist(key, uid) == NO_ERROR;
         } catch (RemoteException e) {
             Log.w(TAG, "Cannot connect to keystore", e);
             return false;
         }
     }
 
-    public String[] saw(String prefix) {
+    public boolean contains(String key) {
+        return contains(key, -1);
+    }
+
+    public String[] saw(String prefix, int uid) {
         try {
-            return mBinder.saw(prefix, -1);
+            return mBinder.saw(prefix, uid);
         } catch (RemoteException e) {
             Log.w(TAG, "Cannot connect to keystore", e);
             return null;
         }
     }
 
+    public String[] saw(String prefix) {
+        return saw(prefix, -1);
+    }
+
     public boolean reset() {
         try {
             return mBinder.reset() == NO_ERROR;
@@ -169,24 +185,32 @@ public class KeyStore {
         }
     }
 
-    public boolean generate(String key) {
+    public boolean generate(String key, int uid) {
         try {
-            return mBinder.generate(key, -1) == NO_ERROR;
+            return mBinder.generate(key, uid) == NO_ERROR;
         } catch (RemoteException e) {
             Log.w(TAG, "Cannot connect to keystore", e);
             return false;
         }
     }
 
-    public boolean importKey(String keyName, byte[] key) {
+    public boolean generate(String key) {
+        return generate(key, -1);
+    }
+
+    public boolean importKey(String keyName, byte[] key, int uid) {
         try {
-            return mBinder.import_key(keyName, key, -1) == NO_ERROR;
+            return mBinder.import_key(keyName, key, uid) == NO_ERROR;
         } catch (RemoteException e) {
             Log.w(TAG, "Cannot connect to keystore", e);
             return false;
         }
     }
 
+    public boolean importKey(String keyName, byte[] key) {
+        return importKey(keyName, key, -1);
+    }
+
     public byte[] getPubkey(String key) {
         try {
             return mBinder.get_pubkey(key);
@@ -196,15 +220,19 @@ public class KeyStore {
         }
     }
 
-    public boolean delKey(String key) {
+    public boolean delKey(String key, int uid) {
         try {
-            return mBinder.del_key(key, -1) == NO_ERROR;
+            return mBinder.del_key(key, uid) == NO_ERROR;
         } catch (RemoteException e) {
             Log.w(TAG, "Cannot connect to keystore", e);
             return false;
         }
     }
 
+    public boolean delKey(String key) {
+        return delKey(key, -1);
+    }
+
     public byte[] sign(String key, byte[] data) {
         try {
             return mBinder.sign(key, data);
author	Kenny Root <kroot@google.com>	2013-02-13 17:02:57 -0800
committer	Kenny Root <kroot@android.com>	2013-03-20 16:50:06 +0000
commit	78ad849163a7b01073b46fbd7d818392720005d1 (patch)
tree	8b177dc6137d8264e6e1a288e726de2aab6f040a /keystore/java
parent	ebebb80b4a629756128b5a4fcf483133f01dbfd7 (diff)
download	frameworks_base-78ad849163a7b01073b46fbd7d818392720005d1.zip frameworks_base-78ad849163a7b01073b46fbd7d818392720005d1.tar.gz frameworks_base-78ad849163a7b01073b46fbd7d818392720005d1.tar.bz2