summaryrefslogtreecommitdiffstats
path: root/keystore/java
diff options
context:
space:
mode:
authorAlex Klyubin <klyubin@google.com>2015-06-16 13:13:13 -0700
committerAlex Klyubin <klyubin@google.com>2015-06-16 13:13:13 -0700
commitffdfb57931d1189feef51c4baa866d07265976a3 (patch)
treefa9e76609ee233569906c4712b7e0ff6c2ac1a6f /keystore/java
parentcb3bb3f03ac253052cd42a32a54e63c2ee9b9a95 (diff)
downloadframeworks_base-ffdfb57931d1189feef51c4baa866d07265976a3.zip
frameworks_base-ffdfb57931d1189feef51c4baa866d07265976a3.tar.gz
frameworks_base-ffdfb57931d1189feef51c4baa866d07265976a3.tar.bz2
Harden KeyInfo.
This ensures that KeyInfo instances are truly immutable. Bug: 18088752 Change-Id: Ic157d3b928b129a02c3cab9dd20ba9936a005813
Diffstat (limited to 'keystore/java')
-rw-r--r--keystore/java/android/security/keystore/KeyInfo.java14
1 files changed, 8 insertions, 6 deletions
diff --git a/keystore/java/android/security/keystore/KeyInfo.java b/keystore/java/android/security/keystore/KeyInfo.java
index e4f921e..03b4100 100644
--- a/keystore/java/android/security/keystore/KeyInfo.java
+++ b/keystore/java/android/security/keystore/KeyInfo.java
@@ -33,6 +33,8 @@ import javax.crypto.SecretKey;
* is authorized for (e.g., only in {@code CBC} mode, or signing only), whether the key should be
* encrypted at rest, the key's and validity start and end dates.
*
+ * <p>Instances of this class are immutable.
+ *
* <p><h3>Example: Symmetric Key</h3>
* The following example illustrates how to obtain a {@code KeyInfo} describing the provided Android
* Keystore {@link SecretKey}.
@@ -102,9 +104,9 @@ public class KeyInfo implements KeySpec {
mInsideSecureHardware = insideSecureHardware;
mOrigin = origin;
mKeySize = keySize;
- mKeyValidityStart = keyValidityStart;
- mKeyValidityForOriginationEnd = keyValidityForOriginationEnd;
- mKeyValidityForConsumptionEnd = keyValidityForConsumptionEnd;
+ mKeyValidityStart = Utils.cloneIfNotNull(keyValidityStart);
+ mKeyValidityForOriginationEnd = Utils.cloneIfNotNull(keyValidityForOriginationEnd);
+ mKeyValidityForConsumptionEnd = Utils.cloneIfNotNull(keyValidityForConsumptionEnd);
mPurposes = purposes;
mEncryptionPaddings =
ArrayUtils.cloneIfNotEmpty(ArrayUtils.nullToEmpty(encryptionPaddings));
@@ -155,7 +157,7 @@ public class KeyInfo implements KeySpec {
*/
@Nullable
public Date getKeyValidityStart() {
- return mKeyValidityStart;
+ return Utils.cloneIfNotNull(mKeyValidityStart);
}
/**
@@ -165,7 +167,7 @@ public class KeyInfo implements KeySpec {
*/
@Nullable
public Date getKeyValidityForConsumptionEnd() {
- return mKeyValidityForConsumptionEnd;
+ return Utils.cloneIfNotNull(mKeyValidityForConsumptionEnd);
}
/**
@@ -175,7 +177,7 @@ public class KeyInfo implements KeySpec {
*/
@Nullable
public Date getKeyValidityForOriginationEnd() {
- return mKeyValidityForOriginationEnd;
+ return Utils.cloneIfNotNull(mKeyValidityForOriginationEnd);
}
/**