Merge "Keymaster key validity dates are optional." into mnc-dev

author: Alex Klyubin <klyubin@google.com> 2015-06-23 20:35:23 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2015-06-23 20:35:30 +0000
commit: 90c9e4eb54a9c4b4fbc821b1992f2aee2f2b1e8c (patch)
tree: 3adda6bc46dacb89715e293c6c9f285bdc80e1a9 /keystore
parent: f1b25bd43464b2603da98ce5f03f41d9819d2374 (diff)
parent: d6c7799b9a8b00d160a1d2d32c7326132cbc7b7b (diff)
download: frameworks_base-90c9e4eb54a9c4b4fbc821b1992f2aee2f2b1e8c.zip
frameworks_base-90c9e4eb54a9c4b4fbc821b1992f2aee2f2b1e8c.tar.gz
frameworks_base-90c9e4eb54a9c4b4fbc821b1992f2aee2f2b1e8c.tar.bz2
4 files changed, 21 insertions, 50 deletions
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
index 688936c..66509e2 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
@@ -31,7 +31,6 @@ import java.security.ProviderException;
 import java.security.SecureRandom;
 import java.security.spec.AlgorithmParameterSpec;
 import java.util.Arrays;
-import java.util.Date;
 
 import javax.crypto.KeyGeneratorSpi;
 import javax.crypto.SecretKey;
@@ -278,15 +277,11 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
         KeymasterUtils.addUserAuthArgs(args,
                 spec.isUserAuthenticationRequired(),
                 spec.getUserAuthenticationValidityDurationSeconds());
-        args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME,
-                (spec.getKeyValidityStart() != null)
-                ? spec.getKeyValidityStart() : new Date(0));
-        args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,
-                (spec.getKeyValidityForOriginationEnd() != null)
-                ? spec.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE));
-        args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME,
-                (spec.getKeyValidityForConsumptionEnd() != null)
-                ? spec.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE));
+        args.addDateIfNotNull(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, spec.getKeyValidityStart());
+        args.addDateIfNotNull(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,
+                spec.getKeyValidityForOriginationEnd());
+        args.addDateIfNotNull(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME,
+                spec.getKeyValidityForConsumptionEnd());
 
         if (((spec.getPurposes() & KeyProperties.PURPOSE_ENCRYPT) != 0)
                 && (!spec.isRandomizedEncryptionRequired())) {
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
index 02afa0a..ff265cf 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
@@ -415,15 +415,11 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato
         KeymasterUtils.addUserAuthArgs(args,
                 mSpec.isUserAuthenticationRequired(),
                 mSpec.getUserAuthenticationValidityDurationSeconds());
-        args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME,
-                (mSpec.getKeyValidityStart() != null)
-                ? mSpec.getKeyValidityStart() : new Date(0));
-        args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,
-                (mSpec.getKeyValidityForOriginationEnd() != null)
-                ? mSpec.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE));
-        args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME,
-                (mSpec.getKeyValidityForConsumptionEnd() != null)
-                ? mSpec.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE));
+        args.addDateIfNotNull(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, mSpec.getKeyValidityStart());
+        args.addDateIfNotNull(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,
+                mSpec.getKeyValidityForOriginationEnd());
+        args.addDateIfNotNull(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME,
+                mSpec.getKeyValidityForConsumptionEnd());
         addAlgorithmSpecificParameters(args);
 
         byte[] additionalEntropy =
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java
index 8b00821..7887923 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java
@@ -147,21 +147,10 @@ public class AndroidKeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi {
         }
 
         Date keyValidityStart = keyCharacteristics.getDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME);
-        if ((keyValidityStart != null) && (keyValidityStart.getTime() <= 0)) {
-            keyValidityStart = null;
-        }
         Date keyValidityForOriginationEnd =
                 keyCharacteristics.getDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME);
-        if ((keyValidityForOriginationEnd != null)
-                && (keyValidityForOriginationEnd.getTime() == Long.MAX_VALUE)) {
-            keyValidityForOriginationEnd = null;
-        }
         Date keyValidityForConsumptionEnd =
                 keyCharacteristics.getDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME);
-        if ((keyValidityForConsumptionEnd != null)
-                && (keyValidityForConsumptionEnd.getTime() == Long.MAX_VALUE)) {
-            keyValidityForConsumptionEnd = null;
-        }
         boolean userAuthenticationRequired =
                 !keyCharacteristics.getBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED);
         int userAuthenticationValidityDurationSeconds =
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
index 5fb589e..084e30e 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
@@ -435,17 +435,12 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
                 KeymasterUtils.addUserAuthArgs(importArgs,
                         spec.isUserAuthenticationRequired(),
                         spec.getUserAuthenticationValidityDurationSeconds());
-                importArgs.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME,
-                        (spec.getKeyValidityStart() != null)
-                                ? spec.getKeyValidityStart() : new Date(0));
-                importArgs.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,
-                        (spec.getKeyValidityForOriginationEnd() != null)
-                                ? spec.getKeyValidityForOriginationEnd()
-                                : new Date(Long.MAX_VALUE));
-                importArgs.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME,
-                        (spec.getKeyValidityForConsumptionEnd() != null)
-                                ? spec.getKeyValidityForConsumptionEnd()
-                                : new Date(Long.MAX_VALUE));
+                importArgs.addDateIfNotNull(KeymasterDefs.KM_TAG_ACTIVE_DATETIME,
+                        spec.getKeyValidityStart());
+                importArgs.addDateIfNotNull(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,
+                        spec.getKeyValidityForOriginationEnd());
+                importArgs.addDateIfNotNull(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME,
+                        spec.getKeyValidityForConsumptionEnd());
             } catch (IllegalArgumentException e) {
                 throw new KeyStoreException("Invalid parameter", e);
             }
@@ -646,15 +641,11 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
         KeymasterUtils.addUserAuthArgs(args,
                 params.isUserAuthenticationRequired(),
                 params.getUserAuthenticationValidityDurationSeconds());
-        args.addDate(KeymasterDefs.KM_TAG_ACTIVE_DATETIME,
-                (params.getKeyValidityStart() != null)
-                        ? params.getKeyValidityStart() : new Date(0));
-        args.addDate(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,
-                (params.getKeyValidityForOriginationEnd() != null)
-                        ? params.getKeyValidityForOriginationEnd() : new Date(Long.MAX_VALUE));
-        args.addDate(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME,
-                (params.getKeyValidityForConsumptionEnd() != null)
-                        ? params.getKeyValidityForConsumptionEnd() : new Date(Long.MAX_VALUE));
+        args.addDateIfNotNull(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, params.getKeyValidityStart());
+        args.addDateIfNotNull(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,
+                params.getKeyValidityForOriginationEnd());
+        args.addDateIfNotNull(KeymasterDefs.KM_TAG_USAGE_EXPIRE_DATETIME,
+                params.getKeyValidityForConsumptionEnd());
 
         if (((purposes & KeyProperties.PURPOSE_ENCRYPT) != 0)
                 && (!params.isRandomizedEncryptionRequired())) {
author	Alex Klyubin <klyubin@google.com>	2015-06-23 20:35:23 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2015-06-23 20:35:30 +0000
commit	90c9e4eb54a9c4b4fbc821b1992f2aee2f2b1e8c (patch)
tree	3adda6bc46dacb89715e293c6c9f285bdc80e1a9 /keystore
parent	f1b25bd43464b2603da98ce5f03f41d9819d2374 (diff)
parent	d6c7799b9a8b00d160a1d2d32c7326132cbc7b7b (diff)
download	frameworks_base-90c9e4eb54a9c4b4fbc821b1992f2aee2f2b1e8c.zip frameworks_base-90c9e4eb54a9c4b4fbc821b1992f2aee2f2b1e8c.tar.gz frameworks_base-90c9e4eb54a9c4b4fbc821b1992f2aee2f2b1e8c.tar.bz2