diff options
| -rw-r--r-- | core/java/android/security/IKeystoreService.java | 5 | ||||
| -rw-r--r-- | keystore/java/android/security/KeyChain.java | 6 | ||||
| -rw-r--r-- | keystore/java/android/security/KeyStore.java | 9 |
3 files changed, 15 insertions, 5 deletions
diff --git a/core/java/android/security/IKeystoreService.java b/core/java/android/security/IKeystoreService.java index bf8d4e5..f8bf45b 100644 --- a/core/java/android/security/IKeystoreService.java +++ b/core/java/android/security/IKeystoreService.java @@ -444,12 +444,13 @@ public interface IKeystoreService extends IInterface { } @Override - public int is_hardware_backed() throws RemoteException { + public int is_hardware_backed(String keyType) throws RemoteException { Parcel _data = Parcel.obtain(); Parcel _reply = Parcel.obtain(); int _result; try { _data.writeInterfaceToken(DESCRIPTOR); + _data.writeString(keyType); mRemote.transact(Stub.TRANSACTION_is_hardware_backed, _data, _reply, 0); _reply.readException(); _result = _reply.readInt(); @@ -593,7 +594,7 @@ public interface IKeystoreService extends IInterface { public int duplicate(String srcKey, int srcUid, String destKey, int destUid) throws RemoteException; - public int is_hardware_backed() throws RemoteException; + public int is_hardware_backed(String string) throws RemoteException; public int clear_uid(long uid) throws RemoteException; } diff --git a/keystore/java/android/security/KeyChain.java b/keystore/java/android/security/KeyChain.java index 9ea325a..8ad973d 100644 --- a/keystore/java/android/security/KeyChain.java +++ b/keystore/java/android/security/KeyChain.java @@ -34,6 +34,7 @@ import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.List; +import java.util.Locale; import java.util.concurrent.BlockingQueue; import java.util.concurrent.LinkedBlockingQueue; @@ -364,7 +365,8 @@ public final class KeyChain { * "RSA"). */ public static boolean isKeyAlgorithmSupported(String algorithm) { - return "RSA".equals(algorithm); + final String algUpper = algorithm.toUpperCase(Locale.US); + return "DSA".equals(algUpper) || "EC".equals(algUpper) || "RSA".equals(algUpper); } /** @@ -379,7 +381,7 @@ public final class KeyChain { return false; } - return KeyStore.getInstance().isHardwareBacked(); + return KeyStore.getInstance().isHardwareBacked(algorithm); } private static X509Certificate toCertificate(byte[] bytes) { diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java index 9babb94..6ac49ee 100644 --- a/keystore/java/android/security/KeyStore.java +++ b/keystore/java/android/security/KeyStore.java @@ -22,6 +22,8 @@ import android.os.RemoteException; import android.os.ServiceManager; import android.util.Log; +import java.util.Locale; + /** * @hide This should not be made public in its present form because it * assumes that private and secret key bytes are available and would @@ -306,9 +308,14 @@ public class KeyStore { } } + // TODO remove this when it's removed from Settings public boolean isHardwareBacked() { + return isHardwareBacked("RSA"); + } + + public boolean isHardwareBacked(String keyType) { try { - return mBinder.is_hardware_backed() == NO_ERROR; + return mBinder.is_hardware_backed(keyType.toUpperCase(Locale.US)) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; |