diff options
Diffstat (limited to 'keystore')
-rw-r--r-- | keystore/java/android/security/KeyStore.java | 14 | ||||
-rw-r--r-- | keystore/tests/src/android/security/KeyStoreTest.java | 35 |
2 files changed, 34 insertions, 15 deletions
diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java index 957e3c1..f68b3f6 100644 --- a/keystore/java/android/security/KeyStore.java +++ b/keystore/java/android/security/KeyStore.java @@ -389,19 +389,19 @@ public class KeyStore { } } - public int generateKey(String alias, KeymasterArguments args, int uid, int flags, - KeyCharacteristics outCharacteristics) { + public int generateKey(String alias, KeymasterArguments args, byte[] entropy, int uid, + int flags, KeyCharacteristics outCharacteristics) { try { - return mBinder.generateKey(alias, args, uid, flags, outCharacteristics); + return mBinder.generateKey(alias, args, entropy, uid, flags, outCharacteristics); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return SYSTEM_ERROR; } } - public int generateKey(String alias, KeymasterArguments args, int flags, + public int generateKey(String alias, KeymasterArguments args, byte[] entropy, int flags, KeyCharacteristics outCharacteristics) { - return generateKey(alias, args, UID_SELF, flags, outCharacteristics); + return generateKey(alias, args, entropy, UID_SELF, flags, outCharacteristics); } public int getKeyCharacteristics(String alias, KeymasterBlob clientId, KeymasterBlob appId, @@ -441,9 +441,9 @@ public class KeyStore { } public OperationResult begin(String alias, int purpose, boolean pruneable, - KeymasterArguments args, KeymasterArguments outArgs) { + KeymasterArguments args, byte[] entropy, KeymasterArguments outArgs) { try { - return mBinder.begin(getToken(), alias, purpose, pruneable, args, outArgs); + return mBinder.begin(getToken(), alias, purpose, pruneable, args, entropy, outArgs); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return null; diff --git a/keystore/tests/src/android/security/KeyStoreTest.java b/keystore/tests/src/android/security/KeyStoreTest.java index f755bb0..7468fb5 100644 --- a/keystore/tests/src/android/security/KeyStoreTest.java +++ b/keystore/tests/src/android/security/KeyStoreTest.java @@ -717,7 +717,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { RSAKeyGenParameterSpec.F4.longValue()); KeyCharacteristics outCharacteristics = new KeyCharacteristics(); - int result = mKeyStore.generateKey(name, args, 0, outCharacteristics); + int result = mKeyStore.generateKey(name, args, null, 0, outCharacteristics); assertEquals("generateRsaKey should succeed", KeyStore.NO_ERROR, result); return outCharacteristics; } @@ -726,6 +726,24 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { generateRsaKey("test"); mKeyStore.delete("test"); } + + public void testGenerateRsaWithEntropy() throws Exception { + byte[] entropy = new byte[] {1,2,3,4,5}; + String name = "test"; + KeymasterArguments args = new KeymasterArguments(); + args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT); + args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT); + args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_RSA); + args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE); + args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 2048); + args.addLong(KeymasterDefs.KM_TAG_RSA_PUBLIC_EXPONENT, + RSAKeyGenParameterSpec.F4.longValue()); + + KeyCharacteristics outCharacteristics = new KeyCharacteristics(); + int result = mKeyStore.generateKey(name, args, entropy, 0, outCharacteristics); + assertEquals("generateKey should succeed", KeyStore.NO_ERROR, result); + } + public void testGenerateAndDelete() throws Exception { generateRsaKey("test"); assertTrue("delete should succeed", mKeyStore.delete("test")); @@ -756,7 +774,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { RSAKeyGenParameterSpec.F4.longValue()); KeyCharacteristics outCharacteristics = new KeyCharacteristics(); - int result = mKeyStore.generateKey(name, args, 0, outCharacteristics); + int result = mKeyStore.generateKey(name, args, null, 0, outCharacteristics); assertEquals("generateRsaKey should succeed", KeyStore.NO_ERROR, result); assertEquals("getKeyCharacteristics should fail without application ID", KeymasterDefs.KM_ERROR_INVALID_KEY_BLOB, @@ -790,13 +808,13 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { args.addInt(KeymasterDefs.KM_TAG_MAC_LENGTH, 16); KeyCharacteristics outCharacteristics = new KeyCharacteristics(); - int rc = mKeyStore.generateKey(name, args, 0, outCharacteristics); + int rc = mKeyStore.generateKey(name, args, null, 0, outCharacteristics); assertEquals("Generate should succeed", KeyStore.NO_ERROR, rc); KeymasterArguments out = new KeymasterArguments(); args = new KeymasterArguments(); OperationResult result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, - true, args, out); + true, args, null, out); IBinder token = result.token; assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode); result = mKeyStore.update(token, null, new byte[] {0x01, 0x02, 0x03, 0x04}); @@ -826,7 +844,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { private byte[] doOperation(String name, int purpose, byte[] in, KeymasterArguments beginArgs) { KeymasterArguments out = new KeymasterArguments(); OperationResult result = mKeyStore.begin(name, purpose, - true, beginArgs, out); + true, beginArgs, null, out); assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode); IBinder token = result.token; result = mKeyStore.update(token, null, in); @@ -885,18 +903,19 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { args.addInt(KeymasterDefs.KM_TAG_MAC_LENGTH, 16); KeyCharacteristics outCharacteristics = new KeyCharacteristics(); - int rc = mKeyStore.generateKey(name, args, 0, outCharacteristics); + int rc = mKeyStore.generateKey(name, args, null, 0, outCharacteristics); assertEquals("Generate should succeed", KeyStore.NO_ERROR, rc); KeymasterArguments out = new KeymasterArguments(); args = new KeymasterArguments(); OperationResult result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, - true, args, out); + true, args, null, out); assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode); IBinder first = result.token; // Implementation detail: softkeymaster supports 16 concurrent operations for (int i = 0; i < 16; i++) { - result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, true, args, out); + result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, true, args, null, + out); assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode); } // At this point the first operation should be pruned. |