From 6f2eb6d7a642b842976f5eeac2733b6f7e128711 Mon Sep 17 00:00:00 2001 From: Alex Klyubin Date: Mon, 13 Jul 2015 15:26:17 -0700 Subject: Fix Android Keystore key factories to obey JCA contract. Android Keystore provider's KeyFactory and SecretKeyFactory implementations were throwing UnsupportedOperationException instead of InvalidKeyException/InvalidKeySpecException from their translateKey/generateKey methods. Bug: 22459811 Change-Id: I6d5a5dc1bed724e858ad324d558b7480b9b848da --- .../keystore/AndroidKeyStoreKeyFactorySpi.java | 21 +++++++++++++-------- .../AndroidKeyStoreSecretKeyFactorySpi.java | 15 ++++++++++----- 2 files changed, 23 insertions(+), 13 deletions(-) (limited to 'keystore') diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyFactorySpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyFactorySpi.java index 515be1d..5ce4fd2 100644 --- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyFactorySpi.java +++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyFactorySpi.java @@ -124,22 +124,27 @@ public class AndroidKeyStoreKeyFactorySpi extends KeyFactorySpi { @Override protected PrivateKey engineGeneratePrivate(KeySpec spec) throws InvalidKeySpecException { - throw new UnsupportedOperationException( - "To generate a key pair in Android KeyStore, use KeyPairGenerator initialized with" + throw new InvalidKeySpecException( + "To generate a key pair in Android Keystore, use KeyPairGenerator initialized with" + " " + KeyGenParameterSpec.class.getName()); } @Override protected PublicKey engineGeneratePublic(KeySpec spec) throws InvalidKeySpecException { - throw new UnsupportedOperationException( - "To generate a key pair in Android KeyStore, use KeyPairGenerator initialized with" + throw new InvalidKeySpecException( + "To generate a key pair in Android Keystore, use KeyPairGenerator initialized with" + " " + KeyGenParameterSpec.class.getName()); } @Override - protected Key engineTranslateKey(Key arg0) throws InvalidKeyException { - throw new UnsupportedOperationException( - "To import a key into Android KeyStore, use KeyStore.setEntry with " - + KeyProtection.class.getName()); + protected Key engineTranslateKey(Key key) throws InvalidKeyException { + if (key == null) { + throw new InvalidKeyException("key == null"); + } else if ((!(key instanceof AndroidKeyStorePrivateKey)) + && (!(key instanceof AndroidKeyStorePublicKey))) { + throw new InvalidKeyException( + "To import a key into Android Keystore, use KeyStore.setEntry"); + } + return key; } } diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java index 9a2f908..11c22a9 100644 --- a/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java +++ b/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java @@ -185,15 +185,20 @@ public class AndroidKeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi { @Override protected SecretKey engineGenerateSecret(KeySpec keySpec) throws InvalidKeySpecException { - throw new UnsupportedOperationException( - "To generate secret key in Android KeyStore, use KeyGenerator initialized with " + throw new InvalidKeySpecException( + "To generate secret key in Android Keystore, use KeyGenerator initialized with " + KeyGenParameterSpec.class.getName()); } @Override protected SecretKey engineTranslateKey(SecretKey key) throws InvalidKeyException { - throw new UnsupportedOperationException( - "To import a secret key into Android KeyStore, use KeyStore.setEntry with " - + KeyProtection.class.getName()); + if (key == null) { + throw new InvalidKeyException("key == null"); + } else if (!(key instanceof AndroidKeyStoreSecretKey)) { + throw new InvalidKeyException( + "To import a secret key into Android Keystore, use KeyStore.setEntry"); + } + + return key; } } -- cgit v1.1