Move Android Keystore impl to android.security.keystore.
This moves the non-public API classes backing Android Keystore from
android.security to android.security.keystore, a package specially
created for Android Keystore.
Bug: 18088752
Change-Id: Ibf04d6a26c54d310b0501fc5e34f37b1176324ad
diff --git a/core/java/android/app/ActivityThread.java b/core/java/android/app/ActivityThread.java
index f506d59..5dcbe37 100644
--- a/core/java/android/app/ActivityThread.java
+++ b/core/java/android/app/ActivityThread.java
@@ -96,7 +96,7 @@
import android.view.WindowManager;
import android.view.WindowManagerGlobal;
import android.renderscript.RenderScriptCacheDir;
-import android.security.AndroidKeyStoreProvider;
+import android.security.keystore.AndroidKeyStoreProvider;
import com.android.internal.app.IVoiceInteractor;
import com.android.internal.content.ReferrerIntent;
diff --git a/core/java/android/hardware/fingerprint/FingerprintManager.java b/core/java/android/hardware/fingerprint/FingerprintManager.java
index cf96145..1a75e81 100644
--- a/core/java/android/hardware/fingerprint/FingerprintManager.java
+++ b/core/java/android/hardware/fingerprint/FingerprintManager.java
@@ -32,7 +32,7 @@
import android.os.UserHandle;
import android.provider.Settings;
import android.hardware.fingerprint.FingerprintManager.EnrollmentCallback;
-import android.security.AndroidKeyStoreProvider;
+import android.security.keystore.AndroidKeyStoreProvider;
import android.util.Log;
import android.util.Slog;
diff --git a/keystore/java/android/security/Credentials.java b/keystore/java/android/security/Credentials.java
index 6283e02..5d777b0 100644
--- a/keystore/java/android/security/Credentials.java
+++ b/keystore/java/android/security/Credentials.java
@@ -216,7 +216,7 @@
* particular {@code alias}. All three can exist for any given alias.
* Returns {@code true} if there was at least one of those types.
*/
- static boolean deleteAllTypesForAlias(KeyStore keystore, String alias) {
+ public static boolean deleteAllTypesForAlias(KeyStore keystore, String alias) {
/*
* Make sure every type is deleted. There can be all three types, so
* don't use a conditional here.
@@ -231,7 +231,7 @@
* particular {@code alias}. All three can exist for any given alias.
* Returns {@code true} if there was at least one of those types.
*/
- static boolean deleteCertificateTypesForAlias(KeyStore keystore, String alias) {
+ public static boolean deleteCertificateTypesForAlias(KeyStore keystore, String alias) {
/*
* Make sure every certificate type is deleted. There can be two types,
* so don't use a conditional here.
@@ -252,7 +252,7 @@
* Delete secret key for a particular {@code alias}.
* Returns {@code true} if an entry was was deleted.
*/
- static boolean deleteSecretKeyTypeForAlias(KeyStore keystore, String alias) {
+ public static boolean deleteSecretKeyTypeForAlias(KeyStore keystore, String alias) {
return keystore.delete(Credentials.USER_SECRET_KEY + alias);
}
}
diff --git a/keystore/java/android/security/GateKeeper.java b/keystore/java/android/security/GateKeeper.java
index 5617836..c1df28c 100644
--- a/keystore/java/android/security/GateKeeper.java
+++ b/keystore/java/android/security/GateKeeper.java
@@ -1,3 +1,19 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
package android.security;
import android.os.RemoteException;
diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java
index 72c74df..06f5b06 100644
--- a/keystore/java/android/security/KeyStore.java
+++ b/keystore/java/android/security/KeyStore.java
@@ -109,7 +109,7 @@
mContext = getApplicationContext();
}
- static Context getApplicationContext() {
+ public static Context getApplicationContext() {
ActivityThread activityThread = ActivityThread.currentActivityThread();
if (activityThread == null) {
throw new IllegalStateException(
@@ -136,7 +136,7 @@
return mToken;
}
- static int getKeyTypeForAlgorithm(@KeyProperties.KeyAlgorithmEnum String keyType) {
+ public static int getKeyTypeForAlgorithm(@KeyProperties.KeyAlgorithmEnum String keyType) {
if (KeyProperties.KEY_ALGORITHM_RSA.equalsIgnoreCase(keyType)) {
return NativeConstants.EVP_PKEY_RSA;
} else if (KeyProperties.KEY_ALGORITHM_EC.equalsIgnoreCase(keyType)) {
@@ -632,7 +632,7 @@
* Returns a {@link KeyStoreException} corresponding to the provided keystore/keymaster error
* code.
*/
- static KeyStoreException getKeyStoreException(int errorCode) {
+ public static KeyStoreException getKeyStoreException(int errorCode) {
if (errorCode > 0) {
// KeyStore layer error
switch (errorCode) {
@@ -674,7 +674,8 @@
* Returns an {@link InvalidKeyException} corresponding to the provided
* {@link KeyStoreException}.
*/
- InvalidKeyException getInvalidKeyException(String keystoreKeyAlias, KeyStoreException e) {
+ public InvalidKeyException getInvalidKeyException(
+ String keystoreKeyAlias, KeyStoreException e) {
switch (e.getErrorCode()) {
case LOCKED:
return new UserNotAuthenticatedException();
@@ -745,7 +746,7 @@
* Returns an {@link InvalidKeyException} corresponding to the provided keystore/keymaster error
* code.
*/
- InvalidKeyException getInvalidKeyException(String keystoreKeyAlias, int errorCode) {
+ public InvalidKeyException getInvalidKeyException(String keystoreKeyAlias, int errorCode) {
return getInvalidKeyException(keystoreKeyAlias, getKeyStoreException(errorCode));
}
}
diff --git a/keystore/java/android/security/AndroidKeyPairGenerator.java b/keystore/java/android/security/keystore/AndroidKeyPairGeneratorSpi.java
similarity index 96%
rename from keystore/java/android/security/AndroidKeyPairGenerator.java
rename to keystore/java/android/security/keystore/AndroidKeyPairGeneratorSpi.java
index e9f8320..8d3b421 100644
--- a/keystore/java/android/security/AndroidKeyPairGenerator.java
+++ b/keystore/java/android/security/keystore/AndroidKeyPairGeneratorSpi.java
@@ -14,11 +14,12 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import android.annotation.NonNull;
-import android.security.keystore.KeyGenParameterSpec;
-import android.security.keystore.KeyProperties;
+import android.security.Credentials;
+import android.security.KeyPairGeneratorSpec;
+import android.security.KeyStore;
import com.android.org.bouncycastle.x509.X509V3CertificateGenerator;
import com.android.org.conscrypt.NativeConstants;
@@ -55,15 +56,15 @@
*
* {@hide}
*/
-public abstract class AndroidKeyPairGenerator extends KeyPairGeneratorSpi {
+public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
- public static class RSA extends AndroidKeyPairGenerator {
+ public static class RSA extends AndroidKeyPairGeneratorSpi {
public RSA() {
super(KeyProperties.KEY_ALGORITHM_RSA);
}
}
- public static class EC extends AndroidKeyPairGenerator {
+ public static class EC extends AndroidKeyPairGeneratorSpi {
public EC() {
super(KeyProperties.KEY_ALGORITHM_EC);
}
@@ -92,7 +93,7 @@
private int mKeyType;
private int mKeySize;
- protected AndroidKeyPairGenerator(@KeyProperties.KeyAlgorithmEnum String algorithm) {
+ protected AndroidKeyPairGeneratorSpi(@KeyProperties.KeyAlgorithmEnum String algorithm) {
mAlgorithm = algorithm;
}
diff --git a/keystore/java/android/security/AndroidKeyStoreBCWorkaroundProvider.java b/keystore/java/android/security/keystore/AndroidKeyStoreBCWorkaroundProvider.java
similarity index 75%
rename from keystore/java/android/security/AndroidKeyStoreBCWorkaroundProvider.java
rename to keystore/java/android/security/keystore/AndroidKeyStoreBCWorkaroundProvider.java
index 45329cf..3774e36 100644
--- a/keystore/java/android/security/AndroidKeyStoreBCWorkaroundProvider.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreBCWorkaroundProvider.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import java.security.Provider;
@@ -40,9 +40,9 @@
// classes when this provider is instantiated and installed early on during each app's
// initialization process.
- private static final String PACKAGE_NAME = "android.security";
+ private static final String PACKAGE_NAME = "android.security.keystore";
private static final String KEYSTORE_SECRET_KEY_CLASS_NAME =
- PACKAGE_NAME + ".KeyStoreSecretKey";
+ PACKAGE_NAME + ".AndroidKeyStoreSecretKey";
AndroidKeyStoreBCWorkaroundProvider() {
super("AndroidKeyStoreBCWorkaround",
@@ -50,25 +50,25 @@
"Android KeyStore security provider to work around Bouncy Castle");
// javax.crypto.Mac
- putMacImpl("HmacSHA1", PACKAGE_NAME + ".KeyStoreHmacSpi$HmacSHA1");
- putMacImpl("HmacSHA224", PACKAGE_NAME + ".KeyStoreHmacSpi$HmacSHA224");
- putMacImpl("HmacSHA256", PACKAGE_NAME + ".KeyStoreHmacSpi$HmacSHA256");
- putMacImpl("HmacSHA384", PACKAGE_NAME + ".KeyStoreHmacSpi$HmacSHA384");
- putMacImpl("HmacSHA512", PACKAGE_NAME + ".KeyStoreHmacSpi$HmacSHA512");
+ putMacImpl("HmacSHA1", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA1");
+ putMacImpl("HmacSHA224", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA224");
+ putMacImpl("HmacSHA256", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA256");
+ putMacImpl("HmacSHA384", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA384");
+ putMacImpl("HmacSHA512", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA512");
// javax.crypto.Cipher
putSymmetricCipherImpl("AES/ECB/NoPadding",
- PACKAGE_NAME + ".KeyStoreCipherSpi$AES$ECB$NoPadding");
+ PACKAGE_NAME + ".AndroidKeyStoreCipherSpi$AES$ECB$NoPadding");
putSymmetricCipherImpl("AES/ECB/PKCS7Padding",
- PACKAGE_NAME + ".KeyStoreCipherSpi$AES$ECB$PKCS7Padding");
+ PACKAGE_NAME + ".AndroidKeyStoreCipherSpi$AES$ECB$PKCS7Padding");
putSymmetricCipherImpl("AES/CBC/NoPadding",
- PACKAGE_NAME + ".KeyStoreCipherSpi$AES$CBC$NoPadding");
+ PACKAGE_NAME + ".AndroidKeyStoreCipherSpi$AES$CBC$NoPadding");
putSymmetricCipherImpl("AES/CBC/PKCS7Padding",
- PACKAGE_NAME + ".KeyStoreCipherSpi$AES$CBC$PKCS7Padding");
+ PACKAGE_NAME + ".AndroidKeyStoreCipherSpi$AES$CBC$PKCS7Padding");
putSymmetricCipherImpl("AES/CTR/NoPadding",
- PACKAGE_NAME + ".KeyStoreCipherSpi$AES$CTR$NoPadding");
+ PACKAGE_NAME + ".AndroidKeyStoreCipherSpi$AES$CTR$NoPadding");
}
private void putMacImpl(String algorithm, String implClass) {
diff --git a/keystore/java/android/security/KeyStoreCipherSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreCipherSpi.java
similarity index 97%
rename from keystore/java/android/security/KeyStoreCipherSpi.java
rename to keystore/java/android/security/keystore/AndroidKeyStoreCipherSpi.java
index b0f1695..27df5e7 100644
--- a/keystore/java/android/security/KeyStoreCipherSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreCipherSpi.java
@@ -14,9 +14,11 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import android.os.IBinder;
+import android.security.KeyStore;
+import android.security.KeyStoreException;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.KeymasterDefs;
import android.security.keymaster.OperationResult;
@@ -48,9 +50,10 @@
*
* @hide
*/
-public abstract class KeyStoreCipherSpi extends CipherSpi implements KeyStoreCryptoOperation {
+public abstract class AndroidKeyStoreCipherSpi extends CipherSpi
+ implements KeyStoreCryptoOperation {
- public abstract static class AES extends KeyStoreCipherSpi {
+ public abstract static class AES extends AndroidKeyStoreCipherSpi {
protected AES(int keymasterBlockMode, int keymasterPadding, boolean ivUsed) {
super(KeymasterDefs.KM_ALGORITHM_AES,
keymasterBlockMode,
@@ -120,7 +123,7 @@
// Fields below are populated by Cipher.init and KeyStore.begin and should be preserved after
// doFinal finishes.
protected boolean mEncrypting;
- private KeyStoreSecretKey mKey;
+ private AndroidKeyStoreSecretKey mKey;
private SecureRandom mRng;
private boolean mFirstOperationInitiated;
private byte[] mIv;
@@ -147,7 +150,7 @@
*/
private Exception mCachedException;
- protected KeyStoreCipherSpi(
+ protected AndroidKeyStoreCipherSpi(
int keymasterAlgorithm,
int keymasterBlockMode,
int keymasterPadding,
@@ -219,11 +222,11 @@
}
private void init(int opmode, Key key, SecureRandom random) throws InvalidKeyException {
- if (!(key instanceof KeyStoreSecretKey)) {
+ if (!(key instanceof AndroidKeyStoreSecretKey)) {
throw new InvalidKeyException(
"Unsupported key: " + ((key != null) ? key.getClass().getName() : "null"));
}
- mKey = (KeyStoreSecretKey) key;
+ mKey = (AndroidKeyStoreSecretKey) key;
mRng = random;
mIv = null;
mFirstOperationInitiated = false;
diff --git a/keystore/java/android/security/KeyStoreHmacSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreHmacSpi.java
similarity index 90%
rename from keystore/java/android/security/KeyStoreHmacSpi.java
rename to keystore/java/android/security/keystore/AndroidKeyStoreHmacSpi.java
index 5089a25..b82a7f5 100644
--- a/keystore/java/android/security/KeyStoreHmacSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreHmacSpi.java
@@ -14,9 +14,11 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import android.os.IBinder;
+import android.security.KeyStore;
+import android.security.KeyStoreException;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.KeymasterDefs;
import android.security.keymaster.OperationResult;
@@ -34,33 +36,33 @@
*
* @hide
*/
-public abstract class KeyStoreHmacSpi extends MacSpi implements KeyStoreCryptoOperation {
+public abstract class AndroidKeyStoreHmacSpi extends MacSpi implements KeyStoreCryptoOperation {
- public static class HmacSHA1 extends KeyStoreHmacSpi {
+ public static class HmacSHA1 extends AndroidKeyStoreHmacSpi {
public HmacSHA1() {
super(KeymasterDefs.KM_DIGEST_SHA1);
}
}
- public static class HmacSHA224 extends KeyStoreHmacSpi {
+ public static class HmacSHA224 extends AndroidKeyStoreHmacSpi {
public HmacSHA224() {
super(KeymasterDefs.KM_DIGEST_SHA_2_224);
}
}
- public static class HmacSHA256 extends KeyStoreHmacSpi {
+ public static class HmacSHA256 extends AndroidKeyStoreHmacSpi {
public HmacSHA256() {
super(KeymasterDefs.KM_DIGEST_SHA_2_256);
}
}
- public static class HmacSHA384 extends KeyStoreHmacSpi {
+ public static class HmacSHA384 extends AndroidKeyStoreHmacSpi {
public HmacSHA384() {
super(KeymasterDefs.KM_DIGEST_SHA_2_384);
}
}
- public static class HmacSHA512 extends KeyStoreHmacSpi {
+ public static class HmacSHA512 extends AndroidKeyStoreHmacSpi {
public HmacSHA512() {
super(KeymasterDefs.KM_DIGEST_SHA_2_512);
}
@@ -71,14 +73,14 @@
private final int mMacSizeBits;
// Fields below are populated by engineInit and should be preserved after engineDoFinal.
- private KeyStoreSecretKey mKey;
+ private AndroidKeyStoreSecretKey mKey;
// Fields below are reset when engineDoFinal succeeds.
private KeyStoreCryptoOperationChunkedStreamer mChunkedStreamer;
private IBinder mOperationToken;
private long mOperationHandle;
- protected KeyStoreHmacSpi(int keymasterDigest) {
+ protected AndroidKeyStoreHmacSpi(int keymasterDigest) {
mKeymasterDigest = keymasterDigest;
mMacSizeBits = KeymasterUtils.getDigestOutputSizeBits(keymasterDigest);
}
@@ -109,11 +111,11 @@
InvalidAlgorithmParameterException {
if (key == null) {
throw new InvalidKeyException("key == null");
- } else if (!(key instanceof KeyStoreSecretKey)) {
+ } else if (!(key instanceof AndroidKeyStoreSecretKey)) {
throw new InvalidKeyException(
"Only Android KeyStore secret keys supported. Key: " + key);
}
- mKey = (KeyStoreSecretKey) key;
+ mKey = (AndroidKeyStoreSecretKey) key;
if (params != null) {
throw new InvalidAlgorithmParameterException(
diff --git a/keystore/java/android/security/KeyStoreKey.java b/keystore/java/android/security/keystore/AndroidKeyStoreKey.java
similarity index 88%
rename from keystore/java/android/security/KeyStoreKey.java
rename to keystore/java/android/security/keystore/AndroidKeyStoreKey.java
index 7a34829..6098e5c 100644
--- a/keystore/java/android/security/KeyStoreKey.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreKey.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import java.security.Key;
@@ -23,11 +23,11 @@
*
* @hide
*/
-public class KeyStoreKey implements Key {
+public class AndroidKeyStoreKey implements Key {
private final String mAlias;
private final String mAlgorithm;
- public KeyStoreKey(String alias, String algorithm) {
+ public AndroidKeyStoreKey(String alias, String algorithm) {
mAlias = alias;
mAlgorithm = algorithm;
}
diff --git a/keystore/java/android/security/KeyStoreKeyGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
similarity index 96%
rename from keystore/java/android/security/KeyStoreKeyGeneratorSpi.java
rename to keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
index feec00f..0821bf5 100644
--- a/keystore/java/android/security/KeyStoreKeyGeneratorSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
@@ -14,8 +14,10 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
+import android.security.Credentials;
+import android.security.KeyStore;
import android.security.keymaster.KeyCharacteristics;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.KeymasterDefs;
@@ -39,9 +41,9 @@
*
* @hide
*/
-public abstract class KeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
+public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
- public static class AES extends KeyStoreKeyGeneratorSpi {
+ public static class AES extends AndroidKeyStoreKeyGeneratorSpi {
public AES() {
super(KeymasterDefs.KM_ALGORITHM_AES, 128);
}
@@ -58,7 +60,7 @@
}
}
- protected static abstract class HmacBase extends KeyStoreKeyGeneratorSpi {
+ protected static abstract class HmacBase extends AndroidKeyStoreKeyGeneratorSpi {
protected HmacBase(int keymasterDigest) {
super(KeymasterDefs.KM_ALGORITHM_HMAC,
keymasterDigest,
@@ -110,13 +112,13 @@
private int[] mKeymasterPaddings;
private int[] mKeymasterDigests;
- protected KeyStoreKeyGeneratorSpi(
+ protected AndroidKeyStoreKeyGeneratorSpi(
int keymasterAlgorithm,
int defaultKeySizeBits) {
this(keymasterAlgorithm, -1, defaultKeySizeBits);
}
- protected KeyStoreKeyGeneratorSpi(
+ protected AndroidKeyStoreKeyGeneratorSpi(
int keymasterAlgorithm,
int keymasterDigest,
int defaultKeySizeBits) {
@@ -314,6 +316,6 @@
} catch (IllegalArgumentException e) {
throw new ProviderException("Failed to obtain JCA secret key algorithm name", e);
}
- return new KeyStoreSecretKey(keyAliasInKeystore, keyAlgorithmJCA);
+ return new AndroidKeyStoreSecretKey(keyAliasInKeystore, keyAlgorithmJCA);
}
}
diff --git a/keystore/java/android/security/AndroidKeyStoreProvider.java b/keystore/java/android/security/keystore/AndroidKeyStoreProvider.java
similarity index 84%
rename from keystore/java/android/security/AndroidKeyStoreProvider.java
rename to keystore/java/android/security/keystore/AndroidKeyStoreProvider.java
index 257ab54..b20a122 100644
--- a/keystore/java/android/security/AndroidKeyStoreProvider.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreProvider.java
@@ -14,7 +14,9 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
+
+import android.security.KeyStore;
import java.security.Provider;
import java.security.Security;
@@ -38,25 +40,25 @@
// Instead, they need to be offered by AndroidKeyStoreBCWorkaroundProvider. See its Javadoc
// for details.
- private static final String PACKAGE_NAME = "android.security";
+ private static final String PACKAGE_NAME = "android.security.keystore";
public AndroidKeyStoreProvider() {
super(PROVIDER_NAME, 1.0, "Android KeyStore security provider");
// java.security.KeyStore
- put("KeyStore.AndroidKeyStore", PACKAGE_NAME + ".AndroidKeyStore");
+ put("KeyStore.AndroidKeyStore", PACKAGE_NAME + ".AndroidKeyStoreSpi");
// java.security.KeyPairGenerator
- put("KeyPairGenerator.EC", PACKAGE_NAME + ".AndroidKeyPairGenerator$EC");
- put("KeyPairGenerator.RSA", PACKAGE_NAME + ".AndroidKeyPairGenerator$RSA");
+ put("KeyPairGenerator.EC", PACKAGE_NAME + ".AndroidKeyPairGeneratorSpi$EC");
+ put("KeyPairGenerator.RSA", PACKAGE_NAME + ".AndroidKeyPairGeneratorSpi$RSA");
// javax.crypto.KeyGenerator
- put("KeyGenerator.AES", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$AES");
- put("KeyGenerator.HmacSHA1", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$HmacSHA1");
- put("KeyGenerator.HmacSHA224", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$HmacSHA224");
- put("KeyGenerator.HmacSHA256", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$HmacSHA256");
- put("KeyGenerator.HmacSHA384", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$HmacSHA384");
- put("KeyGenerator.HmacSHA512", PACKAGE_NAME + ".KeyStoreKeyGeneratorSpi$HmacSHA512");
+ put("KeyGenerator.AES", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$AES");
+ put("KeyGenerator.HmacSHA1", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$HmacSHA1");
+ put("KeyGenerator.HmacSHA224", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$HmacSHA224");
+ put("KeyGenerator.HmacSHA256", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$HmacSHA256");
+ put("KeyGenerator.HmacSHA384", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$HmacSHA384");
+ put("KeyGenerator.HmacSHA512", PACKAGE_NAME + ".AndroidKeyStoreKeyGeneratorSpi$HmacSHA512");
// java.security.SecretKeyFactory
putSecretKeyFactoryImpl("AES");
@@ -95,7 +97,7 @@
}
private void putSecretKeyFactoryImpl(String algorithm) {
- put("SecretKeyFactory." + algorithm, PACKAGE_NAME + ".KeyStoreSecretKeyFactorySpi");
+ put("SecretKeyFactory." + algorithm, PACKAGE_NAME + ".AndroidKeyStoreSecretKeyFactorySpi");
}
/**
diff --git a/keystore/java/android/security/KeyStoreSecretKey.java b/keystore/java/android/security/keystore/AndroidKeyStoreSecretKey.java
similarity index 79%
rename from keystore/java/android/security/KeyStoreSecretKey.java
rename to keystore/java/android/security/keystore/AndroidKeyStoreSecretKey.java
index ee25465..f75516b 100644
--- a/keystore/java/android/security/KeyStoreSecretKey.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreSecretKey.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import javax.crypto.SecretKey;
@@ -23,9 +23,9 @@
*
* @hide
*/
-public class KeyStoreSecretKey extends KeyStoreKey implements SecretKey {
+public class AndroidKeyStoreSecretKey extends AndroidKeyStoreKey implements SecretKey {
- public KeyStoreSecretKey(String alias, String algorithm) {
+ public AndroidKeyStoreSecretKey(String alias, String algorithm) {
super(alias, algorithm);
}
}
diff --git a/keystore/java/android/security/KeyStoreSecretKeyFactorySpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java
similarity index 95%
rename from keystore/java/android/security/KeyStoreSecretKeyFactorySpi.java
rename to keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java
index 618ba47..455f170 100644
--- a/keystore/java/android/security/KeyStoreSecretKeyFactorySpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java
@@ -14,12 +14,12 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
+import android.security.Credentials;
+import android.security.KeyStore;
import android.security.keymaster.KeyCharacteristics;
import android.security.keymaster.KeymasterDefs;
-import android.security.keystore.KeyInfo;
-import android.security.keystore.KeyProperties;
import libcore.util.EmptyArray;
@@ -39,7 +39,7 @@
*
* @hide
*/
-public class KeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi {
+public class AndroidKeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi {
private final KeyStore mKeyStore = KeyStore.getInstance();
@@ -49,7 +49,7 @@
if (keySpecClass == null) {
throw new InvalidKeySpecException("keySpecClass == null");
}
- if (!(key instanceof KeyStoreSecretKey)) {
+ if (!(key instanceof AndroidKeyStoreSecretKey)) {
throw new InvalidKeySpecException("Only Android KeyStore secret keys supported: " +
((key != null) ? key.getClass().getName() : "null"));
}
@@ -60,7 +60,7 @@
if (!KeyInfo.class.equals(keySpecClass)) {
throw new InvalidKeySpecException("Unsupported key spec: " + keySpecClass.getName());
}
- String keyAliasInKeystore = ((KeyStoreSecretKey) key).getAlias();
+ String keyAliasInKeystore = ((AndroidKeyStoreSecretKey) key).getAlias();
String entryAlias;
if (keyAliasInKeystore.startsWith(Credentials.USER_SECRET_KEY)) {
entryAlias = keyAliasInKeystore.substring(Credentials.USER_SECRET_KEY.length());
diff --git a/keystore/java/android/security/AndroidKeyStore.java b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
similarity index 98%
rename from keystore/java/android/security/AndroidKeyStore.java
rename to keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
index 69bf877..d6145a3 100644
--- a/keystore/java/android/security/AndroidKeyStore.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
@@ -14,13 +14,15 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import com.android.org.conscrypt.OpenSSLEngine;
import com.android.org.conscrypt.OpenSSLKeyHolder;
import libcore.util.EmptyArray;
+import android.security.Credentials;
+import android.security.KeyStoreParameter;
import android.security.keymaster.KeyCharacteristics;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.KeymasterDefs;
@@ -81,7 +83,7 @@
*
* @hide
*/
-public class AndroidKeyStore extends KeyStoreSpi {
+public class AndroidKeyStoreSpi extends KeyStoreSpi {
public static final String NAME = "AndroidKeyStore";
private android.security.KeyStore mKeyStore;
@@ -140,7 +142,7 @@
new UnrecoverableKeyException("Unsupported secret key type").initCause(e);
}
- return new KeyStoreSecretKey(keyAliasInKeystore, keyAlgorithmString);
+ return new AndroidKeyStoreSecretKey(keyAliasInKeystore, keyAlgorithmString);
}
return null;
@@ -476,10 +478,10 @@
}
KeyProtection params = (KeyProtection) param;
- if (key instanceof KeyStoreSecretKey) {
+ if (key instanceof AndroidKeyStoreSecretKey) {
// KeyStore-backed secret key. It cannot be duplicated into another entry and cannot
// overwrite its own entry.
- String keyAliasInKeystore = ((KeyStoreSecretKey) key).getAlias();
+ String keyAliasInKeystore = ((AndroidKeyStoreSecretKey) key).getAlias();
if (keyAliasInKeystore == null) {
throw new KeyStoreException("KeyStore-backed secret key does not have an alias");
}
diff --git a/keystore/java/android/security/ArrayUtils.java b/keystore/java/android/security/keystore/ArrayUtils.java
similarity index 74%
rename from keystore/java/android/security/ArrayUtils.java
rename to keystore/java/android/security/keystore/ArrayUtils.java
index 71b99d0..81be3848 100644
--- a/keystore/java/android/security/ArrayUtils.java
+++ b/keystore/java/android/security/keystore/ArrayUtils.java
@@ -1,4 +1,20 @@
-package android.security;
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security.keystore;
import libcore.util.EmptyArray;
diff --git a/keystore/java/android/security/keystore/KeyGenParameterSpec.java b/keystore/java/android/security/keystore/KeyGenParameterSpec.java
index fa3b1cb..f598482 100644
--- a/keystore/java/android/security/keystore/KeyGenParameterSpec.java
+++ b/keystore/java/android/security/keystore/KeyGenParameterSpec.java
@@ -21,7 +21,6 @@
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.text.TextUtils;
-import android.security.ArrayUtils;
import android.security.KeyStore;
import java.math.BigInteger;
diff --git a/keystore/java/android/security/keystore/KeyInfo.java b/keystore/java/android/security/keystore/KeyInfo.java
index aec2512..e4f921e 100644
--- a/keystore/java/android/security/keystore/KeyInfo.java
+++ b/keystore/java/android/security/keystore/KeyInfo.java
@@ -18,7 +18,6 @@
import android.annotation.NonNull;
import android.annotation.Nullable;
-import android.security.ArrayUtils;
import java.security.PrivateKey;
import java.security.spec.KeySpec;
diff --git a/keystore/java/android/security/keystore/KeyProtection.java b/keystore/java/android/security/keystore/KeyProtection.java
index 113159d..48fdd98 100644
--- a/keystore/java/android/security/keystore/KeyProtection.java
+++ b/keystore/java/android/security/keystore/KeyProtection.java
@@ -20,8 +20,6 @@
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.app.KeyguardManager;
-import android.content.Context;
-import android.security.ArrayUtils;
import android.security.KeyStore;
import java.security.Key;
diff --git a/keystore/java/android/security/KeyStoreConnectException.java b/keystore/java/android/security/keystore/KeyStoreConnectException.java
similarity index 96%
rename from keystore/java/android/security/KeyStoreConnectException.java
rename to keystore/java/android/security/keystore/KeyStoreConnectException.java
index 885f1f7..e008976 100644
--- a/keystore/java/android/security/KeyStoreConnectException.java
+++ b/keystore/java/android/security/keystore/KeyStoreConnectException.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import java.security.ProviderException;
diff --git a/keystore/java/android/security/KeyStoreCryptoOperation.java b/keystore/java/android/security/keystore/KeyStoreCryptoOperation.java
similarity index 92%
rename from keystore/java/android/security/KeyStoreCryptoOperation.java
rename to keystore/java/android/security/keystore/KeyStoreCryptoOperation.java
index c5cf211..2c709ae 100644
--- a/keystore/java/android/security/KeyStoreCryptoOperation.java
+++ b/keystore/java/android/security/keystore/KeyStoreCryptoOperation.java
@@ -14,7 +14,9 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
+
+import android.security.KeyStore;
/**
* Cryptographic operation backed by {@link KeyStore}.
diff --git a/keystore/java/android/security/KeyStoreCryptoOperationChunkedStreamer.java b/keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java
similarity index 98%
rename from keystore/java/android/security/KeyStoreCryptoOperationChunkedStreamer.java
rename to keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java
index 0619199..7d57e5f 100644
--- a/keystore/java/android/security/KeyStoreCryptoOperationChunkedStreamer.java
+++ b/keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java
@@ -14,9 +14,11 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import android.os.IBinder;
+import android.security.KeyStore;
+import android.security.KeyStoreException;
import android.security.keymaster.OperationResult;
import libcore.util.EmptyArray;
diff --git a/keystore/java/android/security/KeyStoreCryptoOperationUtils.java b/keystore/java/android/security/keystore/KeyStoreCryptoOperationUtils.java
similarity index 92%
rename from keystore/java/android/security/KeyStoreCryptoOperationUtils.java
rename to keystore/java/android/security/keystore/KeyStoreCryptoOperationUtils.java
index c9bdd41..6ae76f1 100644
--- a/keystore/java/android/security/KeyStoreCryptoOperationUtils.java
+++ b/keystore/java/android/security/keystore/KeyStoreCryptoOperationUtils.java
@@ -14,10 +14,10 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
+import android.security.KeyStore;
import android.security.keymaster.KeymasterDefs;
-import android.security.keystore.UserNotAuthenticatedException;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
@@ -41,7 +41,7 @@
* the {@code init} method should succeed.
*/
static InvalidKeyException getInvalidKeyExceptionForInit(
- KeyStore keyStore, KeyStoreKey key, int beginOpResultCode) {
+ KeyStore keyStore, AndroidKeyStoreKey key, int beginOpResultCode) {
if (beginOpResultCode == KeyStore.NO_ERROR) {
return null;
}
@@ -69,8 +69,8 @@
* in response to {@code KeyStore.begin} operation or {@code null} if the {@code init} method
* should succeed.
*/
- static GeneralSecurityException getExceptionForCipherInit(
- KeyStore keyStore, KeyStoreKey key, int beginOpResultCode) {
+ public static GeneralSecurityException getExceptionForCipherInit(
+ KeyStore keyStore, AndroidKeyStoreKey key, int beginOpResultCode) {
if (beginOpResultCode == KeyStore.NO_ERROR) {
return null;
}
diff --git a/keystore/java/android/security/KeymasterUtils.java b/keystore/java/android/security/keystore/KeymasterUtils.java
similarity index 97%
rename from keystore/java/android/security/KeymasterUtils.java
rename to keystore/java/android/security/keystore/KeymasterUtils.java
index 0f8f190..e7529e1 100644
--- a/keystore/java/android/security/KeymasterUtils.java
+++ b/keystore/java/android/security/keystore/KeymasterUtils.java
@@ -14,9 +14,11 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import android.hardware.fingerprint.FingerprintManager;
+import android.security.GateKeeper;
+import android.security.KeyStore;
import android.security.keymaster.KeymasterArguments;
import android.security.keymaster.KeymasterDefs;
diff --git a/keystore/tests/src/android/security/AndroidKeyPairGeneratorTest.java b/keystore/tests/src/android/security/keystore/AndroidKeyPairGeneratorTest.java
similarity index 98%
rename from keystore/tests/src/android/security/AndroidKeyPairGeneratorTest.java
rename to keystore/tests/src/android/security/keystore/AndroidKeyPairGeneratorTest.java
index 9c2f358..cad4e54 100644
--- a/keystore/tests/src/android/security/AndroidKeyPairGeneratorTest.java
+++ b/keystore/tests/src/android/security/keystore/AndroidKeyPairGeneratorTest.java
@@ -14,8 +14,10 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
+import android.security.Credentials;
+import android.security.KeyPairGeneratorSpec;
import android.test.AndroidTestCase;
import java.io.ByteArrayInputStream;
diff --git a/keystore/tests/src/android/security/AndroidKeyStoreTest.java b/keystore/tests/src/android/security/keystore/AndroidKeyStoreTest.java
similarity index 99%
rename from keystore/tests/src/android/security/AndroidKeyStoreTest.java
rename to keystore/tests/src/android/security/keystore/AndroidKeyStoreTest.java
index 4b2b9b5..2d4e4a0 100644
--- a/keystore/tests/src/android/security/AndroidKeyStoreTest.java
+++ b/keystore/tests/src/android/security/keystore/AndroidKeyStoreTest.java
@@ -14,13 +14,16 @@
* limitations under the License.
*/
-package android.security;
+package android.security.keystore;
import com.android.org.bouncycastle.x509.X509V3CertificateGenerator;
import com.android.org.conscrypt.NativeConstants;
import com.android.org.conscrypt.OpenSSLEngine;
+import android.security.Credentials;
+import android.security.KeyStore;
+import android.security.KeyStoreParameter;
import android.test.AndroidTestCase;
import java.io.ByteArrayInputStream;
@@ -1319,9 +1322,9 @@
}
public void testKeyStore_GetType_Encrypted_Success() throws Exception {
- assertEquals(AndroidKeyStore.NAME, mKeyStore.getType());
+ assertEquals(AndroidKeyStoreSpi.NAME, mKeyStore.getType());
setupPassword();
- assertEquals(AndroidKeyStore.NAME, mKeyStore.getType());
+ assertEquals(AndroidKeyStoreSpi.NAME, mKeyStore.getType());
}
public void testKeyStore_IsCertificateEntry_CA_Encrypted_Success() throws Exception {
diff --git a/preloaded-classes b/preloaded-classes
index d2ed762..41a8857 100644
--- a/preloaded-classes
+++ b/preloaded-classes
@@ -1152,8 +1152,8 @@
android.provider.Settings$System
android.provider.Telephony$Mms
android.renderscript.RenderScript
-android.security.AndroidKeyStoreBCWorkaroundProvider
-android.security.AndroidKeyStoreProvider
+android.security.keystore.AndroidKeyStoreBCWorkaroundProvider
+android.security.keystore.AndroidKeyStoreProvider
android.speech.tts.TextToSpeechService
android.speech.tts.TextToSpeechService$SpeechItemV1
android.speech.tts.TextToSpeechService$SynthesisSpeechItemV1