Examples with KeyStore android.security.KeyStore used on opensource projects

Search in sources :

Example 1 with KeyStore

use of android.security.KeyStore in project android_frameworks_base by ResurrectionRemix.

the class LockSettingsService method removeUser.

private void removeUser(int userId, boolean unknownUser) {
    mStorage.removeUser(userId);
    mStrongAuth.removeUser(userId);
    final KeyStore ks = KeyStore.getInstance();
    ks.onUserRemoved(userId);
    try {
        final IGateKeeperService gk = getGateKeeperService();
        if (gk != null) {
            gk.clearSecureUserId(userId);
        }
    } catch (RemoteException ex) {
        Slog.w(TAG, "unable to clear GK secure user id");
    }
    if (unknownUser || mUserManager.getUserInfo(userId).isManagedProfile()) {
        removeKeystoreProfileKey(userId);
    }
}
Also used : IGateKeeperService(android.service.gatekeeper.IGateKeeperService) RemoteException(android.os.RemoteException) KeyStore(android.security.KeyStore)

Example 2 with KeyStore

use of android.security.KeyStore in project android_frameworks_base by ResurrectionRemix.

the class LockSettingsService method unlockKeystore.

private void unlockKeystore(String password, int userHandle) {
    if (DEBUG)
        Slog.v(TAG, "Unlock keystore for user: " + userHandle);
    final KeyStore ks = KeyStore.getInstance();
    ks.unlock(userHandle, password);
}
Also used : KeyStore(android.security.KeyStore)

Example 3 with KeyStore

use of android.security.KeyStore in project Resurrection_packages_apps_Settings by ResurrectionRemix.

the class CertInstallerHelper method extractCertificate.

private void extractCertificate(String certFile, String password) {
    InputStream in = null;
    final byte[] raw;
    java.security.KeyStore keystore = null;
    try {
        // Read .p12 file from SDCARD and extract with password
        in = new FileInputStream(new File(Environment.getExternalStorageDirectory(), certFile));
        raw = Streams.readFully(in);
        keystore = java.security.KeyStore.getInstance("PKCS12");
        PasswordProtection passwordProtection = new PasswordProtection(password.toCharArray());
        keystore.load(new ByteArrayInputStream(raw), passwordProtection.getPassword());
        // Install certificates and private keys
        Enumeration<String> aliases = keystore.aliases();
        if (!aliases.hasMoreElements()) {
            Assert.fail("key store failed to put in keychain");
        }
        ArrayList<String> aliasesList = Collections.list(aliases);
        // The keystore is initialized for each test case, there will
        // be only one alias in the keystore
        Assert.assertEquals(1, aliasesList.size());
        String alias = aliasesList.get(0);
        java.security.KeyStore.Entry entry = keystore.getEntry(alias, passwordProtection);
        Log.d(TAG, "extracted alias = " + alias + ", entry=" + entry.getClass());
        if (entry instanceof PrivateKeyEntry) {
            Assert.assertTrue(installFrom((PrivateKeyEntry) entry));
        }
    } catch (IOException e) {
        Assert.fail("Failed to read certficate: " + e);
    } catch (KeyStoreException e) {
        Log.e(TAG, "failed to extract certificate" + e);
    } catch (NoSuchAlgorithmException e) {
        Log.e(TAG, "failed to extract certificate" + e);
    } catch (CertificateException e) {
        Log.e(TAG, "failed to extract certificate" + e);
    } catch (UnrecoverableEntryException e) {
        Log.e(TAG, "failed to extract certificate" + e);
    } finally {
        if (in != null) {
            try {
                in.close();
            } catch (IOException e) {
                Log.e(TAG, "close FileInputStream error: " + e);
            }
        }
    }
}
Also used : ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) CertificateException(java.security.cert.CertificateException) DEROctetString(com.android.org.bouncycastle.asn1.DEROctetString) IOException(java.io.IOException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStore(android.security.KeyStore) FileInputStream(java.io.FileInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) UnrecoverableEntryException(java.security.UnrecoverableEntryException) File(java.io.File) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) PasswordProtection(java.security.KeyStore.PasswordProtection)

Example 4 with KeyStore

use of android.security.KeyStore in project android_frameworks_base by DirtyUnicorns.

the class LockSettingsService method unlockKeystore.

private void unlockKeystore(String password, int userHandle) {
    if (DEBUG)
        Slog.v(TAG, "Unlock keystore for user: " + userHandle);
    final KeyStore ks = KeyStore.getInstance();
    ks.unlock(userHandle, password);
}
Also used : KeyStore(android.security.KeyStore)

Example 5 with KeyStore

use of android.security.KeyStore in project android_frameworks_base by ParanoidAndroid.

the class LockPatternUtils method saveLockPassword.

/**
     * Save a lock password.  Does not ensure that the password is as good
     * as the requested mode, but will adjust the mode to be as good as the
     * pattern.
     * @param password The password to save
     * @param quality {@see DevicePolicyManager#getPasswordQuality(android.content.ComponentName)}
     * @param isFallback Specifies if this is a fallback to biometric weak
     * @param userHandle The userId of the user to change the password for
     */
public void saveLockPassword(String password, int quality, boolean isFallback, int userHandle) {
    // Compute the hash
    final byte[] hash = passwordToHash(password);
    try {
        getLockSettings().setLockPassword(hash, userHandle);
        DevicePolicyManager dpm = getDevicePolicyManager();
        KeyStore keyStore = KeyStore.getInstance();
        if (password != null) {
            if (userHandle == UserHandle.USER_OWNER) {
                // Sync encryption password if enabled
                if (getSyncEncryptionPassword()) {
                    Log.d(TAG, "Syncing encryption password");
                    updateEncryptionPassword(password);
                } else {
                    Log.d(TAG, "Skipping encryption password sync");
                }
                // Update the keystore password
                keyStore.password(password);
            }
            int computedQuality = computePasswordQuality(password);
            if (!isFallback) {
                deleteGallery();
                setLong(PASSWORD_TYPE_KEY, Math.max(quality, computedQuality), userHandle);
                if (computedQuality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
                    int letters = 0;
                    int uppercase = 0;
                    int lowercase = 0;
                    int numbers = 0;
                    int symbols = 0;
                    int nonletter = 0;
                    for (int i = 0; i < password.length(); i++) {
                        char c = password.charAt(i);
                        if (c >= 'A' && c <= 'Z') {
                            letters++;
                            uppercase++;
                        } else if (c >= 'a' && c <= 'z') {
                            letters++;
                            lowercase++;
                        } else if (c >= '0' && c <= '9') {
                            numbers++;
                            nonletter++;
                        } else {
                            symbols++;
                            nonletter++;
                        }
                    }
                    dpm.setActivePasswordState(Math.max(quality, computedQuality), password.length(), letters, uppercase, lowercase, numbers, symbols, nonletter, userHandle);
                } else {
                    // The password is not anything.
                    dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0, userHandle);
                }
            } else {
                // Case where it's a fallback for biometric weak
                setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, userHandle);
                setLong(PASSWORD_TYPE_ALTERNATE_KEY, Math.max(quality, computedQuality), userHandle);
                finishBiometricWeak();
                dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, 0, 0, 0, 0, 0, 0, 0, userHandle);
            }
            // Add the password to the password history. We assume all
            // password
            // hashes have the same length for simplicity of implementation.
            String passwordHistory = getString(PASSWORD_HISTORY_KEY, userHandle);
            if (passwordHistory == null) {
                passwordHistory = new String();
            }
            int passwordHistoryLength = getRequestedPasswordHistoryLength();
            if (passwordHistoryLength == 0) {
                passwordHistory = "";
            } else {
                passwordHistory = new String(hash) + "," + passwordHistory;
                // Cut it to contain passwordHistoryLength hashes
                // and passwordHistoryLength -1 commas.
                passwordHistory = passwordHistory.substring(0, Math.min(hash.length * passwordHistoryLength + passwordHistoryLength - 1, passwordHistory.length()));
            }
            setString(PASSWORD_HISTORY_KEY, passwordHistory, userHandle);
        } else {
            // non-empty, we are just switching key guard type
            if (keyStore.isEmpty()) {
                keyStore.reset();
            }
            dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0, userHandle);
        }
    } catch (RemoteException re) {
        // Cant do much
        Log.e(TAG, "Unable to save lock password " + re);
    }
}
Also used : DevicePolicyManager(android.app.admin.DevicePolicyManager) RemoteException(android.os.RemoteException) KeyStore(android.security.KeyStore)

Aggregations

KeyStore (android.security.KeyStore)38 RemoteException (android.os.RemoteException)14 IOException (java.io.IOException)14 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)12 CertificateException (java.security.cert.CertificateException)12 KeyStoreException (java.security.KeyStoreException)11 Bundle (android.os.Bundle)7 VpnProfile (com.android.internal.net.VpnProfile)7 ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)7 DEROctetString (com.android.org.bouncycastle.asn1.DEROctetString)7 ByteArrayInputStream (java.io.ByteArrayInputStream)7 File (java.io.File)7 FileInputStream (java.io.FileInputStream)7 InputStream (java.io.InputStream)7 PasswordProtection (java.security.KeyStore.PasswordProtection)7 PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)7 UnrecoverableEntryException (java.security.UnrecoverableEntryException)7 IGateKeeperService (android.service.gatekeeper.IGateKeeperService)5 ByteArrayOutputStream (java.io.ByteArrayOutputStream)5 InvalidKeyException (java.security.InvalidKeyException)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial