Search in sources :

Example 1 with KeyStoreException

use of android.security.KeyStoreException in project platform_frameworks_base by android.

the class AndroidKeyStoreSignatureSpiBase method engineSign.

@Override
protected final byte[] engineSign() throws SignatureException {
    if (mCachedException != null) {
        throw new SignatureException(mCachedException);
    }
    byte[] signature;
    try {
        ensureKeystoreOperationInitialized();
        byte[] additionalEntropy = KeyStoreCryptoOperationUtils.getRandomBytesToMixIntoKeystoreRng(appRandom, getAdditionalEntropyAmountForSign());
        signature = mMessageStreamer.doFinal(EmptyArray.BYTE, 0, 0, // no signature provided -- it'll be generated by this invocation
        null, additionalEntropy);
    } catch (InvalidKeyException | KeyStoreException e) {
        throw new SignatureException(e);
    }
    resetWhilePreservingInitState();
    return signature;
}
Also used : SignatureException(java.security.SignatureException) KeyStoreException(android.security.KeyStoreException) InvalidKeyException(java.security.InvalidKeyException)

Example 2 with KeyStoreException

use of android.security.KeyStoreException in project platform_frameworks_base by android.

the class AndroidKeyStoreCipherSpiBase method engineDoFinal.

@Override
protected final byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) throws IllegalBlockSizeException, BadPaddingException {
    if (mCachedException != null) {
        throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(mCachedException);
    }
    try {
        ensureKeystoreOperationInitialized();
    } catch (InvalidKeyException | InvalidAlgorithmParameterException e) {
        throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
    }
    byte[] output;
    try {
        flushAAD();
        byte[] additionalEntropy = KeyStoreCryptoOperationUtils.getRandomBytesToMixIntoKeystoreRng(mRng, getAdditionalEntropyAmountForFinish());
        output = mMainDataStreamer.doFinal(input, inputOffset, inputLen, // no signature involved
        null, additionalEntropy);
    } catch (KeyStoreException e) {
        switch(e.getErrorCode()) {
            case KeymasterDefs.KM_ERROR_INVALID_INPUT_LENGTH:
                throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
            case KeymasterDefs.KM_ERROR_INVALID_ARGUMENT:
                throw (BadPaddingException) new BadPaddingException().initCause(e);
            case KeymasterDefs.KM_ERROR_VERIFICATION_FAILED:
                throw (AEADBadTagException) new AEADBadTagException().initCause(e);
            default:
                throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
        }
    }
    resetWhilePreservingInitState();
    return output;
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) KeyStoreException(android.security.KeyStoreException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) AEADBadTagException(javax.crypto.AEADBadTagException)

Example 3 with KeyStoreException

use of android.security.KeyStoreException in project platform_frameworks_base by android.

the class AndroidKeyStoreHmacSpi method engineDoFinal.

@Override
protected byte[] engineDoFinal() {
    try {
        ensureKeystoreOperationInitialized();
    } catch (InvalidKeyException e) {
        throw new ProviderException("Failed to reinitialize MAC", e);
    }
    byte[] result;
    try {
        result = mChunkedStreamer.doFinal(null, 0, 0, // no signature provided -- this invocation will generate one
        null, // no additional entropy needed -- HMAC is deterministic
        null);
    } catch (KeyStoreException e) {
        throw new ProviderException("Keystore operation failed", e);
    }
    resetWhilePreservingInitState();
    return result;
}
Also used : ProviderException(java.security.ProviderException) KeyStoreException(android.security.KeyStoreException) InvalidKeyException(java.security.InvalidKeyException)

Example 4 with KeyStoreException

use of android.security.KeyStoreException in project android_frameworks_base by DirtyUnicorns.

the class AndroidKeyStoreSignatureSpiBase method engineSign.

@Override
protected final byte[] engineSign() throws SignatureException {
    if (mCachedException != null) {
        throw new SignatureException(mCachedException);
    }
    byte[] signature;
    try {
        ensureKeystoreOperationInitialized();
        byte[] additionalEntropy = KeyStoreCryptoOperationUtils.getRandomBytesToMixIntoKeystoreRng(appRandom, getAdditionalEntropyAmountForSign());
        signature = mMessageStreamer.doFinal(EmptyArray.BYTE, 0, 0, // no signature provided -- it'll be generated by this invocation
        null, additionalEntropy);
    } catch (InvalidKeyException | KeyStoreException e) {
        throw new SignatureException(e);
    }
    resetWhilePreservingInitState();
    return signature;
}
Also used : SignatureException(java.security.SignatureException) KeyStoreException(android.security.KeyStoreException) InvalidKeyException(java.security.InvalidKeyException)

Example 5 with KeyStoreException

use of android.security.KeyStoreException in project android_frameworks_base by DirtyUnicorns.

the class KeyStoreCryptoOperationChunkedStreamer method flush.

public byte[] flush() throws KeyStoreException {
    if (mBufferedLength <= 0) {
        return EmptyArray.BYTE;
    }
    // Keep invoking the update operation with remaining buffered data until either all of the
    // buffered data is consumed or until update fails to consume anything.
    ByteArrayOutputStream bufferedOutput = null;
    while (mBufferedLength > 0) {
        byte[] chunk = ArrayUtils.subarray(mBuffered, mBufferedOffset, mBufferedLength);
        OperationResult opResult = mKeyStoreStream.update(chunk);
        if (opResult == null) {
            throw new KeyStoreConnectException();
        } else if (opResult.resultCode != KeyStore.NO_ERROR) {
            throw KeyStore.getKeyStoreException(opResult.resultCode);
        }
        if (opResult.inputConsumed <= 0) {
            // Nothing was consumed. Break out of the loop to avoid an infinite loop.
            break;
        }
        if (opResult.inputConsumed >= chunk.length) {
            // All of the input was consumed
            mBuffered = EmptyArray.BYTE;
            mBufferedOffset = 0;
            mBufferedLength = 0;
        } else {
            // Some of the input was not consumed
            mBuffered = chunk;
            mBufferedOffset = opResult.inputConsumed;
            mBufferedLength = chunk.length - opResult.inputConsumed;
        }
        if (opResult.inputConsumed > chunk.length) {
            throw new KeyStoreException(KeymasterDefs.KM_ERROR_UNKNOWN_ERROR, "Keystore consumed more input than provided. Provided: " + chunk.length + ", consumed: " + opResult.inputConsumed);
        }
        if ((opResult.output != null) && (opResult.output.length > 0)) {
            // Some output was produced by this update operation
            if (bufferedOutput == null) {
                // No output buffered yet.
                if (mBufferedLength == 0) {
                    // No more output will be produced by this flush operation
                    mProducedOutputSizeBytes += opResult.output.length;
                    return opResult.output;
                } else {
                    // More output might be produced by this flush operation -- buffer output.
                    bufferedOutput = new ByteArrayOutputStream();
                }
            }
            // Buffer the output from this update operation
            try {
                bufferedOutput.write(opResult.output);
            } catch (IOException e) {
                throw new ProviderException("Failed to buffer output", e);
            }
        }
    }
    if (mBufferedLength > 0) {
        throw new KeyStoreException(KeymasterDefs.KM_ERROR_INVALID_INPUT_LENGTH, "Keystore failed to consume last " + ((mBufferedLength != 1) ? (mBufferedLength + " bytes") : "byte") + " of input");
    }
    byte[] result = (bufferedOutput != null) ? bufferedOutput.toByteArray() : EmptyArray.BYTE;
    mProducedOutputSizeBytes += result.length;
    return result;
}
Also used : ProviderException(java.security.ProviderException) OperationResult(android.security.keymaster.OperationResult) ByteArrayOutputStream(java.io.ByteArrayOutputStream) KeyStoreException(android.security.KeyStoreException) IOException(java.io.IOException)

Aggregations

KeyStoreException (android.security.KeyStoreException)30 InvalidKeyException (java.security.InvalidKeyException)20 ProviderException (java.security.ProviderException)20 OperationResult (android.security.keymaster.OperationResult)10 ByteArrayOutputStream (java.io.ByteArrayOutputStream)10 IOException (java.io.IOException)10 SignatureException (java.security.SignatureException)10 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)5 AEADBadTagException (javax.crypto.AEADBadTagException)5 BadPaddingException (javax.crypto.BadPaddingException)5 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)5