Example 11 with KeyStoreException
use of android.security.KeyStoreException in project android_frameworks_base by crdroidandroid.
the class AndroidKeyStoreHmacSpi method engineDoFinal.
@Override
protected byte[] engineDoFinal() {
try {
ensureKeystoreOperationInitialized();
} catch (InvalidKeyException e) {
throw new ProviderException("Failed to reinitialize MAC", e);
}
byte[] result;
try {
result = mChunkedStreamer.doFinal(null, 0, 0, // no signature provided -- this invocation will generate one
null, // no additional entropy needed -- HMAC is deterministic
null);
} catch (KeyStoreException e) {
throw new ProviderException("Keystore operation failed", e);
}
resetWhilePreservingInitState();
return result;
}
Also used :
ProviderException(java.security.ProviderException)
KeyStoreException(android.security.KeyStoreException)
InvalidKeyException(java.security.InvalidKeyException)
Example 12 with KeyStoreException
use of android.security.KeyStoreException in project android_frameworks_base by crdroidandroid.
the class AndroidKeyStoreCipherSpiBase method engineDoFinal.
@Override
protected final byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) throws IllegalBlockSizeException, BadPaddingException {
if (mCachedException != null) {
throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(mCachedException);
}
try {
ensureKeystoreOperationInitialized();
} catch (InvalidKeyException | InvalidAlgorithmParameterException e) {
throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
}
byte[] output;
try {
flushAAD();
byte[] additionalEntropy = KeyStoreCryptoOperationUtils.getRandomBytesToMixIntoKeystoreRng(mRng, getAdditionalEntropyAmountForFinish());
output = mMainDataStreamer.doFinal(input, inputOffset, inputLen, // no signature involved
null, additionalEntropy);
} catch (KeyStoreException e) {
switch(e.getErrorCode()) {
case KeymasterDefs.KM_ERROR_INVALID_INPUT_LENGTH:
throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
case KeymasterDefs.KM_ERROR_INVALID_ARGUMENT:
throw (BadPaddingException) new BadPaddingException().initCause(e);
case KeymasterDefs.KM_ERROR_VERIFICATION_FAILED:
throw (AEADBadTagException) new AEADBadTagException().initCause(e);
default:
throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
}
}
resetWhilePreservingInitState();
return output;
}
Also used :
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException)
KeyStoreException(android.security.KeyStoreException)
BadPaddingException(javax.crypto.BadPaddingException)
InvalidKeyException(java.security.InvalidKeyException)
AEADBadTagException(javax.crypto.AEADBadTagException)
Example 13 with KeyStoreException
use of android.security.KeyStoreException in project platform_frameworks_base by android.
the class AndroidKeyStoreSignatureSpiBase method engineVerify.
@Override
protected final boolean engineVerify(byte[] signature) throws SignatureException {
if (mCachedException != null) {
throw new SignatureException(mCachedException);
}
try {
ensureKeystoreOperationInitialized();
} catch (InvalidKeyException e) {
throw new SignatureException(e);
}
boolean verified;
try {
byte[] output = mMessageStreamer.doFinal(EmptyArray.BYTE, 0, 0, signature, // no additional entropy needed -- verification is deterministic
null);
if (output.length != 0) {
throw new ProviderException("Signature verification unexpected produced output: " + output.length + " bytes");
}
verified = true;
} catch (KeyStoreException e) {
switch(e.getErrorCode()) {
case KeymasterDefs.KM_ERROR_VERIFICATION_FAILED:
verified = false;
break;
default:
throw new SignatureException(e);
}
}
resetWhilePreservingInitState();
return verified;
}
Also used :
ProviderException(java.security.ProviderException)
SignatureException(java.security.SignatureException)
KeyStoreException(android.security.KeyStoreException)
InvalidKeyException(java.security.InvalidKeyException)
Example 14 with KeyStoreException
use of android.security.KeyStoreException in project platform_frameworks_base by android.
the class KeyStoreCryptoOperationChunkedStreamer method update.
@Override
public byte[] update(byte[] input, int inputOffset, int inputLength) throws KeyStoreException {
if (inputLength == 0) {
// No input provided
return EmptyArray.BYTE;
}
ByteArrayOutputStream bufferedOutput = null;
while (inputLength > 0) {
byte[] chunk;
int inputBytesInChunk;
if ((mBufferedLength + inputLength) > mMaxChunkSize) {
// Too much input for one chunk -- extract one max-sized chunk and feed it into the
// update operation.
inputBytesInChunk = mMaxChunkSize - mBufferedLength;
chunk = ArrayUtils.concat(mBuffered, mBufferedOffset, mBufferedLength, input, inputOffset, inputBytesInChunk);
} else {
// All of available input fits into one chunk.
if ((mBufferedLength == 0) && (inputOffset == 0) && (inputLength == input.length)) {
// Nothing buffered and all of input array needs to be fed into the update
// operation.
chunk = input;
inputBytesInChunk = input.length;
} else {
// Need to combine buffered data with input data into one array.
inputBytesInChunk = inputLength;
chunk = ArrayUtils.concat(mBuffered, mBufferedOffset, mBufferedLength, input, inputOffset, inputBytesInChunk);
}
}
// Update input array references to reflect that some of its bytes are now in mBuffered.
inputOffset += inputBytesInChunk;
inputLength -= inputBytesInChunk;
mConsumedInputSizeBytes += inputBytesInChunk;
OperationResult opResult = mKeyStoreStream.update(chunk);
if (opResult == null) {
throw new KeyStoreConnectException();
} else if (opResult.resultCode != KeyStore.NO_ERROR) {
throw KeyStore.getKeyStoreException(opResult.resultCode);
}
if (opResult.inputConsumed == chunk.length) {
// The whole chunk was consumed
mBuffered = EmptyArray.BYTE;
mBufferedOffset = 0;
mBufferedLength = 0;
} else if (opResult.inputConsumed <= 0) {
// Nothing was consumed. More input needed.
if (inputLength > 0) {
// Shouldn't have happened.
throw new KeyStoreException(KeymasterDefs.KM_ERROR_UNKNOWN_ERROR, "Keystore consumed nothing from max-sized chunk: " + chunk.length + " bytes");
}
mBuffered = chunk;
mBufferedOffset = 0;
mBufferedLength = chunk.length;
} else if (opResult.inputConsumed < chunk.length) {
// The chunk was consumed only partially -- buffer the rest of the chunk
mBuffered = chunk;
mBufferedOffset = opResult.inputConsumed;
mBufferedLength = chunk.length - opResult.inputConsumed;
} else {
throw new KeyStoreException(KeymasterDefs.KM_ERROR_UNKNOWN_ERROR, "Keystore consumed more input than provided. Provided: " + chunk.length + ", consumed: " + opResult.inputConsumed);
}
if ((opResult.output != null) && (opResult.output.length > 0)) {
if (inputLength > 0) {
// More output might be produced in this loop -- buffer the current output
if (bufferedOutput == null) {
bufferedOutput = new ByteArrayOutputStream();
try {
bufferedOutput.write(opResult.output);
} catch (IOException e) {
throw new ProviderException("Failed to buffer output", e);
}
}
} else {
// No more output will be produced in this loop
byte[] result;
if (bufferedOutput == null) {
// No previously buffered output
result = opResult.output;
} else {
// There was some previously buffered output
try {
bufferedOutput.write(opResult.output);
} catch (IOException e) {
throw new ProviderException("Failed to buffer output", e);
}
result = bufferedOutput.toByteArray();
}
mProducedOutputSizeBytes += result.length;
return result;
}
}
}
byte[] result;
if (bufferedOutput == null) {
// No output produced
result = EmptyArray.BYTE;
} else {
result = bufferedOutput.toByteArray();
}
mProducedOutputSizeBytes += result.length;
return result;
}
Also used :
ProviderException(java.security.ProviderException)
OperationResult(android.security.keymaster.OperationResult)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
KeyStoreException(android.security.KeyStoreException)
IOException(java.io.IOException)
Example 15 with KeyStoreException
use of android.security.KeyStoreException in project platform_frameworks_base by android.
the class KeyStoreCryptoOperationChunkedStreamer method flush.
public byte[] flush() throws KeyStoreException {
if (mBufferedLength <= 0) {
return EmptyArray.BYTE;
}
// Keep invoking the update operation with remaining buffered data until either all of the
// buffered data is consumed or until update fails to consume anything.
ByteArrayOutputStream bufferedOutput = null;
while (mBufferedLength > 0) {
byte[] chunk = ArrayUtils.subarray(mBuffered, mBufferedOffset, mBufferedLength);
OperationResult opResult = mKeyStoreStream.update(chunk);
if (opResult == null) {
throw new KeyStoreConnectException();
} else if (opResult.resultCode != KeyStore.NO_ERROR) {
throw KeyStore.getKeyStoreException(opResult.resultCode);
}
if (opResult.inputConsumed <= 0) {
// Nothing was consumed. Break out of the loop to avoid an infinite loop.
break;
}
if (opResult.inputConsumed >= chunk.length) {
// All of the input was consumed
mBuffered = EmptyArray.BYTE;
mBufferedOffset = 0;
mBufferedLength = 0;
} else {
// Some of the input was not consumed
mBuffered = chunk;
mBufferedOffset = opResult.inputConsumed;
mBufferedLength = chunk.length - opResult.inputConsumed;
}
if (opResult.inputConsumed > chunk.length) {
throw new KeyStoreException(KeymasterDefs.KM_ERROR_UNKNOWN_ERROR, "Keystore consumed more input than provided. Provided: " + chunk.length + ", consumed: " + opResult.inputConsumed);
}
if ((opResult.output != null) && (opResult.output.length > 0)) {
// Some output was produced by this update operation
if (bufferedOutput == null) {
// No output buffered yet.
if (mBufferedLength == 0) {
// No more output will be produced by this flush operation
mProducedOutputSizeBytes += opResult.output.length;
return opResult.output;
} else {
// More output might be produced by this flush operation -- buffer output.
bufferedOutput = new ByteArrayOutputStream();
}
}
// Buffer the output from this update operation
try {
bufferedOutput.write(opResult.output);
} catch (IOException e) {
throw new ProviderException("Failed to buffer output", e);
}
}
}
if (mBufferedLength > 0) {
throw new KeyStoreException(KeymasterDefs.KM_ERROR_INVALID_INPUT_LENGTH, "Keystore failed to consume last " + ((mBufferedLength != 1) ? (mBufferedLength + " bytes") : "byte") + " of input");
}
byte[] result = (bufferedOutput != null) ? bufferedOutput.toByteArray() : EmptyArray.BYTE;
mProducedOutputSizeBytes += result.length;
return result;
}
Also used :
ProviderException(java.security.ProviderException)
OperationResult(android.security.keymaster.OperationResult)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
KeyStoreException(android.security.KeyStoreException)
IOException(java.io.IOException)
Aggregations
KeyStoreException (android.security.KeyStoreException)30
InvalidKeyException (java.security.InvalidKeyException)20
ProviderException (java.security.ProviderException)20
OperationResult (android.security.keymaster.OperationResult)10
ByteArrayOutputStream (java.io.ByteArrayOutputStream)10
IOException (java.io.IOException)10
SignatureException (java.security.SignatureException)10
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)5
AEADBadTagException (javax.crypto.AEADBadTagException)5
BadPaddingException (javax.crypto.BadPaddingException)5
IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)5
