Examples with OperationResult android.security.keymaster.OperationResult used on opensource projects
Example 41 with OperationResult
use of android.security.keymaster.OperationResult in project android_frameworks_base by DirtyUnicorns.
the class KeyStoreTest method doOperation.
private byte[] doOperation(String name, int purpose, byte[] in, KeymasterArguments beginArgs) {
OperationResult result = mKeyStore.begin(name, purpose, true, beginArgs, null);
assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode);
IBinder token = result.token;
result = mKeyStore.update(token, null, in);
assertEquals("Update should succeed", KeyStore.NO_ERROR, result.resultCode);
assertEquals("All data should be consumed", in.length, result.inputConsumed);
assertEquals("Finish should succeed", KeyStore.NO_ERROR, mKeyStore.finish(token, null, null).resultCode);
return result.output;
}
Also used :
IBinder(android.os.IBinder)
OperationResult(android.security.keymaster.OperationResult)
Example 42 with OperationResult
use of android.security.keymaster.OperationResult in project android_frameworks_base by DirtyUnicorns.
the class KeyStoreTest method testAuthNeeded.
public void testAuthNeeded() throws Exception {
String name = "test";
KeymasterArguments args = new KeymasterArguments();
args.addEnum(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT);
args.addEnum(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT);
args.addEnum(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_AES);
args.addEnum(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_PKCS7);
args.addUnsignedInt(KeymasterDefs.KM_TAG_KEY_SIZE, 256);
args.addEnum(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_ECB);
args.addEnum(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, 1);
KeyCharacteristics outCharacteristics = new KeyCharacteristics();
int rc = mKeyStore.generateKey(name, args, null, 0, outCharacteristics);
assertEquals("Generate should succeed", KeyStore.NO_ERROR, rc);
OperationResult result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, true, args, null);
assertEquals("Begin should expect authorization", KeyStore.OP_AUTH_NEEDED, result.resultCode);
IBinder token = result.token;
result = mKeyStore.update(token, null, new byte[] { 0x01, 0x02, 0x03, 0x04 });
assertEquals("Update should require authorization", KeymasterDefs.KM_ERROR_KEY_USER_NOT_AUTHENTICATED, result.resultCode);
}
Also used :
IBinder(android.os.IBinder)
KeymasterArguments(android.security.keymaster.KeymasterArguments)
KeyCharacteristics(android.security.keymaster.KeyCharacteristics)
OperationResult(android.security.keymaster.OperationResult)
Example 43 with OperationResult
use of android.security.keymaster.OperationResult in project android_frameworks_base by AOSPA.
the class AndroidKeyStoreSignatureSpiBase method ensureKeystoreOperationInitialized.
private void ensureKeystoreOperationInitialized() throws InvalidKeyException {
if (mMessageStreamer != null) {
return;
}
if (mCachedException != null) {
return;
}
if (mKey == null) {
throw new IllegalStateException("Not initialized");
}
KeymasterArguments keymasterInputArgs = new KeymasterArguments();
addAlgorithmSpecificParametersToBegin(keymasterInputArgs);
OperationResult opResult = mKeyStore.begin(mKey.getAlias(), mSigning ? KeymasterDefs.KM_PURPOSE_SIGN : KeymasterDefs.KM_PURPOSE_VERIFY, // permit aborting this operation if keystore runs out of resources
true, keymasterInputArgs, // no additional entropy for begin -- only finish might need some
null, mKey.getUid());
if (opResult == null) {
throw new KeyStoreConnectException();
}
// Store operation token and handle regardless of the error code returned by KeyStore to
// ensure that the operation gets aborted immediately if the code below throws an exception.
mOperationToken = opResult.token;
mOperationHandle = opResult.operationHandle;
// If necessary, throw an exception due to KeyStore operation having failed.
InvalidKeyException e = KeyStoreCryptoOperationUtils.getInvalidKeyExceptionForInit(mKeyStore, mKey, opResult.resultCode);
if (e != null) {
throw e;
}
if (mOperationToken == null) {
throw new ProviderException("Keystore returned null operation token");
}
if (mOperationHandle == 0) {
throw new ProviderException("Keystore returned invalid operation handle");
}
mMessageStreamer = createMainDataStreamer(mKeyStore, opResult.token);
}
Also used :
KeymasterArguments(android.security.keymaster.KeymasterArguments)
ProviderException(java.security.ProviderException)
OperationResult(android.security.keymaster.OperationResult)
InvalidKeyException(java.security.InvalidKeyException)
Example 44 with OperationResult
use of android.security.keymaster.OperationResult in project android_frameworks_base by AOSPA.
the class KeyStoreCryptoOperationChunkedStreamer method doFinal.
@Override
public byte[] doFinal(byte[] input, int inputOffset, int inputLength, byte[] signature, byte[] additionalEntropy) throws KeyStoreException {
if (inputLength == 0) {
// No input provided -- simplify the rest of the code
input = EmptyArray.BYTE;
inputOffset = 0;
}
// Flush all buffered input and provided input into keystore/keymaster.
byte[] output = update(input, inputOffset, inputLength);
output = ArrayUtils.concat(output, flush());
OperationResult opResult = mKeyStoreStream.finish(signature, additionalEntropy);
if (opResult == null) {
throw new KeyStoreConnectException();
} else if (opResult.resultCode != KeyStore.NO_ERROR) {
throw KeyStore.getKeyStoreException(opResult.resultCode);
}
mProducedOutputSizeBytes += opResult.output.length;
return ArrayUtils.concat(output, opResult.output);
}
Also used :
OperationResult(android.security.keymaster.OperationResult)
Example 45 with OperationResult
use of android.security.keymaster.OperationResult in project android_frameworks_base by AOSPA.
the class KeyStoreTest method testAuthNeeded.
public void testAuthNeeded() throws Exception {
String name = "test";
KeymasterArguments args = new KeymasterArguments();
args.addEnum(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT);
args.addEnum(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT);
args.addEnum(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_AES);
args.addEnum(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_PKCS7);
args.addUnsignedInt(KeymasterDefs.KM_TAG_KEY_SIZE, 256);
args.addEnum(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_ECB);
args.addEnum(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, 1);
KeyCharacteristics outCharacteristics = new KeyCharacteristics();
int rc = mKeyStore.generateKey(name, args, null, 0, outCharacteristics);
assertEquals("Generate should succeed", KeyStore.NO_ERROR, rc);
OperationResult result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, true, args, null);
assertEquals("Begin should expect authorization", KeyStore.OP_AUTH_NEEDED, result.resultCode);
IBinder token = result.token;
result = mKeyStore.update(token, null, new byte[] { 0x01, 0x02, 0x03, 0x04 });
assertEquals("Update should require authorization", KeymasterDefs.KM_ERROR_KEY_USER_NOT_AUTHENTICATED, result.resultCode);
}
Also used :
IBinder(android.os.IBinder)
KeymasterArguments(android.security.keymaster.KeymasterArguments)
KeyCharacteristics(android.security.keymaster.KeyCharacteristics)
OperationResult(android.security.keymaster.OperationResult)
Aggregations
OperationResult (android.security.keymaster.OperationResult)55
KeymasterArguments (android.security.keymaster.KeymasterArguments)30
IBinder (android.os.IBinder)25
ProviderException (java.security.ProviderException)25
KeyCharacteristics (android.security.keymaster.KeyCharacteristics)15
InvalidKeyException (java.security.InvalidKeyException)15
KeyStoreException (android.security.KeyStoreException)10
ByteArrayOutputStream (java.io.ByteArrayOutputStream)10
IOException (java.io.IOException)10
Binder (android.os.Binder)5
GeneralSecurityException (java.security.GeneralSecurityException)5
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)5
