Examples with UnrecoverableKeyException - java.security.UnrecoverableKeyException

Example 61 with UnrecoverableKeyException

use of java.security.UnrecoverableKeyException in project platform_frameworks_base by android.

the class LockSettingsService method resetKeyStore.

@Override
public void resetKeyStore(int userId) throws RemoteException {
    checkWritePermission(userId);
    if (DEBUG)
        Slog.v(TAG, "Reset keystore for user: " + userId);
    int managedUserId = -1;
    String managedUserDecryptedPassword = null;
    final List<UserInfo> profiles = mUserManager.getProfiles(userId);
    for (UserInfo pi : profiles) {
        // Unlock managed profile with unified lock
        if (pi.isManagedProfile() && !mLockPatternUtils.isSeparateProfileChallengeEnabled(pi.id) && mStorage.hasChildProfileLock(pi.id)) {
            try {
                if (managedUserId == -1) {
                    managedUserDecryptedPassword = getDecryptedPasswordForTiedProfile(pi.id);
                    managedUserId = pi.id;
                } else {
                    // Should not happen
                    Slog.e(TAG, "More than one managed profile, uid1:" + managedUserId + ", uid2:" + pi.id);
                }
            } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException | CertificateException | IOException e) {
                Slog.e(TAG, "Failed to decrypt child profile key", e);
            }
        }
    }
    try {
        // Clear all the users credentials could have been installed in for this user.
        for (int profileId : mUserManager.getProfileIdsWithDisabled(userId)) {
            for (int uid : SYSTEM_CREDENTIAL_UIDS) {
                mKeyStore.clearUid(UserHandle.getUid(profileId, uid));
            }
        }
    } finally {
        if (managedUserId != -1 && managedUserDecryptedPassword != null) {
            if (DEBUG)
                Slog.v(TAG, "Restore tied profile lock");
            tieProfileLockToParent(managedUserId, managedUserDecryptedPassword);
        }
    }
}

Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) UserInfo(android.content.pm.UserInfo) CertificateException(java.security.cert.CertificateException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) UnrecoverableKeyException(java.security.UnrecoverableKeyException)

Example 62 with UnrecoverableKeyException

use of java.security.UnrecoverableKeyException in project platform_frameworks_base by android.

the class LockSettingsService method verifyTiedProfileChallenge.

@Override
public VerifyCredentialResponse verifyTiedProfileChallenge(String password, boolean isPattern, long challenge, int userId) throws RemoteException {
    checkPasswordReadPermission(userId);
    if (!isManagedProfileWithUnifiedLock(userId)) {
        throw new RemoteException("User id must be managed profile with unified lock");
    }
    final int parentProfileId = mUserManager.getProfileParent(userId).id;
    // Unlock parent by using parent's challenge
    final VerifyCredentialResponse parentResponse = isPattern ? doVerifyPattern(password, true, challenge, parentProfileId, null) : doVerifyPassword(password, true, challenge, parentProfileId, null);
    if (parentResponse.getResponseCode() != VerifyCredentialResponse.RESPONSE_OK) {
        // Failed, just return parent's response
        return parentResponse;
    }
    try {
        // Unlock work profile, and work profile with unified lock must use password only
        return doVerifyPassword(getDecryptedPasswordForTiedProfile(userId), true, challenge, userId, null);
    } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException | CertificateException | IOException e) {
        Slog.e(TAG, "Failed to decrypt child profile key", e);
        throw new RemoteException("Unable to get tied profile token");
    }
}

Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) VerifyCredentialResponse(com.android.internal.widget.VerifyCredentialResponse) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) CertificateException(java.security.cert.CertificateException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) RemoteException(android.os.RemoteException)

Example 63 with UnrecoverableKeyException

use of java.security.UnrecoverableKeyException in project keywhiz by square.

the class CryptoModule method baseDerivationKey.

@Provides
@Derivation
@Singleton
SecretKey baseDerivationKey(@Derivation Provider provider) {
    String alias = keyStoreConfig.alias();
    char[] password = keyStoreConfig.resolvedPassword().toCharArray();
    KeyStore keyStore;
    try (InputStream inputStream = keyStoreConfig.openPath()) {
        keyStore = KeyStore.getInstance(keyStoreConfig.type(), provider);
        keyStore.load(inputStream, password);
        return (SecretKey) keyStore.getKey(alias, password);
    } catch (CertificateException | IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
        logger.error("Error loading base derivation key: {}", e.getMessage(), e);
        throw Throwables.propagate(e);
    }
}

Also used : SecretKey(javax.crypto.SecretKey) UnrecoverableKeyException(java.security.UnrecoverableKeyException) InputStream(java.io.InputStream) CertificateException(java.security.cert.CertificateException) IOException(java.io.IOException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStore(java.security.KeyStore) Singleton(javax.inject.Singleton) Provides(com.google.inject.Provides)

Example 64 with UnrecoverableKeyException

use of java.security.UnrecoverableKeyException in project keywhiz by square.

the class CryptoFixtures method contentCryptographer.

/** @return a content cryptographer initialized with the testing derivation key. */
public static ContentCryptographer contentCryptographer() {
    if (cryptographer != null) {
        return cryptographer;
    }
    Provider provider = new BouncyCastleProvider();
    if (Security.getProvider(provider.getName()) == null) {
        Security.addProvider(provider);
    }
    SecretKey baseKey;
    char[] password = "CHANGE".toCharArray();
    try (InputStream in = Resources.getResource("derivation.jceks").openStream()) {
        KeyStore keyStore = KeyStore.getInstance("JCEKS");
        keyStore.load(in, password);
        baseKey = (SecretKey) keyStore.getKey("basekey", password);
    } catch (CertificateException | UnrecoverableKeyException | KeyStoreException | NoSuchAlgorithmException | IOException e) {
        throw Throwables.propagate(e);
    }
    cryptographer = new ContentCryptographer(baseKey, provider, provider, FakeRandom.create());
    return cryptographer;
}

Also used : InputStream(java.io.InputStream) CertificateException(java.security.cert.CertificateException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) KeyStore(java.security.KeyStore) Provider(java.security.Provider) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) SecretKey(javax.crypto.SecretKey) UnrecoverableKeyException(java.security.UnrecoverableKeyException) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Example 65 with UnrecoverableKeyException

use of java.security.UnrecoverableKeyException in project QuickAndroid by ImKarl.

the class HttpsHelper method prepareKeyManager.

private static KeyManager[] prepareKeyManager(InputStream bksFile, String password) {
    try {
        if (bksFile == null || password == null)
            return null;
        KeyStore clientKeyStore = KeyStore.getInstance("BKS");
        clientKeyStore.load(bksFile, password.toCharArray());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(clientKeyStore, password.toCharArray());
        return keyManagerFactory.getKeyManagers();
    } catch (KeyStoreException e) {
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (UnrecoverableKeyException e) {
        e.printStackTrace();
    } catch (CertificateException e) {
        e.printStackTrace();
    } catch (IOException e) {
        e.printStackTrace();
    } catch (Exception e) {
        e.printStackTrace();
    }
    return null;
}

Also used : UnrecoverableKeyException(java.security.UnrecoverableKeyException) CertificateException(java.security.cert.CertificateException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) KeyStore(java.security.KeyStore) IOException(java.io.IOException) KeyManagementException(java.security.KeyManagementException) KeyStoreException(java.security.KeyStoreException) CertificateException(java.security.cert.CertificateException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) KeyManagerFactory(javax.net.ssl.KeyManagerFactory)

Aggregations

UnrecoverableKeyException (java.security.UnrecoverableKeyException)109 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)87 KeyStoreException (java.security.KeyStoreException)86 IOException (java.io.IOException)69 CertificateException (java.security.cert.CertificateException)58 KeyStore (java.security.KeyStore)30 InvalidKeyException (java.security.InvalidKeyException)29 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)29 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)27 BadPaddingException (javax.crypto.BadPaddingException)26 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)26 KeyManagementException (java.security.KeyManagementException)25 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)20 SSLContext (javax.net.ssl.SSLContext)20 SecretKey (javax.crypto.SecretKey)17 RemoteException (android.os.RemoteException)15 FileNotFoundException (java.io.FileNotFoundException)13 InputStream (java.io.InputStream)13 Key (java.security.Key)13 PrivateKey (java.security.PrivateKey)12