1 /*
2  * Copyright (C) 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.security.keystore2;
18 
19 import android.annotation.NonNull;
20 import android.security.KeyStoreSecurityLevel;
21 import android.security.keymaster.KeymasterDefs;
22 import android.security.keystore.KeyProperties;
23 import android.system.keystore2.Authorization;
24 import android.system.keystore2.KeyDescriptor;
25 import android.system.keystore2.KeyMetadata;
26 
27 import java.security.interfaces.ECPublicKey;
28 import java.security.spec.ECParameterSpec;
29 import java.security.spec.ECPoint;
30 
31 /**
32  * {@link ECPublicKey} backed by keystore.
33  *
34  * @hide
35  */
36 public class AndroidKeyStoreECPublicKey extends AndroidKeyStorePublicKey implements ECPublicKey {
37 
38     private final ECParameterSpec mParams;
39     private final ECPoint mW;
40 
AndroidKeyStoreECPublicKey(@onNull KeyDescriptor descriptor, @NonNull KeyMetadata metadata, @NonNull byte[] x509EncodedForm, @NonNull KeyStoreSecurityLevel securityLevel, @NonNull ECParameterSpec params, @NonNull ECPoint w)41     public AndroidKeyStoreECPublicKey(@NonNull KeyDescriptor descriptor,
42             @NonNull KeyMetadata metadata,
43             @NonNull byte[] x509EncodedForm,
44             @NonNull KeyStoreSecurityLevel securityLevel,
45             @NonNull ECParameterSpec params, @NonNull ECPoint w) {
46         super(descriptor, metadata, x509EncodedForm, KeyProperties.KEY_ALGORITHM_EC, securityLevel);
47         mParams = params;
48         mW = w;
49     }
50 
AndroidKeyStoreECPublicKey(@onNull KeyDescriptor descriptor, @NonNull KeyMetadata metadata, @NonNull KeyStoreSecurityLevel securityLevel, @NonNull ECPublicKey info)51     public AndroidKeyStoreECPublicKey(@NonNull KeyDescriptor descriptor,
52             @NonNull KeyMetadata metadata,
53             @NonNull KeyStoreSecurityLevel securityLevel, @NonNull ECPublicKey info) {
54         this(descriptor, metadata, info.getEncoded(), securityLevel, info.getParams(), info.getW());
55         if (!"X.509".equalsIgnoreCase(info.getFormat())) {
56             throw new IllegalArgumentException(
57                     "Unsupported key export format: " + info.getFormat());
58         }
59     }
60 
61     @Override
getPrivateKey()62     public AndroidKeyStorePrivateKey getPrivateKey() {
63         ECParameterSpec params = mParams;
64         for (Authorization a : getAuthorizations()) {
65             try {
66                 if (a.keyParameter.tag == KeymasterDefs.KM_TAG_EC_CURVE) {
67                     params = KeymasterUtils.getCurveSpec(KeymasterUtils.getEcCurveFromKeymaster(
68                             a.keyParameter.value.getEcCurve()));
69                     break;
70                 }
71             } catch (Exception e) {
72                 throw new RuntimeException("Unable to parse EC curve "
73                         + a.keyParameter.value.getEcCurve());
74             }
75         }
76         return new AndroidKeyStoreECPrivateKey(
77                 getUserKeyDescriptor(), getKeyIdDescriptor().nspace, getAuthorizations(),
78                 getSecurityLevel(), params);
79     }
80 
81     @Override
getParams()82     public ECParameterSpec getParams() {
83         return mParams;
84     }
85 
86     @Override
getW()87     public ECPoint getW() {
88         return mW;
89     }
90 }
91