1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security.keystore; 18 19 import java.security.Provider; 20 21 /** 22 * {@link Provider} of JCA crypto operations operating on Android KeyStore keys. 23 * 24 * <p>This provider was separated out of {@link AndroidKeyStoreProvider} to work around the issue 25 * that Bouncy Castle provider incorrectly declares that it accepts arbitrary keys (incl. Android 26 * KeyStore ones). This causes JCA to select the Bouncy Castle's implementation of JCA crypto 27 * operations for Android KeyStore keys unless Android KeyStore's own implementations are installed 28 * as higher-priority than Bouncy Castle ones. The purpose of this provider is to do just that: to 29 * offer crypto operations operating on Android KeyStore keys and to be installed at higher priority 30 * than the Bouncy Castle provider. 31 * 32 * <p>Once Bouncy Castle provider is fixed, this provider can be merged into the 33 * {@code AndroidKeyStoreProvider}. 34 * 35 * @hide 36 */ 37 class AndroidKeyStoreBCWorkaroundProvider extends Provider { 38 39 // IMPLEMENTATION NOTE: Class names are hard-coded in this provider to avoid loading these 40 // classes when this provider is instantiated and installed early on during each app's 41 // initialization process. 42 43 private static final String PACKAGE_NAME = "android.security.keystore"; 44 private static final String KEYSTORE_SECRET_KEY_CLASS_NAME = 45 PACKAGE_NAME + ".AndroidKeyStoreSecretKey"; 46 private static final String KEYSTORE_PRIVATE_KEY_CLASS_NAME = 47 PACKAGE_NAME + ".AndroidKeyStorePrivateKey"; 48 private static final String KEYSTORE_PUBLIC_KEY_CLASS_NAME = 49 PACKAGE_NAME + ".AndroidKeyStorePublicKey"; 50 51 private static final String DESEDE_SYSTEM_PROPERTY = "ro.hardware.keystore_desede"; 52 53 AndroidKeyStoreBCWorkaroundProvider() { 54 super("AndroidKeyStoreBCWorkaround", 55 1.0, 56 "Android KeyStore security provider to work around Bouncy Castle"); 57 58 // --------------------- javax.crypto.Mac 59 putMacImpl("HmacSHA1", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA1"); 60 put("Alg.Alias.Mac.1.2.840.113549.2.7", "HmacSHA1"); 61 put("Alg.Alias.Mac.HMAC-SHA1", "HmacSHA1"); 62 put("Alg.Alias.Mac.HMAC/SHA1", "HmacSHA1"); 63 64 putMacImpl("HmacSHA224", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA224"); 65 put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA224"); 66 put("Alg.Alias.Mac.HMAC-SHA224", "HmacSHA224"); 67 put("Alg.Alias.Mac.HMAC/SHA224", "HmacSHA224"); 68 69 putMacImpl("HmacSHA256", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA256"); 70 put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA256"); 71 put("Alg.Alias.Mac.HMAC-SHA256", "HmacSHA256"); 72 put("Alg.Alias.Mac.HMAC/SHA256", "HmacSHA256"); 73 74 putMacImpl("HmacSHA384", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA384"); 75 put("Alg.Alias.Mac.1.2.840.113549.2.10", "HmacSHA384"); 76 put("Alg.Alias.Mac.HMAC-SHA384", "HmacSHA384"); 77 put("Alg.Alias.Mac.HMAC/SHA384", "HmacSHA384"); 78 79 putMacImpl("HmacSHA512", PACKAGE_NAME + ".AndroidKeyStoreHmacSpi$HmacSHA512"); 80 put("Alg.Alias.Mac.1.2.840.113549.2.11", "HmacSHA512"); 81 put("Alg.Alias.Mac.HMAC-SHA512", "HmacSHA512"); 82 put("Alg.Alias.Mac.HMAC/SHA512", "HmacSHA512"); 83 84 // --------------------- javax.crypto.Cipher 85 putSymmetricCipherImpl("AES/ECB/NoPadding", 86 PACKAGE_NAME + ".AndroidKeyStoreUnauthenticatedAESCipherSpi$ECB$NoPadding"); 87 putSymmetricCipherImpl("AES/ECB/PKCS7Padding", 88 PACKAGE_NAME + ".AndroidKeyStoreUnauthenticatedAESCipherSpi$ECB$PKCS7Padding"); 89 90 putSymmetricCipherImpl("AES/CBC/NoPadding", 91 PACKAGE_NAME + ".AndroidKeyStoreUnauthenticatedAESCipherSpi$CBC$NoPadding"); 92 putSymmetricCipherImpl("AES/CBC/PKCS7Padding", 93 PACKAGE_NAME + ".AndroidKeyStoreUnauthenticatedAESCipherSpi$CBC$PKCS7Padding"); 94 95 putSymmetricCipherImpl("AES/CTR/NoPadding", 96 PACKAGE_NAME + ".AndroidKeyStoreUnauthenticatedAESCipherSpi$CTR$NoPadding"); 97 98 if ("true".equals(android.os.SystemProperties.get(DESEDE_SYSTEM_PROPERTY))) { 99 putSymmetricCipherImpl("DESede/CBC/NoPadding", 100 PACKAGE_NAME + ".AndroidKeyStore3DESCipherSpi$CBC$NoPadding"); 101 putSymmetricCipherImpl("DESede/CBC/PKCS7Padding", 102 PACKAGE_NAME + ".AndroidKeyStore3DESCipherSpi$CBC$PKCS7Padding"); 103 104 putSymmetricCipherImpl("DESede/ECB/NoPadding", 105 PACKAGE_NAME + ".AndroidKeyStore3DESCipherSpi$ECB$NoPadding"); 106 putSymmetricCipherImpl("DESede/ECB/PKCS7Padding", 107 PACKAGE_NAME + ".AndroidKeyStore3DESCipherSpi$ECB$PKCS7Padding"); 108 } 109 110 putSymmetricCipherImpl("AES/GCM/NoPadding", 111 PACKAGE_NAME + ".AndroidKeyStoreAuthenticatedAESCipherSpi$GCM$NoPadding"); 112 113 putAsymmetricCipherImpl("RSA/ECB/NoPadding", 114 PACKAGE_NAME + ".AndroidKeyStoreRSACipherSpi$NoPadding"); 115 put("Alg.Alias.Cipher.RSA/None/NoPadding", "RSA/ECB/NoPadding"); 116 putAsymmetricCipherImpl("RSA/ECB/PKCS1Padding", 117 PACKAGE_NAME + ".AndroidKeyStoreRSACipherSpi$PKCS1Padding"); 118 put("Alg.Alias.Cipher.RSA/None/PKCS1Padding", "RSA/ECB/PKCS1Padding"); 119 putAsymmetricCipherImpl("RSA/ECB/OAEPPadding", 120 PACKAGE_NAME + ".AndroidKeyStoreRSACipherSpi$OAEPWithSHA1AndMGF1Padding"); 121 put("Alg.Alias.Cipher.RSA/None/OAEPPadding", "RSA/ECB/OAEPPadding"); 122 putAsymmetricCipherImpl("RSA/ECB/OAEPWithSHA-1AndMGF1Padding", 123 PACKAGE_NAME + ".AndroidKeyStoreRSACipherSpi$OAEPWithSHA1AndMGF1Padding"); 124 put("Alg.Alias.Cipher.RSA/None/OAEPWithSHA-1AndMGF1Padding", 125 "RSA/ECB/OAEPWithSHA-1AndMGF1Padding"); 126 putAsymmetricCipherImpl("RSA/ECB/OAEPWithSHA-224AndMGF1Padding", 127 PACKAGE_NAME + ".AndroidKeyStoreRSACipherSpi$OAEPWithSHA224AndMGF1Padding"); 128 put("Alg.Alias.Cipher.RSA/None/OAEPWithSHA-224AndMGF1Padding", 129 "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"); 130 putAsymmetricCipherImpl("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", 131 PACKAGE_NAME + ".AndroidKeyStoreRSACipherSpi$OAEPWithSHA256AndMGF1Padding"); 132 put("Alg.Alias.Cipher.RSA/None/OAEPWithSHA-256AndMGF1Padding", 133 "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"); 134 putAsymmetricCipherImpl("RSA/ECB/OAEPWithSHA-384AndMGF1Padding", 135 PACKAGE_NAME + ".AndroidKeyStoreRSACipherSpi$OAEPWithSHA384AndMGF1Padding"); 136 put("Alg.Alias.Cipher.RSA/None/OAEPWithSHA-384AndMGF1Padding", 137 "RSA/ECB/OAEPWithSHA-384AndMGF1Padding"); 138 putAsymmetricCipherImpl("RSA/ECB/OAEPWithSHA-512AndMGF1Padding", 139 PACKAGE_NAME + ".AndroidKeyStoreRSACipherSpi$OAEPWithSHA512AndMGF1Padding"); 140 put("Alg.Alias.Cipher.RSA/None/OAEPWithSHA-512AndMGF1Padding", 141 "RSA/ECB/OAEPWithSHA-512AndMGF1Padding"); 142 143 // --------------------- java.security.Signature 144 putSignatureImpl("NONEwithRSA", 145 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$NONEWithPKCS1Padding"); 146 147 putSignatureImpl("MD5withRSA", 148 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$MD5WithPKCS1Padding"); 149 put("Alg.Alias.Signature.MD5WithRSAEncryption", "MD5withRSA"); 150 put("Alg.Alias.Signature.MD5/RSA", "MD5withRSA"); 151 put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5withRSA"); 152 put("Alg.Alias.Signature.1.2.840.113549.2.5with1.2.840.113549.1.1.1", "MD5withRSA"); 153 154 putSignatureImpl("SHA1withRSA", 155 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$SHA1WithPKCS1Padding"); 156 put("Alg.Alias.Signature.SHA1WithRSAEncryption", "SHA1withRSA"); 157 put("Alg.Alias.Signature.SHA1/RSA", "SHA1withRSA"); 158 put("Alg.Alias.Signature.SHA-1/RSA", "SHA1withRSA"); 159 put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1withRSA"); 160 put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.113549.1.1.1", "SHA1withRSA"); 161 put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.113549.1.1.5", "SHA1withRSA"); 162 put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1withRSA"); 163 164 putSignatureImpl("SHA224withRSA", 165 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$SHA224WithPKCS1Padding"); 166 put("Alg.Alias.Signature.SHA224WithRSAEncryption", "SHA224withRSA"); 167 put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA224withRSA"); 168 put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.4with1.2.840.113549.1.1.1", 169 "SHA224withRSA"); 170 put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.4with1.2.840.113549.1.1.11", 171 "SHA224withRSA"); 172 173 putSignatureImpl("SHA256withRSA", 174 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$SHA256WithPKCS1Padding"); 175 put("Alg.Alias.Signature.SHA256WithRSAEncryption", "SHA256withRSA"); 176 put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA"); 177 put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.1with1.2.840.113549.1.1.1", 178 "SHA256withRSA"); 179 put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.1with1.2.840.113549.1.1.11", 180 "SHA256withRSA"); 181 182 putSignatureImpl("SHA384withRSA", 183 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$SHA384WithPKCS1Padding"); 184 put("Alg.Alias.Signature.SHA384WithRSAEncryption", "SHA384withRSA"); 185 put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384withRSA"); 186 put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.2with1.2.840.113549.1.1.1", 187 "SHA384withRSA"); 188 189 putSignatureImpl("SHA512withRSA", 190 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$SHA512WithPKCS1Padding"); 191 put("Alg.Alias.Signature.SHA512WithRSAEncryption", "SHA512withRSA"); 192 put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512withRSA"); 193 put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.3with1.2.840.113549.1.1.1", 194 "SHA512withRSA"); 195 196 putSignatureImpl("SHA1withRSA/PSS", 197 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$SHA1WithPSSPadding"); 198 putSignatureImpl("SHA224withRSA/PSS", 199 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$SHA224WithPSSPadding"); 200 putSignatureImpl("SHA256withRSA/PSS", 201 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$SHA256WithPSSPadding"); 202 putSignatureImpl("SHA384withRSA/PSS", 203 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$SHA384WithPSSPadding"); 204 putSignatureImpl("SHA512withRSA/PSS", 205 PACKAGE_NAME + ".AndroidKeyStoreRSASignatureSpi$SHA512WithPSSPadding"); 206 207 putSignatureImpl("NONEwithECDSA", 208 PACKAGE_NAME + ".AndroidKeyStoreECDSASignatureSpi$NONE"); 209 210 putSignatureImpl("SHA1withECDSA", PACKAGE_NAME + ".AndroidKeyStoreECDSASignatureSpi$SHA1"); 211 put("Alg.Alias.Signature.ECDSA", "SHA1withECDSA"); 212 put("Alg.Alias.Signature.ECDSAwithSHA1", "SHA1withECDSA"); 213 // iso(1) member-body(2) us(840) ansi-x962(10045) signatures(4) ecdsa-with-SHA1(1) 214 put("Alg.Alias.Signature.1.2.840.10045.4.1", "SHA1withECDSA"); 215 put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10045.2.1", "SHA1withECDSA"); 216 217 // iso(1) member-body(2) us(840) ansi-x962(10045) signatures(4) ecdsa-with-SHA2(3) 218 putSignatureImpl("SHA224withECDSA", 219 PACKAGE_NAME + ".AndroidKeyStoreECDSASignatureSpi$SHA224"); 220 // ecdsa-with-SHA224(1) 221 put("Alg.Alias.Signature.1.2.840.10045.4.3.1", "SHA224withECDSA"); 222 put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.4with1.2.840.10045.2.1", "SHA224withECDSA"); 223 224 // iso(1) member-body(2) us(840) ansi-x962(10045) signatures(4) ecdsa-with-SHA2(3) 225 putSignatureImpl("SHA256withECDSA", 226 PACKAGE_NAME + ".AndroidKeyStoreECDSASignatureSpi$SHA256"); 227 // ecdsa-with-SHA256(2) 228 put("Alg.Alias.Signature.1.2.840.10045.4.3.2", "SHA256withECDSA"); 229 put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.1with1.2.840.10045.2.1", "SHA256withECDSA"); 230 231 putSignatureImpl("SHA384withECDSA", 232 PACKAGE_NAME + ".AndroidKeyStoreECDSASignatureSpi$SHA384"); 233 // ecdsa-with-SHA384(3) 234 put("Alg.Alias.Signature.1.2.840.10045.4.3.3", "SHA384withECDSA"); 235 put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.2with1.2.840.10045.2.1", "SHA384withECDSA"); 236 237 putSignatureImpl("SHA512withECDSA", 238 PACKAGE_NAME + ".AndroidKeyStoreECDSASignatureSpi$SHA512"); 239 // ecdsa-with-SHA512(4) 240 put("Alg.Alias.Signature.1.2.840.10045.4.3.4", "SHA512withECDSA"); 241 put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.3with1.2.840.10045.2.1", "SHA512withECDSA"); 242 } 243 244 private void putMacImpl(String algorithm, String implClass) { 245 put("Mac." + algorithm, implClass); 246 put("Mac." + algorithm + " SupportedKeyClasses", KEYSTORE_SECRET_KEY_CLASS_NAME); 247 } 248 249 private void putSymmetricCipherImpl(String transformation, String implClass) { 250 put("Cipher." + transformation, implClass); 251 put("Cipher." + transformation + " SupportedKeyClasses", KEYSTORE_SECRET_KEY_CLASS_NAME); 252 } 253 254 private void putAsymmetricCipherImpl(String transformation, String implClass) { 255 put("Cipher." + transformation, implClass); 256 put("Cipher." + transformation + " SupportedKeyClasses", 257 KEYSTORE_PRIVATE_KEY_CLASS_NAME + "|" + KEYSTORE_PUBLIC_KEY_CLASS_NAME); 258 } 259 260 private void putSignatureImpl(String algorithm, String implClass) { 261 put("Signature." + algorithm, implClass); 262 put("Signature." + algorithm + " SupportedKeyClasses", 263 KEYSTORE_PRIVATE_KEY_CLASS_NAME + "|" + KEYSTORE_PUBLIC_KEY_CLASS_NAME); 264 } 265 266 public static String[] getSupportedEcdsaSignatureDigests() { 267 return new String[] {"NONE", "SHA-1", "SHA-224", "SHA-256", "SHA-384", "SHA-512"}; 268 } 269 270 public static String[] getSupportedRsaSignatureWithPkcs1PaddingDigests() { 271 return new String[] {"NONE", "MD5", "SHA-1", "SHA-224", "SHA-256", "SHA-384", "SHA-512"}; 272 } 273 } 274
