1 /* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package android.security; 17 18 import android.annotation.NonNull; 19 import android.annotation.Nullable; 20 import android.annotation.SdkConstant; 21 import android.annotation.SdkConstant.SdkConstantType; 22 import android.annotation.WorkerThread; 23 import android.app.Activity; 24 import android.app.PendingIntent; 25 import android.app.Service; 26 import android.content.ComponentName; 27 import android.content.Context; 28 import android.content.Intent; 29 import android.content.ServiceConnection; 30 import android.net.Uri; 31 import android.os.Binder; 32 import android.os.IBinder; 33 import android.os.Looper; 34 import android.os.Process; 35 import android.os.RemoteException; 36 import android.os.UserHandle; 37 import android.security.keystore.AndroidKeyStoreProvider; 38 import android.security.keystore.KeyPermanentlyInvalidatedException; 39 import android.security.keystore.KeyProperties; 40 41 import com.android.org.conscrypt.TrustedCertificateStore; 42 43 import java.io.ByteArrayInputStream; 44 import java.io.Closeable; 45 import java.io.Serializable; 46 import java.security.KeyPair; 47 import java.security.Principal; 48 import java.security.PrivateKey; 49 import java.security.UnrecoverableKeyException; 50 import java.security.cert.Certificate; 51 import java.security.cert.CertificateException; 52 import java.security.cert.CertificateFactory; 53 import java.security.cert.X509Certificate; 54 import java.util.ArrayList; 55 import java.util.Collection; 56 import java.util.List; 57 import java.util.Locale; 58 import java.util.concurrent.BlockingQueue; 59 import java.util.concurrent.LinkedBlockingQueue; 60 61 import javax.security.auth.x500.X500Principal; 62 63 /** 64 * The {@code KeyChain} class provides access to private keys and 65 * their corresponding certificate chains in credential storage. 66 * 67 * <p>Applications accessing the {@code KeyChain} normally go through 68 * these steps: 69 * 70 * <ol> 71 * 72 * <li>Receive a callback from an {@link javax.net.ssl.X509KeyManager 73 * X509KeyManager} that a private key is requested. 74 * 75 * <li>Call {@link #choosePrivateKeyAlias 76 * choosePrivateKeyAlias} to allow the user to select from a 77 * list of currently available private keys and corresponding 78 * certificate chains. The chosen alias will be returned by the 79 * callback {@link KeyChainAliasCallback#alias}, or null if no private 80 * key is available or the user cancels the request. 81 * 82 * <li>Call {@link #getPrivateKey} and {@link #getCertificateChain} to 83 * retrieve the credentials to return to the corresponding {@link 84 * javax.net.ssl.X509KeyManager} callbacks. 85 * 86 * </ol> 87 * 88 * <p>An application may remember the value of a selected alias to 89 * avoid prompting the user with {@link #choosePrivateKeyAlias 90 * choosePrivateKeyAlias} on subsequent connections. If the alias is 91 * no longer valid, null will be returned on lookups using that value 92 * 93 * <p>An application can request the installation of private keys and 94 * certificates via the {@code Intent} provided by {@link 95 * #createInstallIntent}. Private keys installed via this {@code 96 * Intent} will be accessible via {@link #choosePrivateKeyAlias} while 97 * Certificate Authority (CA) certificates will be trusted by all 98 * applications through the default {@code X509TrustManager}. 99 */ 100 // TODO reference intent for credential installation when public 101 public final class KeyChain { 102 103 /** 104 * @hide Also used by KeyChainService implementation 105 */ 106 public static final String ACCOUNT_TYPE = "com.android.keychain"; 107 108 /** 109 * Package name for KeyChain chooser. 110 */ 111 private static final String KEYCHAIN_PACKAGE = "com.android.keychain"; 112 113 /** 114 * Action to bring up the KeyChainActivity 115 */ 116 private static final String ACTION_CHOOSER = "com.android.keychain.CHOOSER"; 117 118 /** 119 * Package name for the Certificate Installer. 120 */ 121 private static final String CERT_INSTALLER_PACKAGE = "com.android.certinstaller"; 122 123 /** 124 * Extra for use with {@link #ACTION_CHOOSER} 125 * @hide Also used by KeyChainActivity implementation 126 */ 127 public static final String EXTRA_RESPONSE = "response"; 128 129 /** 130 * Extra for use with {@link #ACTION_CHOOSER} 131 * @hide Also used by KeyChainActivity implementation 132 */ 133 public static final String EXTRA_URI = "uri"; 134 135 /** 136 * Extra for use with {@link #ACTION_CHOOSER} 137 * @hide Also used by KeyChainActivity implementation 138 */ 139 public static final String EXTRA_ALIAS = "alias"; 140 141 /** 142 * Extra for use with {@link #ACTION_CHOOSER} 143 * @hide Also used by KeyChainActivity implementation 144 */ 145 public static final String EXTRA_SENDER = "sender"; 146 147 /** 148 * Extra for use with {@link #ACTION_CHOOSER} 149 * @hide Also used by KeyChainActivity implementation 150 */ 151 public static final String EXTRA_KEY_TYPES = "key_types"; 152 153 /** 154 * Extra for use with {@link #ACTION_CHOOSER} 155 * @hide Also used by KeyChainActivity implementation 156 */ 157 public static final String EXTRA_ISSUERS = "issuers"; 158 159 /** 160 * Action to bring up the CertInstaller. 161 */ 162 private static final String ACTION_INSTALL = "android.credentials.INSTALL"; 163 164 /** 165 * Optional extra to specify a {@code String} credential name on 166 * the {@code Intent} returned by {@link #createInstallIntent}. 167 */ 168 // Compatible with old com.android.certinstaller.CredentialHelper.CERT_NAME_KEY 169 public static final String EXTRA_NAME = "name"; 170 171 /** 172 * Optional extra to specify an X.509 certificate to install on 173 * the {@code Intent} returned by {@link #createInstallIntent}. 174 * The extra value should be a PEM or ASN.1 DER encoded {@code 175 * byte[]}. An {@link X509Certificate} can be converted to DER 176 * encoded bytes with {@link X509Certificate#getEncoded}. 177 * 178 * <p>{@link #EXTRA_NAME} may be used to provide a default alias 179 * name for the installed certificate. 180 */ 181 // Compatible with old android.security.Credentials.CERTIFICATE 182 public static final String EXTRA_CERTIFICATE = "CERT"; 183 184 /** 185 * Optional extra for use with the {@code Intent} returned by 186 * {@link #createInstallIntent} to specify a PKCS#12 key store to 187 * install. The extra value should be a {@code byte[]}. The bytes 188 * may come from an external source or be generated with {@link 189 * java.security.KeyStore#store} on a "PKCS12" instance. 190 * 191 * <p>The user will be prompted for the password to load the key store. 192 * 193 * <p>The key store will be scanned for {@link 194 * java.security.KeyStore.PrivateKeyEntry} entries and both the 195 * private key and associated certificate chain will be installed. 196 * 197 * <p>{@link #EXTRA_NAME} may be used to provide a default alias 198 * name for the installed credentials. 199 */ 200 // Compatible with old android.security.Credentials.PKCS12 201 public static final String EXTRA_PKCS12 = "PKCS12"; 202 203 /** 204 * Broadcast Action: Indicates the trusted storage has changed. Sent when 205 * one of this happens: 206 * 207 * <ul> 208 * <li>a new CA is added, 209 * <li>an existing CA is removed or disabled, 210 * <li>a disabled CA is enabled, 211 * <li>trusted storage is reset (all user certs are cleared), 212 * <li>when permission to access a private key is changed. 213 * </ul> 214 * 215 * @deprecated Use {@link #ACTION_KEYCHAIN_CHANGED}, {@link #ACTION_TRUST_STORE_CHANGED} or 216 * {@link #ACTION_KEY_ACCESS_CHANGED}. Apps that target a version higher than 217 * {@link android.os.Build.VERSION_CODES#N_MR1} will only receive this broadcast if they 218 * register for it at runtime. 219 */ 220 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 221 public static final String ACTION_STORAGE_CHANGED = "android.security.STORAGE_CHANGED"; 222 223 /** 224 * Broadcast Action: Indicates the contents of the keychain has changed. Sent when a KeyChain 225 * entry is added, modified or removed. 226 */ 227 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 228 public static final String ACTION_KEYCHAIN_CHANGED = "android.security.action.KEYCHAIN_CHANGED"; 229 230 /** 231 * Broadcast Action: Indicates the contents of the trusted certificate store has changed. Sent 232 * when one the following occurs: 233 * 234 * <ul> 235 * <li>A pre-installed CA is disabled or re-enabled</li> 236 * <li>A CA is added or removed from the trust store</li> 237 * </ul> 238 */ 239 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 240 public static final String ACTION_TRUST_STORE_CHANGED = 241 "android.security.action.TRUST_STORE_CHANGED"; 242 243 /** 244 * Broadcast Action: Indicates that the access permissions for a private key have changed. 245 * 246 */ 247 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 248 public static final String ACTION_KEY_ACCESS_CHANGED = 249 "android.security.action.KEY_ACCESS_CHANGED"; 250 251 /** 252 * Used as a String extra field in {@link #ACTION_KEY_ACCESS_CHANGED} to supply the alias of 253 * the key. 254 */ 255 public static final String EXTRA_KEY_ALIAS = "android.security.extra.KEY_ALIAS"; 256 257 /** 258 * Used as a boolean extra field in {@link #ACTION_KEY_ACCESS_CHANGED} to supply if the key is 259 * accessible to the application. 260 */ 261 public static final String EXTRA_KEY_ACCESSIBLE = "android.security.extra.KEY_ACCESSIBLE"; 262 263 /** 264 * Indicates that a call to {@link #generateKeyPair} was successful. 265 * @hide 266 */ 267 public static final int KEY_GEN_SUCCESS = 0; 268 269 /** 270 * An alias was missing from the key specifications when calling {@link #generateKeyPair}. 271 * @hide 272 */ 273 public static final int KEY_GEN_MISSING_ALIAS = 1; 274 275 /** 276 * A key attestation challenge was provided to {@link #generateKeyPair}, but it shouldn't 277 * have been provided. 278 * @hide 279 */ 280 public static final int KEY_GEN_SUPERFLUOUS_ATTESTATION_CHALLENGE = 2; 281 282 /** 283 * Algorithm not supported by {@link #generateKeyPair} 284 * @hide 285 */ 286 public static final int KEY_GEN_NO_SUCH_ALGORITHM = 3; 287 288 /** 289 * Invalid algorithm parameters when calling {@link #generateKeyPair} 290 * @hide 291 */ 292 public static final int KEY_GEN_INVALID_ALGORITHM_PARAMETERS = 4; 293 294 /** 295 * Keystore is not available when calling {@link #generateKeyPair} 296 * @hide 297 */ 298 public static final int KEY_GEN_NO_KEYSTORE_PROVIDER = 5; 299 300 /** 301 * StrongBox unavailable when calling {@link #generateKeyPair} 302 * @hide 303 */ 304 public static final int KEY_GEN_STRONGBOX_UNAVAILABLE = 6; 305 306 /** 307 * General failure while calling {@link #generateKeyPair} 308 * @hide 309 */ 310 public static final int KEY_GEN_FAILURE = 7; 311 312 /** 313 * Successful call to {@link #attestKey} 314 * @hide 315 */ 316 public static final int KEY_ATTESTATION_SUCCESS = 0; 317 318 /** 319 * Attestation challenge missing when calling {@link #attestKey} 320 * @hide 321 */ 322 public static final int KEY_ATTESTATION_MISSING_CHALLENGE = 1; 323 324 /** 325 * The caller requested Device ID attestation when calling {@link #attestKey}, but has no 326 * permissions to get device identifiers. 327 * @hide 328 */ 329 public static final int KEY_ATTESTATION_CANNOT_COLLECT_DATA = 2; 330 331 /** 332 * The underlying hardware does not support Device ID attestation or cannot attest to the 333 * identifiers that are stored on the device. This indicates permanent inability 334 * to get attestation records on the device. 335 * @hide 336 */ 337 public static final int KEY_ATTESTATION_CANNOT_ATTEST_IDS = 3; 338 339 /** 340 * General failure when calling {@link #attestKey} 341 * @hide 342 */ 343 public static final int KEY_ATTESTATION_FAILURE = 4; 344 345 /** 346 * Used by DPC or delegated app in 347 * {@link android.app.admin.DeviceAdminReceiver#onChoosePrivateKeyAlias} or 348 * {@link android.app.admin.DelegatedAdminReceiver#onChoosePrivateKeyAlias} to identify that 349 * the requesting app is not granted access to any key, and nor will the user be able to grant 350 * access manually. 351 */ 352 public static final String KEY_ALIAS_SELECTION_DENIED = 353 "android:alias-selection-denied"; 354 355 /** 356 * Returns an {@code Intent} that can be used for credential 357 * installation. The intent may be used without any extras, in 358 * which case the user will be able to install credentials from 359 * their own source. 360 * 361 * <p>Alternatively, {@link #EXTRA_CERTIFICATE} or {@link 362 * #EXTRA_PKCS12} maybe used to specify the bytes of an X.509 363 * certificate or a PKCS#12 key store for installation. These 364 * extras may be combined with {@link #EXTRA_NAME} to provide a 365 * default alias name for credentials being installed. 366 * 367 * <p>When used with {@link Activity#startActivityForResult}, 368 * {@link Activity#RESULT_OK} will be returned if a credential was 369 * successfully installed, otherwise {@link 370 * Activity#RESULT_CANCELED} will be returned. 371 */ 372 @NonNull createInstallIntent()373 public static Intent createInstallIntent() { 374 Intent intent = new Intent(ACTION_INSTALL); 375 intent.setClassName(CERT_INSTALLER_PACKAGE, 376 "com.android.certinstaller.CertInstallerMain"); 377 return intent; 378 } 379 380 /** 381 * Launches an {@code Activity} for the user to select the alias 382 * for a private key and certificate pair for authentication. The 383 * selected alias or null will be returned via the 384 * KeyChainAliasCallback callback. 385 * 386 * <p>A device policy controller (as a device or profile owner) can 387 * intercept the request before the activity is shown, to pick a 388 * specific private key alias by implementing 389 * {@link android.app.admin.DeviceAdminReceiver#onChoosePrivateKeyAlias 390 * onChoosePrivateKeyAlias}. 391 * 392 * <p>{@code keyTypes} and {@code issuers} may be used to 393 * narrow down suggested choices to the user. If either {@code keyTypes} 394 * or {@code issuers} is specified and non-empty, and there are no 395 * matching certificates in the KeyChain, then the certificate 396 * selection prompt would be suppressed entirely. 397 * 398 * <p>{@code host} and {@code port} may be used to give the user 399 * more context about the server requesting the credentials. 400 * 401 * <p>{@code alias} allows the caller to preselect an existing 402 * alias which will still be subject to user confirmation. 403 * 404 * @param activity The {@link Activity} context to use for 405 * launching the new sub-Activity to prompt the user to select 406 * a private key; used only to call startActivity(); must not 407 * be null. 408 * @param response Callback to invoke when the request completes; 409 * must not be null. 410 * @param keyTypes The acceptable types of asymmetric keys such as 411 * "RSA", "EC" or null. 412 * @param issuers The acceptable certificate issuers for the 413 * certificate matching the private key, or null. 414 * @param host The host name of the server requesting the 415 * certificate, or null if unavailable. 416 * @param port The port number of the server requesting the 417 * certificate, or -1 if unavailable. 418 * @param alias The alias to preselect if available, or null if 419 * unavailable. 420 */ choosePrivateKeyAlias(@onNull Activity activity, @NonNull KeyChainAliasCallback response, @Nullable @KeyProperties.KeyAlgorithmEnum String[] keyTypes, @Nullable Principal[] issuers, @Nullable String host, int port, @Nullable String alias)421 public static void choosePrivateKeyAlias(@NonNull Activity activity, 422 @NonNull KeyChainAliasCallback response, 423 @Nullable @KeyProperties.KeyAlgorithmEnum String[] keyTypes, 424 @Nullable Principal[] issuers, 425 @Nullable String host, int port, @Nullable String alias) { 426 Uri uri = null; 427 if (host != null) { 428 uri = new Uri.Builder() 429 .authority(host + (port != -1 ? ":" + port : "")) 430 .build(); 431 } 432 choosePrivateKeyAlias(activity, response, keyTypes, issuers, uri, alias); 433 } 434 435 /** 436 * Launches an {@code Activity} for the user to select the alias 437 * for a private key and certificate pair for authentication. The 438 * selected alias or null will be returned via the 439 * KeyChainAliasCallback callback. 440 * 441 * <p>A device policy controller (as a device or profile owner) can 442 * intercept the request before the activity is shown, to pick a 443 * specific private key alias by implementing 444 * {@link android.app.admin.DeviceAdminReceiver#onChoosePrivateKeyAlias 445 * onChoosePrivateKeyAlias}. 446 * 447 * <p>{@code keyTypes} and {@code issuers} may be used to 448 * narrow down suggested choices to the user. If either {@code keyTypes} 449 * or {@code issuers} is specified and non-empty, and there are no 450 * matching certificates in the KeyChain, then the certificate 451 * selection prompt would be suppressed entirely. 452 * 453 * <p>{@code uri} may be used to give the user more context about 454 * the server requesting the credentials. 455 * 456 * <p>{@code alias} allows the caller to preselect an existing 457 * alias which will still be subject to user confirmation. 458 * 459 * @param activity The {@link Activity} context to use for 460 * launching the new sub-Activity to prompt the user to select 461 * a private key; used only to call startActivity(); must not 462 * be null. 463 * @param response Callback to invoke when the request completes; 464 * must not be null. 465 * @param keyTypes The acceptable types of asymmetric keys such as 466 * "RSA", "EC" or null. 467 * @param issuers The acceptable certificate issuers for the 468 * certificate matching the private key, or null. 469 * @param uri The full URI the server is requesting the certificate 470 * for, or null if unavailable. 471 * @param alias The alias to preselect if available, or null if 472 * unavailable. 473 * @throws IllegalArgumentException if the specified issuers are not 474 * of type {@code X500Principal}. 475 */ choosePrivateKeyAlias(@onNull Activity activity, @NonNull KeyChainAliasCallback response, @Nullable @KeyProperties.KeyAlgorithmEnum String[] keyTypes, @Nullable Principal[] issuers, @Nullable Uri uri, @Nullable String alias)476 public static void choosePrivateKeyAlias(@NonNull Activity activity, 477 @NonNull KeyChainAliasCallback response, 478 @Nullable @KeyProperties.KeyAlgorithmEnum String[] keyTypes, 479 @Nullable Principal[] issuers, 480 @Nullable Uri uri, @Nullable String alias) { 481 /* 482 * Specifying keyTypes excludes certificates with different key types 483 * from the list of certificates presented to the user. 484 * In practice today, most servers would require RSA or EC 485 * certificates. 486 * 487 * Specifying issuers narrows down the list by filtering out 488 * certificates with issuers which are not matching the provided ones. 489 * This has been reported to Chrome several times (crbug.com/731769). 490 * There's no concrete description on what to do when the client has no 491 * certificates that match the provided issuers. 492 * To be conservative, Android will not present the user with any 493 * certificates to choose from. 494 * If the list of issuers is empty then the client may send any 495 * certificate, see: 496 * https://tools.ietf.org/html/rfc5246#section-7.4.4 497 */ 498 if (activity == null) { 499 throw new NullPointerException("activity == null"); 500 } 501 if (response == null) { 502 throw new NullPointerException("response == null"); 503 } 504 Intent intent = new Intent(ACTION_CHOOSER); 505 intent.setPackage(KEYCHAIN_PACKAGE); 506 intent.putExtra(EXTRA_RESPONSE, new AliasResponse(response)); 507 intent.putExtra(EXTRA_URI, uri); 508 intent.putExtra(EXTRA_ALIAS, alias); 509 intent.putExtra(EXTRA_KEY_TYPES, keyTypes); 510 ArrayList<byte[]> issuersList = new ArrayList(); 511 if (issuers != null) { 512 for (Principal issuer: issuers) { 513 // In a TLS client context (like Chrome), issuers would only 514 // be specified as X500Principals. No other use cases for 515 // specifying principals have been brought up. Under these 516 // circumstances, only allow issuers specified as 517 // X500Principals. 518 if (!(issuer instanceof X500Principal)) { 519 throw new IllegalArgumentException(String.format( 520 "Issuer %s is of type %s, not X500Principal", 521 issuer.toString(), issuer.getClass())); 522 } 523 // Pass the DER-encoded issuer as that's the most accurate 524 // representation and what is sent over the wire. 525 issuersList.add(((X500Principal) issuer).getEncoded()); 526 } 527 } 528 intent.putExtra(EXTRA_ISSUERS, (Serializable) issuersList); 529 // the PendingIntent is used to get calling package name 530 intent.putExtra(EXTRA_SENDER, PendingIntent.getActivity(activity, 0, new Intent(), 0)); 531 activity.startActivity(intent); 532 } 533 534 private static class AliasResponse extends IKeyChainAliasCallback.Stub { 535 private final KeyChainAliasCallback keyChainAliasResponse; AliasResponse(KeyChainAliasCallback keyChainAliasResponse)536 private AliasResponse(KeyChainAliasCallback keyChainAliasResponse) { 537 this.keyChainAliasResponse = keyChainAliasResponse; 538 } alias(String alias)539 @Override public void alias(String alias) { 540 keyChainAliasResponse.alias(alias); 541 } 542 } 543 544 /** 545 * Returns the {@code PrivateKey} for the requested alias, or null if the alias does not exist 546 * or the caller has no permission to access it (see note on exceptions below). 547 * 548 * <p> This method may block while waiting for a connection to another process, and must never 549 * be called from the main thread. 550 * <p> As {@link Activity} and {@link Service} contexts are short-lived and can be destroyed 551 * at any time from the main thread, it is safer to rely on a long-lived context such as one 552 * returned from {@link Context#getApplicationContext()}. 553 * 554 * <p> If the caller provides a valid alias to which it was not granted access, then the 555 * caller must invoke {@link #choosePrivateKeyAlias} again to get another valid alias 556 * or a grant to access the same alias. 557 * <p>On Android versions prior to Q, when a key associated with the specified alias is 558 * unavailable, the method will throw a {@code KeyChainException} rather than return null. 559 * If the exception's cause (as obtained by calling {@code KeyChainException.getCause()}) 560 * is a throwable of type {@code IllegalStateException} then the caller lacks a grant 561 * to access the key and certificates associated with this alias. 562 * 563 * @param alias The alias of the desired private key, typically returned via 564 * {@link KeyChainAliasCallback#alias}. 565 * @throws KeyChainException if the alias was valid but there was some problem accessing it. 566 * @throws IllegalStateException if called from the main thread. 567 */ 568 @Nullable @WorkerThread getPrivateKey(@onNull Context context, @NonNull String alias)569 public static PrivateKey getPrivateKey(@NonNull Context context, @NonNull String alias) 570 throws KeyChainException, InterruptedException { 571 KeyPair keyPair = getKeyPair(context, alias); 572 if (keyPair != null) { 573 return keyPair.getPrivate(); 574 } 575 576 return null; 577 } 578 579 /** @hide */ 580 @Nullable @WorkerThread getKeyPair(@onNull Context context, @NonNull String alias)581 public static KeyPair getKeyPair(@NonNull Context context, @NonNull String alias) 582 throws KeyChainException, InterruptedException { 583 if (alias == null) { 584 throw new NullPointerException("alias == null"); 585 } 586 if (context == null) { 587 throw new NullPointerException("context == null"); 588 } 589 590 final String keyId; 591 try (KeyChainConnection keyChainConnection = bind(context.getApplicationContext())) { 592 keyId = keyChainConnection.getService().requestPrivateKey(alias); 593 } catch (RemoteException e) { 594 throw new KeyChainException(e); 595 } catch (RuntimeException e) { 596 // only certain RuntimeExceptions can be propagated across the IKeyChainService call 597 throw new KeyChainException(e); 598 } 599 600 if (keyId == null) { 601 return null; 602 } else { 603 try { 604 return AndroidKeyStoreProvider.loadAndroidKeyStoreKeyPairFromKeystore( 605 KeyStore.getInstance(), keyId, KeyStore.UID_SELF); 606 } catch (RuntimeException | UnrecoverableKeyException | KeyPermanentlyInvalidatedException e) { 607 throw new KeyChainException(e); 608 } 609 } 610 } 611 612 /** 613 * Returns the {@code X509Certificate} chain for the requested alias, or null if the alias 614 * does not exist or the caller has no permission to access it (see note on exceptions 615 * in {@link #getPrivateKey}). 616 * 617 * <p> 618 * <strong>Note:</strong> If a certificate chain was explicitly specified when the alias was 619 * installed, this method will return that chain. If only the client certificate was specified 620 * at the installation time, this method will try to build a certificate chain using all 621 * available trust anchors (preinstalled and user-added). 622 * 623 * <p> This method may block while waiting for a connection to another process, and must never 624 * be called from the main thread. 625 * <p> As {@link Activity} and {@link Service} contexts are short-lived and can be destroyed 626 * at any time from the main thread, it is safer to rely on a long-lived context such as one 627 * returned from {@link Context#getApplicationContext()}. 628 * <p> In case the caller specifies an alias for which it lacks a grant, it must call 629 * {@link #choosePrivateKeyAlias} again. See {@link #getPrivateKey} for more details on 630 * coping with this scenario. 631 * 632 * @param alias The alias of the desired certificate chain, typically 633 * returned via {@link KeyChainAliasCallback#alias}. 634 * @throws KeyChainException if the alias was valid but there was some problem accessing it. 635 * @throws IllegalStateException if called from the main thread. 636 */ 637 @Nullable @WorkerThread getCertificateChain(@onNull Context context, @NonNull String alias)638 public static X509Certificate[] getCertificateChain(@NonNull Context context, 639 @NonNull String alias) throws KeyChainException, InterruptedException { 640 if (alias == null) { 641 throw new NullPointerException("alias == null"); 642 } 643 644 final byte[] certificateBytes; 645 final byte[] certChainBytes; 646 try (KeyChainConnection keyChainConnection = bind(context.getApplicationContext())) { 647 IKeyChainService keyChainService = keyChainConnection.getService(); 648 certificateBytes = keyChainService.getCertificate(alias); 649 if (certificateBytes == null) { 650 return null; 651 } 652 certChainBytes = keyChainService.getCaCertificates(alias); 653 } catch (RemoteException e) { 654 throw new KeyChainException(e); 655 } catch (RuntimeException e) { 656 // only certain RuntimeExceptions can be propagated across the IKeyChainService call 657 throw new KeyChainException(e); 658 } 659 660 try { 661 X509Certificate leafCert = toCertificate(certificateBytes); 662 // If the keypair is installed with a certificate chain by either 663 // DevicePolicyManager.installKeyPair or CertInstaller, return that chain. 664 if (certChainBytes != null && certChainBytes.length != 0) { 665 Collection<X509Certificate> chain = toCertificates(certChainBytes); 666 ArrayList<X509Certificate> fullChain = new ArrayList<>(chain.size() + 1); 667 fullChain.add(leafCert); 668 fullChain.addAll(chain); 669 return fullChain.toArray(new X509Certificate[fullChain.size()]); 670 } else { 671 // If there isn't a certificate chain, either due to a pre-existing keypair 672 // installed before N, or no chain is explicitly installed under the new logic, 673 // fall back to old behavior of constructing the chain from trusted credentials. 674 // 675 // This logic exists to maintain old behaviour for already installed keypair, at 676 // the cost of potentially returning extra certificate chain for new clients who 677 // explicitly installed only the client certificate without a chain. The latter 678 // case is actually no different from pre-N behaviour of getCertificateChain(), 679 // in that sense this change introduces no regression. Besides the returned chain 680 // is still valid so the consumer of the chain should have no problem verifying it. 681 TrustedCertificateStore store = new TrustedCertificateStore(); 682 List<X509Certificate> chain = store.getCertificateChain(leafCert); 683 return chain.toArray(new X509Certificate[chain.size()]); 684 } 685 } catch (CertificateException | RuntimeException e) { 686 throw new KeyChainException(e); 687 } 688 } 689 690 /** 691 * Returns {@code true} if the current device's {@code KeyChain} supports a 692 * specific {@code PrivateKey} type indicated by {@code algorithm} (e.g., 693 * "RSA"). 694 */ isKeyAlgorithmSupported( @onNull @eyProperties.KeyAlgorithmEnum String algorithm)695 public static boolean isKeyAlgorithmSupported( 696 @NonNull @KeyProperties.KeyAlgorithmEnum String algorithm) { 697 final String algUpper = algorithm.toUpperCase(Locale.US); 698 return KeyProperties.KEY_ALGORITHM_EC.equals(algUpper) 699 || KeyProperties.KEY_ALGORITHM_RSA.equals(algUpper); 700 } 701 702 /** 703 * Returns {@code true} if the current device's {@code KeyChain} binds any 704 * {@code PrivateKey} of the given {@code algorithm} to the device once 705 * imported or generated. This can be used to tell if there is special 706 * hardware support that can be used to bind keys to the device in a way 707 * that makes it non-exportable. 708 * 709 * @deprecated Whether the key is bound to the secure hardware is known only 710 * once the key has been imported. To find out, use: 711 * <pre>{@code 712 * PrivateKey key = ...; // private key from KeyChain 713 * 714 * KeyFactory keyFactory = 715 * KeyFactory.getInstance(key.getAlgorithm(), "AndroidKeyStore"); 716 * KeyInfo keyInfo = keyFactory.getKeySpec(key, KeyInfo.class); 717 * if (keyInfo.isInsideSecureHardware()) { 718 * // The key is bound to the secure hardware of this Android 719 * }}</pre> 720 */ 721 @Deprecated isBoundKeyAlgorithm( @onNull @eyProperties.KeyAlgorithmEnum String algorithm)722 public static boolean isBoundKeyAlgorithm( 723 @NonNull @KeyProperties.KeyAlgorithmEnum String algorithm) { 724 if (!isKeyAlgorithmSupported(algorithm)) { 725 return false; 726 } 727 728 return KeyStore.getInstance().isHardwareBacked(algorithm); 729 } 730 731 /** @hide */ 732 @NonNull toCertificate(@onNull byte[] bytes)733 public static X509Certificate toCertificate(@NonNull byte[] bytes) { 734 if (bytes == null) { 735 throw new IllegalArgumentException("bytes == null"); 736 } 737 try { 738 CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); 739 Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes)); 740 return (X509Certificate) cert; 741 } catch (CertificateException e) { 742 throw new AssertionError(e); 743 } 744 } 745 746 /** @hide */ 747 @NonNull toCertificates(@onNull byte[] bytes)748 public static Collection<X509Certificate> toCertificates(@NonNull byte[] bytes) { 749 if (bytes == null) { 750 throw new IllegalArgumentException("bytes == null"); 751 } 752 try { 753 CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); 754 return (Collection<X509Certificate>) certFactory.generateCertificates( 755 new ByteArrayInputStream(bytes)); 756 } catch (CertificateException e) { 757 throw new AssertionError(e); 758 } 759 } 760 761 /** 762 * @hide for reuse by CertInstaller and Settings. 763 * @see KeyChain#bind 764 */ 765 public static class KeyChainConnection implements Closeable { 766 private final Context context; 767 private final ServiceConnection serviceConnection; 768 private final IKeyChainService service; KeyChainConnection(Context context, ServiceConnection serviceConnection, IKeyChainService service)769 protected KeyChainConnection(Context context, 770 ServiceConnection serviceConnection, 771 IKeyChainService service) { 772 this.context = context; 773 this.serviceConnection = serviceConnection; 774 this.service = service; 775 } close()776 @Override public void close() { 777 context.unbindService(serviceConnection); 778 } getService()779 public IKeyChainService getService() { 780 return service; 781 } 782 } 783 784 /** 785 * @hide for reuse by CertInstaller and Settings. 786 * 787 * Caller should call unbindService on the result when finished. 788 */ 789 @WorkerThread bind(@onNull Context context)790 public static KeyChainConnection bind(@NonNull Context context) throws InterruptedException { 791 return bindAsUser(context, Process.myUserHandle()); 792 } 793 794 /** 795 * @hide 796 */ 797 @WorkerThread bindAsUser(@onNull Context context, UserHandle user)798 public static KeyChainConnection bindAsUser(@NonNull Context context, UserHandle user) 799 throws InterruptedException { 800 if (context == null) { 801 throw new NullPointerException("context == null"); 802 } 803 ensureNotOnMainThread(context); 804 final BlockingQueue<IKeyChainService> q = new LinkedBlockingQueue<IKeyChainService>(1); 805 ServiceConnection keyChainServiceConnection = new ServiceConnection() { 806 volatile boolean mConnectedAtLeastOnce = false; 807 @Override public void onServiceConnected(ComponentName name, IBinder service) { 808 if (!mConnectedAtLeastOnce) { 809 mConnectedAtLeastOnce = true; 810 try { 811 q.put(IKeyChainService.Stub.asInterface(Binder.allowBlocking(service))); 812 } catch (InterruptedException e) { 813 // will never happen, since the queue starts with one available slot 814 } 815 } 816 } 817 @Override public void onServiceDisconnected(ComponentName name) {} 818 }; 819 Intent intent = new Intent(IKeyChainService.class.getName()); 820 ComponentName comp = intent.resolveSystemService(context.getPackageManager(), 0); 821 intent.setComponent(comp); 822 if (comp == null || !context.bindServiceAsUser( 823 intent, keyChainServiceConnection, Context.BIND_AUTO_CREATE, user)) { 824 throw new AssertionError("could not bind to KeyChainService"); 825 } 826 return new KeyChainConnection(context, keyChainServiceConnection, q.take()); 827 } 828 ensureNotOnMainThread(@onNull Context context)829 private static void ensureNotOnMainThread(@NonNull Context context) { 830 Looper looper = Looper.myLooper(); 831 if (looper != null && looper == context.getMainLooper()) { 832 throw new IllegalStateException( 833 "calling this from your main thread can lead to deadlock"); 834 } 835 } 836 } 837