• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.security.keystore2;
18 
19 import android.annotation.NonNull;
20 import android.security.KeyStoreSecurityLevel;
21 import android.security.keystore.ArrayUtils;
22 import android.system.keystore2.KeyDescriptor;
23 import android.system.keystore2.KeyMetadata;
24 
25 import java.security.PublicKey;
26 import java.util.Arrays;
27 
28 /**
29  * {@link PublicKey} backed by Android Keystore.
30  *
31  * @hide
32  */
33 public abstract class AndroidKeyStorePublicKey extends AndroidKeyStoreKey implements PublicKey {
34     private final byte[] mCertificate;
35     private final byte[] mCertificateChain;
36     private final byte[] mEncoded;
37 
AndroidKeyStorePublicKey(@onNull KeyDescriptor descriptor, @NonNull KeyMetadata metadata, @NonNull byte[] x509EncodedForm, @NonNull String algorithm, @NonNull KeyStoreSecurityLevel securityLevel)38     public AndroidKeyStorePublicKey(@NonNull KeyDescriptor descriptor,
39             @NonNull KeyMetadata metadata, @NonNull byte[] x509EncodedForm,
40             @NonNull String algorithm, @NonNull KeyStoreSecurityLevel securityLevel) {
41         super(descriptor, metadata.key.nspace, metadata.authorizations, algorithm, securityLevel);
42         mCertificate = metadata.certificate;
43         mCertificateChain = metadata.certificateChain;
44         mEncoded = x509EncodedForm;
45     }
46 
47     /**
48      * Returns the byte array encoding of the certificate corresponding to this public key.
49      * @hide
50      */
getCertificate()51     public byte[] getCertificate() {
52         return mCertificate;
53     }
54 
55     /**
56      * Returns the byte array encoding of the certificate chain for this public key.
57      * @hide
58      */
getCertificateChain()59     public byte[] getCertificateChain() {
60         return mCertificateChain;
61     }
62 
getPrivateKey()63     abstract AndroidKeyStorePrivateKey getPrivateKey();
64 
65     @Override
getFormat()66     public String getFormat() {
67         return "X.509";
68     }
69 
70     @Override
getEncoded()71     public byte[] getEncoded() {
72         return ArrayUtils.cloneIfNotEmpty(mEncoded);
73     }
74 
75     @Override
hashCode()76     public int hashCode() {
77         final int prime = 31;
78         int result = 1;
79 
80         result = prime * result + super.hashCode();
81         result = prime * result + Arrays.hashCode(mCertificate);
82         result = prime * result + Arrays.hashCode(mCertificateChain);
83 
84         return result;
85     }
86 
87     @Override
equals(Object obj)88     public boolean equals(Object obj) {
89         if (this == obj) {
90             return true;
91         }
92         if (!super.equals(obj)) {
93             return false;
94         }
95 
96         /*
97          * getClass().equals(ojb.getClass()) is implied by the call to super.equals() above. This
98          * means we can cast obj to AndroidKeyStorePublicKey here.
99          */
100         final AndroidKeyStorePublicKey other = (AndroidKeyStorePublicKey) obj;
101 
102         return Arrays.equals(mCertificate, other.mCertificate) && Arrays.equals(mCertificateChain,
103                 other.mCertificateChain);
104     }
105 }
106