• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2009 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.security;
18 
19 import android.content.ActivityNotFoundException;
20 import android.content.Context;
21 import android.content.Intent;
22 import android.util.Log;
23 import com.android.org.bouncycastle.openssl.PEMReader;
24 import com.android.org.bouncycastle.openssl.PEMWriter;
25 import java.io.ByteArrayInputStream;
26 import java.io.ByteArrayOutputStream;
27 import java.io.IOException;
28 import java.io.InputStreamReader;
29 import java.io.ObjectOutputStream;
30 import java.io.OutputStreamWriter;
31 import java.io.Reader;
32 import java.io.Writer;
33 import java.nio.charset.Charsets;
34 import java.security.KeyPair;
35 import java.security.cert.X509Certificate;
36 import java.util.ArrayList;
37 import java.util.List;
38 
39 /**
40  * {@hide}
41  */
42 public class Credentials {
43     private static final String LOGTAG = "Credentials";
44 
45     public static final String INSTALL_ACTION = "android.credentials.INSTALL";
46 
47     public static final String UNLOCK_ACTION = "com.android.credentials.UNLOCK";
48 
49     /** Key prefix for CA certificates. */
50     public static final String CA_CERTIFICATE = "CACERT_";
51 
52     /** Key prefix for user certificates. */
53     public static final String USER_CERTIFICATE = "USRCERT_";
54 
55     /** Key prefix for user private keys. */
56     public static final String USER_PRIVATE_KEY = "USRPKEY_";
57 
58     /** Key prefix for VPN. */
59     public static final String VPN = "VPN_";
60 
61     /** Key prefix for WIFI. */
62     public static final String WIFI = "WIFI_";
63 
64     /** Data type for public keys. */
65     public static final String EXTRA_PUBLIC_KEY = "KEY";
66 
67     /** Data type for private keys. */
68     public static final String EXTRA_PRIVATE_KEY = "PKEY";
69 
70     // historically used by Android
71     public static final String EXTENSION_CRT = ".crt";
72     public static final String EXTENSION_P12 = ".p12";
73     // commonly used on Windows
74     public static final String EXTENSION_CER = ".cer";
75     public static final String EXTENSION_PFX = ".pfx";
76 
77     /**
78      * Intent extra: name for the user's private key.
79      */
80     public static final String EXTRA_USER_PRIVATE_KEY_NAME = "user_private_key_name";
81 
82     /**
83      * Intent extra: data for the user's private key in PEM-encoded PKCS#8.
84      */
85     public static final String EXTRA_USER_PRIVATE_KEY_DATA = "user_private_key_data";
86 
87     /**
88      * Intent extra: name for the user's certificate.
89      */
90     public static final String EXTRA_USER_CERTIFICATE_NAME = "user_certificate_name";
91 
92     /**
93      * Intent extra: data for the user's certificate in PEM-encoded X.509.
94      */
95     public static final String EXTRA_USER_CERTIFICATE_DATA = "user_certificate_data";
96 
97     /**
98      * Intent extra: name for CA certificate chain
99      */
100     public static final String EXTRA_CA_CERTIFICATES_NAME = "ca_certificates_name";
101 
102     /**
103      * Intent extra: data for CA certificate chain in PEM-encoded X.509.
104      */
105     public static final String EXTRA_CA_CERTIFICATES_DATA = "ca_certificates_data";
106 
107     /**
108      * Convert objects to a PEM format, which is used for
109      * CA_CERTIFICATE, USER_CERTIFICATE, and USER_PRIVATE_KEY
110      * entries.
111      */
convertToPem(Object... objects)112     public static byte[] convertToPem(Object... objects) throws IOException {
113         ByteArrayOutputStream bao = new ByteArrayOutputStream();
114         Writer writer = new OutputStreamWriter(bao, Charsets.US_ASCII);
115         PEMWriter pw = new PEMWriter(writer);
116         for (Object o : objects) {
117             pw.writeObject(o);
118         }
119         pw.close();
120         return bao.toByteArray();
121     }
122     /**
123      * Convert objects from PEM format, which is used for
124      * CA_CERTIFICATE, USER_CERTIFICATE, and USER_PRIVATE_KEY
125      * entries.
126      */
convertFromPem(byte[] bytes)127     public static List<Object> convertFromPem(byte[] bytes) throws IOException {
128         ByteArrayInputStream bai = new ByteArrayInputStream(bytes);
129         Reader reader = new InputStreamReader(bai, Charsets.US_ASCII);
130         PEMReader pr = new PEMReader(reader);
131 
132         List<Object> result = new ArrayList<Object>();
133         Object o;
134         while ((o = pr.readObject()) != null) {
135             result.add(o);
136         }
137         pr.close();
138         return result;
139     }
140 
141     private static Credentials singleton;
142 
getInstance()143     public static Credentials getInstance() {
144         if (singleton == null) {
145             singleton = new Credentials();
146         }
147         return singleton;
148     }
149 
unlock(Context context)150     public void unlock(Context context) {
151         try {
152             Intent intent = new Intent(UNLOCK_ACTION);
153             context.startActivity(intent);
154         } catch (ActivityNotFoundException e) {
155             Log.w(LOGTAG, e.toString());
156         }
157     }
158 
install(Context context)159     public void install(Context context) {
160         try {
161             Intent intent = KeyChain.createInstallIntent();
162             context.startActivity(intent);
163         } catch (ActivityNotFoundException e) {
164             Log.w(LOGTAG, e.toString());
165         }
166     }
167 
install(Context context, KeyPair pair)168     public void install(Context context, KeyPair pair) {
169         try {
170             Intent intent = KeyChain.createInstallIntent();
171             intent.putExtra(EXTRA_PRIVATE_KEY, pair.getPrivate().getEncoded());
172             intent.putExtra(EXTRA_PUBLIC_KEY, pair.getPublic().getEncoded());
173             context.startActivity(intent);
174         } catch (ActivityNotFoundException e) {
175             Log.w(LOGTAG, e.toString());
176         }
177     }
178 
install(Context context, String type, byte[] value)179     public void install(Context context, String type, byte[] value) {
180         try {
181             Intent intent = KeyChain.createInstallIntent();
182             intent.putExtra(type, value);
183             context.startActivity(intent);
184         } catch (ActivityNotFoundException e) {
185             Log.w(LOGTAG, e.toString());
186         }
187     }
188 }
189