1 /* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package android.security; 17 18 import android.app.Activity; 19 import android.app.PendingIntent; 20 import android.content.ComponentName; 21 import android.content.Context; 22 import android.content.Intent; 23 import android.content.ServiceConnection; 24 import android.os.IBinder; 25 import android.os.Looper; 26 import android.os.RemoteException; 27 import java.io.ByteArrayInputStream; 28 import java.io.Closeable; 29 import java.security.InvalidKeyException; 30 import java.security.Principal; 31 import java.security.PrivateKey; 32 import java.security.cert.Certificate; 33 import java.security.cert.CertificateException; 34 import java.security.cert.CertificateFactory; 35 import java.security.cert.X509Certificate; 36 import java.util.List; 37 import java.util.Locale; 38 import java.util.concurrent.BlockingQueue; 39 import java.util.concurrent.LinkedBlockingQueue; 40 41 import com.android.org.conscrypt.OpenSSLEngine; 42 import com.android.org.conscrypt.TrustedCertificateStore; 43 44 /** 45 * The {@code KeyChain} class provides access to private keys and 46 * their corresponding certificate chains in credential storage. 47 * 48 * <p>Applications accessing the {@code KeyChain} normally go through 49 * these steps: 50 * 51 * <ol> 52 * 53 * <li>Receive a callback from an {@link javax.net.ssl.X509KeyManager 54 * X509KeyManager} that a private key is requested. 55 * 56 * <li>Call {@link #choosePrivateKeyAlias 57 * choosePrivateKeyAlias} to allow the user to select from a 58 * list of currently available private keys and corresponding 59 * certificate chains. The chosen alias will be returned by the 60 * callback {@link KeyChainAliasCallback#alias}, or null if no private 61 * key is available or the user cancels the request. 62 * 63 * <li>Call {@link #getPrivateKey} and {@link #getCertificateChain} to 64 * retrieve the credentials to return to the corresponding {@link 65 * javax.net.ssl.X509KeyManager} callbacks. 66 * 67 * </ol> 68 * 69 * <p>An application may remember the value of a selected alias to 70 * avoid prompting the user with {@link #choosePrivateKeyAlias 71 * choosePrivateKeyAlias} on subsequent connections. If the alias is 72 * no longer valid, null will be returned on lookups using that value 73 * 74 * <p>An application can request the installation of private keys and 75 * certificates via the {@code Intent} provided by {@link 76 * #createInstallIntent}. Private keys installed via this {@code 77 * Intent} will be accessible via {@link #choosePrivateKeyAlias} while 78 * Certificate Authority (CA) certificates will be trusted by all 79 * applications through the default {@code X509TrustManager}. 80 */ 81 // TODO reference intent for credential installation when public 82 public final class KeyChain { 83 84 private static final String TAG = "KeyChain"; 85 86 /** 87 * @hide Also used by KeyChainService implementation 88 */ 89 public static final String ACCOUNT_TYPE = "com.android.keychain"; 90 91 /** 92 * Action to bring up the KeyChainActivity 93 */ 94 private static final String ACTION_CHOOSER = "com.android.keychain.CHOOSER"; 95 96 /** 97 * Extra for use with {@link #ACTION_CHOOSER} 98 * @hide Also used by KeyChainActivity implementation 99 */ 100 public static final String EXTRA_RESPONSE = "response"; 101 102 /** 103 * Extra for use with {@link #ACTION_CHOOSER} 104 * @hide Also used by KeyChainActivity implementation 105 */ 106 public static final String EXTRA_HOST = "host"; 107 108 /** 109 * Extra for use with {@link #ACTION_CHOOSER} 110 * @hide Also used by KeyChainActivity implementation 111 */ 112 public static final String EXTRA_PORT = "port"; 113 114 /** 115 * Extra for use with {@link #ACTION_CHOOSER} 116 * @hide Also used by KeyChainActivity implementation 117 */ 118 public static final String EXTRA_ALIAS = "alias"; 119 120 /** 121 * Extra for use with {@link #ACTION_CHOOSER} 122 * @hide Also used by KeyChainActivity implementation 123 */ 124 public static final String EXTRA_SENDER = "sender"; 125 126 /** 127 * Action to bring up the CertInstaller. 128 */ 129 private static final String ACTION_INSTALL = "android.credentials.INSTALL"; 130 131 /** 132 * Optional extra to specify a {@code String} credential name on 133 * the {@code Intent} returned by {@link #createInstallIntent}. 134 */ 135 // Compatible with old com.android.certinstaller.CredentialHelper.CERT_NAME_KEY 136 public static final String EXTRA_NAME = "name"; 137 138 /** 139 * Optional extra to specify an X.509 certificate to install on 140 * the {@code Intent} returned by {@link #createInstallIntent}. 141 * The extra value should be a PEM or ASN.1 DER encoded {@code 142 * byte[]}. An {@link X509Certificate} can be converted to DER 143 * encoded bytes with {@link X509Certificate#getEncoded}. 144 * 145 * <p>{@link #EXTRA_NAME} may be used to provide a default alias 146 * name for the installed certificate. 147 */ 148 // Compatible with old android.security.Credentials.CERTIFICATE 149 public static final String EXTRA_CERTIFICATE = "CERT"; 150 151 /** 152 * Optional extra for use with the {@code Intent} returned by 153 * {@link #createInstallIntent} to specify a PKCS#12 key store to 154 * install. The extra value should be a {@code byte[]}. The bytes 155 * may come from an external source or be generated with {@link 156 * java.security.KeyStore#store} on a "PKCS12" instance. 157 * 158 * <p>The user will be prompted for the password to load the key store. 159 * 160 * <p>The key store will be scanned for {@link 161 * java.security.KeyStore.PrivateKeyEntry} entries and both the 162 * private key and associated certificate chain will be installed. 163 * 164 * <p>{@link #EXTRA_NAME} may be used to provide a default alias 165 * name for the installed credentials. 166 */ 167 // Compatible with old android.security.Credentials.PKCS12 168 public static final String EXTRA_PKCS12 = "PKCS12"; 169 170 171 /** 172 * Broadcast Action: Indicates the trusted storage has changed. Sent when 173 * one of this happens: 174 * 175 * <ul> 176 * <li>a new CA is added, 177 * <li>an existing CA is removed or disabled, 178 * <li>a disabled CA is enabled, 179 * <li>trusted storage is reset (all user certs are cleared), 180 * <li>when permission to access a private key is changed. 181 * </ul> 182 */ 183 public static final String ACTION_STORAGE_CHANGED = "android.security.STORAGE_CHANGED"; 184 185 /** 186 * Returns an {@code Intent} that can be used for credential 187 * installation. The intent may be used without any extras, in 188 * which case the user will be able to install credentials from 189 * their own source. 190 * 191 * <p>Alternatively, {@link #EXTRA_CERTIFICATE} or {@link 192 * #EXTRA_PKCS12} maybe used to specify the bytes of an X.509 193 * certificate or a PKCS#12 key store for installation. These 194 * extras may be combined with {@link #EXTRA_NAME} to provide a 195 * default alias name for credentials being installed. 196 * 197 * <p>When used with {@link Activity#startActivityForResult}, 198 * {@link Activity#RESULT_OK} will be returned if a credential was 199 * successfully installed, otherwise {@link 200 * Activity#RESULT_CANCELED} will be returned. 201 */ createInstallIntent()202 public static Intent createInstallIntent() { 203 Intent intent = new Intent(ACTION_INSTALL); 204 intent.setClassName("com.android.certinstaller", 205 "com.android.certinstaller.CertInstallerMain"); 206 return intent; 207 } 208 209 /** 210 * Launches an {@code Activity} for the user to select the alias 211 * for a private key and certificate pair for authentication. The 212 * selected alias or null will be returned via the 213 * KeyChainAliasCallback callback. 214 * 215 * <p>{@code keyTypes} and {@code issuers} may be used to 216 * highlight suggested choices to the user, although to cope with 217 * sometimes erroneous values provided by servers, the user may be 218 * able to override these suggestions. 219 * 220 * <p>{@code host} and {@code port} may be used to give the user 221 * more context about the server requesting the credentials. 222 * 223 * <p>{@code alias} allows the chooser to preselect an existing 224 * alias which will still be subject to user confirmation. 225 * 226 * @param activity The {@link Activity} context to use for 227 * launching the new sub-Activity to prompt the user to select 228 * a private key; used only to call startActivity(); must not 229 * be null. 230 * @param response Callback to invoke when the request completes; 231 * must not be null 232 * @param keyTypes The acceptable types of asymmetric keys such as 233 * "RSA" or "DSA", or a null array. 234 * @param issuers The acceptable certificate issuers for the 235 * certificate matching the private key, or null. 236 * @param host The host name of the server requesting the 237 * certificate, or null if unavailable. 238 * @param port The port number of the server requesting the 239 * certificate, or -1 if unavailable. 240 * @param alias The alias to preselect if available, or null if 241 * unavailable. 242 */ choosePrivateKeyAlias(Activity activity, KeyChainAliasCallback response, String[] keyTypes, Principal[] issuers, String host, int port, String alias)243 public static void choosePrivateKeyAlias(Activity activity, KeyChainAliasCallback response, 244 String[] keyTypes, Principal[] issuers, 245 String host, int port, 246 String alias) { 247 /* 248 * TODO currently keyTypes, issuers are unused. They are meant 249 * to follow the semantics and purpose of X509KeyManager 250 * method arguments. 251 * 252 * keyTypes would allow the list to be filtered and typically 253 * will be set correctly by the server. In practice today, 254 * most all users will want only RSA, rarely DSA, and usually 255 * only a small number of certs will be available. 256 * 257 * issuers is typically not useful. Some servers historically 258 * will send the entire list of public CAs known to the 259 * server. Others will send none. If this is used, if there 260 * are no matches after applying the constraint, it should be 261 * ignored. 262 */ 263 if (activity == null) { 264 throw new NullPointerException("activity == null"); 265 } 266 if (response == null) { 267 throw new NullPointerException("response == null"); 268 } 269 Intent intent = new Intent(ACTION_CHOOSER); 270 intent.putExtra(EXTRA_RESPONSE, new AliasResponse(response)); 271 intent.putExtra(EXTRA_HOST, host); 272 intent.putExtra(EXTRA_PORT, port); 273 intent.putExtra(EXTRA_ALIAS, alias); 274 // the PendingIntent is used to get calling package name 275 intent.putExtra(EXTRA_SENDER, PendingIntent.getActivity(activity, 0, new Intent(), 0)); 276 activity.startActivity(intent); 277 } 278 279 private static class AliasResponse extends IKeyChainAliasCallback.Stub { 280 private final KeyChainAliasCallback keyChainAliasResponse; AliasResponse(KeyChainAliasCallback keyChainAliasResponse)281 private AliasResponse(KeyChainAliasCallback keyChainAliasResponse) { 282 this.keyChainAliasResponse = keyChainAliasResponse; 283 } alias(String alias)284 @Override public void alias(String alias) { 285 keyChainAliasResponse.alias(alias); 286 } 287 } 288 289 /** 290 * Returns the {@code PrivateKey} for the requested alias, or null 291 * if no there is no result. 292 * 293 * @param alias The alias of the desired private key, typically 294 * returned via {@link KeyChainAliasCallback#alias}. 295 * @throws KeyChainException if the alias was valid but there was some problem accessing it. 296 */ getPrivateKey(Context context, String alias)297 public static PrivateKey getPrivateKey(Context context, String alias) 298 throws KeyChainException, InterruptedException { 299 if (alias == null) { 300 throw new NullPointerException("alias == null"); 301 } 302 KeyChainConnection keyChainConnection = bind(context); 303 try { 304 final IKeyChainService keyChainService = keyChainConnection.getService(); 305 final String keyId = keyChainService.requestPrivateKey(alias); 306 if (keyId == null) { 307 throw new KeyChainException("keystore had a problem"); 308 } 309 310 final OpenSSLEngine engine = OpenSSLEngine.getInstance("keystore"); 311 return engine.getPrivateKeyById(keyId); 312 } catch (RemoteException e) { 313 throw new KeyChainException(e); 314 } catch (RuntimeException e) { 315 // only certain RuntimeExceptions can be propagated across the IKeyChainService call 316 throw new KeyChainException(e); 317 } catch (InvalidKeyException e) { 318 throw new KeyChainException(e); 319 } finally { 320 keyChainConnection.close(); 321 } 322 } 323 324 /** 325 * Returns the {@code X509Certificate} chain for the requested 326 * alias, or null if no there is no result. 327 * 328 * @param alias The alias of the desired certificate chain, typically 329 * returned via {@link KeyChainAliasCallback#alias}. 330 * @throws KeyChainException if the alias was valid but there was some problem accessing it. 331 */ getCertificateChain(Context context, String alias)332 public static X509Certificate[] getCertificateChain(Context context, String alias) 333 throws KeyChainException, InterruptedException { 334 if (alias == null) { 335 throw new NullPointerException("alias == null"); 336 } 337 KeyChainConnection keyChainConnection = bind(context); 338 try { 339 IKeyChainService keyChainService = keyChainConnection.getService(); 340 341 final byte[] certificateBytes = keyChainService.getCertificate(alias); 342 if (certificateBytes == null) { 343 return null; 344 } 345 346 TrustedCertificateStore store = new TrustedCertificateStore(); 347 List<X509Certificate> chain = store 348 .getCertificateChain(toCertificate(certificateBytes)); 349 return chain.toArray(new X509Certificate[chain.size()]); 350 } catch (CertificateException e) { 351 throw new KeyChainException(e); 352 } catch (RemoteException e) { 353 throw new KeyChainException(e); 354 } catch (RuntimeException e) { 355 // only certain RuntimeExceptions can be propagated across the IKeyChainService call 356 throw new KeyChainException(e); 357 } finally { 358 keyChainConnection.close(); 359 } 360 } 361 362 /** 363 * Returns {@code true} if the current device's {@code KeyChain} supports a 364 * specific {@code PrivateKey} type indicated by {@code algorithm} (e.g., 365 * "RSA"). 366 */ isKeyAlgorithmSupported(String algorithm)367 public static boolean isKeyAlgorithmSupported(String algorithm) { 368 final String algUpper = algorithm.toUpperCase(Locale.US); 369 return "DSA".equals(algUpper) || "EC".equals(algUpper) || "RSA".equals(algUpper); 370 } 371 372 /** 373 * Returns {@code true} if the current device's {@code KeyChain} binds any 374 * {@code PrivateKey} of the given {@code algorithm} to the device once 375 * imported or generated. This can be used to tell if there is special 376 * hardware support that can be used to bind keys to the device in a way 377 * that makes it non-exportable. 378 */ isBoundKeyAlgorithm(String algorithm)379 public static boolean isBoundKeyAlgorithm(String algorithm) { 380 if (!isKeyAlgorithmSupported(algorithm)) { 381 return false; 382 } 383 384 return KeyStore.getInstance().isHardwareBacked(algorithm); 385 } 386 toCertificate(byte[] bytes)387 private static X509Certificate toCertificate(byte[] bytes) { 388 if (bytes == null) { 389 throw new IllegalArgumentException("bytes == null"); 390 } 391 try { 392 CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); 393 Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes)); 394 return (X509Certificate) cert; 395 } catch (CertificateException e) { 396 throw new AssertionError(e); 397 } 398 } 399 400 /** 401 * @hide for reuse by CertInstaller and Settings. 402 * @see KeyChain#bind 403 */ 404 public final static class KeyChainConnection implements Closeable { 405 private final Context context; 406 private final ServiceConnection serviceConnection; 407 private final IKeyChainService service; KeyChainConnection(Context context, ServiceConnection serviceConnection, IKeyChainService service)408 private KeyChainConnection(Context context, 409 ServiceConnection serviceConnection, 410 IKeyChainService service) { 411 this.context = context; 412 this.serviceConnection = serviceConnection; 413 this.service = service; 414 } close()415 @Override public void close() { 416 context.unbindService(serviceConnection); 417 } getService()418 public IKeyChainService getService() { 419 return service; 420 } 421 } 422 423 /** 424 * @hide for reuse by CertInstaller and Settings. 425 * 426 * Caller should call unbindService on the result when finished. 427 */ bind(Context context)428 public static KeyChainConnection bind(Context context) throws InterruptedException { 429 if (context == null) { 430 throw new NullPointerException("context == null"); 431 } 432 ensureNotOnMainThread(context); 433 final BlockingQueue<IKeyChainService> q = new LinkedBlockingQueue<IKeyChainService>(1); 434 ServiceConnection keyChainServiceConnection = new ServiceConnection() { 435 volatile boolean mConnectedAtLeastOnce = false; 436 @Override public void onServiceConnected(ComponentName name, IBinder service) { 437 if (!mConnectedAtLeastOnce) { 438 mConnectedAtLeastOnce = true; 439 try { 440 q.put(IKeyChainService.Stub.asInterface(service)); 441 } catch (InterruptedException e) { 442 // will never happen, since the queue starts with one available slot 443 } 444 } 445 } 446 @Override public void onServiceDisconnected(ComponentName name) {} 447 }; 448 Intent intent = new Intent(IKeyChainService.class.getName()); 449 ComponentName comp = intent.resolveSystemService(context.getPackageManager(), 0); 450 intent.setComponent(comp); 451 boolean isBound = context.bindService(intent, 452 keyChainServiceConnection, 453 Context.BIND_AUTO_CREATE); 454 if (!isBound) { 455 throw new AssertionError("could not bind to KeyChainService"); 456 } 457 return new KeyChainConnection(context, keyChainServiceConnection, q.take()); 458 } 459 ensureNotOnMainThread(Context context)460 private static void ensureNotOnMainThread(Context context) { 461 Looper looper = Looper.myLooper(); 462 if (looper != null && looper == context.getMainLooper()) { 463 throw new IllegalStateException( 464 "calling this from your main thread can lead to deadlock"); 465 } 466 } 467 } 468