/* * Copyright (C) 2011 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.security; import static android.security.Credentials.ACTION_MANAGE_CREDENTIALS; import android.Manifest; import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.RequiresPermission; import android.annotation.SdkConstant; import android.annotation.SdkConstant.SdkConstantType; import android.annotation.SystemApi; import android.annotation.TestApi; import android.annotation.WorkerThread; import android.app.Activity; import android.app.PendingIntent; import android.app.Service; import android.content.ComponentName; import android.content.Context; import android.content.Intent; import android.content.ServiceConnection; import android.net.Uri; import android.os.Binder; import android.os.Handler; import android.os.IBinder; import android.os.Looper; import android.os.Process; import android.os.RemoteException; import android.os.UserHandle; import android.os.UserManager; import android.security.keystore.KeyPermanentlyInvalidatedException; import android.security.keystore.KeyProperties; import android.system.keystore2.Domain; import android.system.keystore2.KeyDescriptor; import android.util.Log; import com.android.org.conscrypt.TrustedCertificateStore; import java.io.ByteArrayInputStream; import java.io.Closeable; import java.io.Serializable; import java.security.KeyPair; import java.security.Principal; import java.security.PrivateKey; import java.security.UnrecoverableKeyException; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collection; import java.util.List; import java.util.Locale; import java.util.concurrent.CountDownLatch; import java.util.concurrent.atomic.AtomicReference; import javax.security.auth.x500.X500Principal; /** * The {@code KeyChain} class provides access to private keys and * their corresponding certificate chains in credential storage. * *

Applications accessing the {@code KeyChain} normally go through * these steps: * *

    * *
  1. Receive a callback from an {@link javax.net.ssl.X509KeyManager * X509KeyManager} that a private key is requested. * *
  2. Call {@link #choosePrivateKeyAlias * choosePrivateKeyAlias} to allow the user to select from a * list of currently available private keys and corresponding * certificate chains. The chosen alias will be returned by the * callback {@link KeyChainAliasCallback#alias}, or null if no private * key is available or the user cancels the request. * *
  3. Call {@link #getPrivateKey} and {@link #getCertificateChain} to * retrieve the credentials to return to the corresponding {@link * javax.net.ssl.X509KeyManager} callbacks. * *
* *

An application may remember the value of a selected alias to * avoid prompting the user with {@link #choosePrivateKeyAlias * choosePrivateKeyAlias} on subsequent connections. If the alias is * no longer valid, null will be returned on lookups using that value * *

An application can request the installation of private keys and * certificates via the {@code Intent} provided by {@link * #createInstallIntent}. Private keys installed via this {@code * Intent} will be accessible via {@link #choosePrivateKeyAlias} while * Certificate Authority (CA) certificates will be trusted by all * applications through the default {@code X509TrustManager}. */ // TODO reference intent for credential installation when public public final class KeyChain { /** * @hide */ public static final String LOG = "KeyChain"; /** * @hide Also used by KeyChainService implementation */ public static final String ACCOUNT_TYPE = "com.android.keychain"; /** * Package name for KeyChain chooser. */ private static final String KEYCHAIN_PACKAGE = "com.android.keychain"; /** * Action to bring up the KeyChainActivity */ private static final String ACTION_CHOOSER = "com.android.keychain.CHOOSER"; /** * Package name for the Certificate Installer. */ private static final String CERT_INSTALLER_PACKAGE = "com.android.certinstaller"; /** * Package name for Settings. */ private static final String SETTINGS_PACKAGE = "com.android.settings"; /** * Extra for use with {@link #ACTION_CHOOSER} * @hide Also used by KeyChainActivity implementation */ public static final String EXTRA_RESPONSE = "response"; /** * Extra for use with {@link #ACTION_CHOOSER} * @hide Also used by KeyChainActivity implementation */ public static final String EXTRA_URI = "uri"; /** * Extra for use with {@link #ACTION_CHOOSER} * @hide Also used by KeyChainActivity implementation */ public static final String EXTRA_ALIAS = "alias"; /** * Extra for use with {@link #ACTION_CHOOSER} * @hide Also used by KeyChainActivity implementation */ public static final String EXTRA_SENDER = "sender"; /** * Extra for use with {@link #ACTION_CHOOSER} * @hide Also used by KeyChainActivity implementation */ public static final String EXTRA_KEY_TYPES = "key_types"; /** * Extra for use with {@link #ACTION_CHOOSER} * @hide Also used by KeyChainActivity implementation */ public static final String EXTRA_ISSUERS = "issuers"; /** * Action to bring up the CertInstaller. */ private static final String ACTION_INSTALL = "android.credentials.INSTALL"; /** * Optional extra to specify a {@code String} credential name on * the {@code Intent} returned by {@link #createInstallIntent}. */ // Compatible with old com.android.certinstaller.CredentialHelper.CERT_NAME_KEY public static final String EXTRA_NAME = "name"; /** * Optional extra to specify an X.509 certificate to install on * the {@code Intent} returned by {@link #createInstallIntent}. * The extra value should be a PEM or ASN.1 DER encoded {@code * byte[]}. An {@link X509Certificate} can be converted to DER * encoded bytes with {@link X509Certificate#getEncoded}. * *

{@link #EXTRA_NAME} may be used to provide a default alias * name for the installed certificate. */ // Compatible with old android.security.Credentials.CERTIFICATE public static final String EXTRA_CERTIFICATE = "CERT"; /** * Optional extra for use with the {@code Intent} returned by * {@link #createInstallIntent} to specify a PKCS#12 key store to * install. The extra value should be a {@code byte[]}. The bytes * may come from an external source or be generated with {@link * java.security.KeyStore#store} on a "PKCS12" instance. * *

The user will be prompted for the password to load the key store. * *

The key store will be scanned for {@link * java.security.KeyStore.PrivateKeyEntry} entries and both the * private key and associated certificate chain will be installed. * *

{@link #EXTRA_NAME} may be used to provide a default alias * name for the installed credentials. */ // Compatible with old android.security.Credentials.PKCS12 public static final String EXTRA_PKCS12 = "PKCS12"; /** * Extra used by {@link #createManageCredentialsIntent(AppUriAuthenticationPolicy)} to specify * the authentication policy of the credential management app. * *

The authentication policy declares which alias for a private key and certificate pair * should be used for authentication, given a list of apps and URIs. * *

The extra value should be a {@link AppUriAuthenticationPolicy}. * * @hide */ public static final String EXTRA_AUTHENTICATION_POLICY = "android.security.extra.AUTHENTICATION_POLICY"; /** * Broadcast Action: Indicates the trusted storage has changed. Sent when * one of this happens: * *

* * @deprecated Use {@link #ACTION_KEYCHAIN_CHANGED}, {@link #ACTION_TRUST_STORE_CHANGED} or * {@link #ACTION_KEY_ACCESS_CHANGED}. Apps that target a version higher than * {@link android.os.Build.VERSION_CODES#N_MR1} will only receive this broadcast if they * register for it at runtime. */ @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) public static final String ACTION_STORAGE_CHANGED = "android.security.STORAGE_CHANGED"; /** * Broadcast Action: Indicates the contents of the keychain has changed. Sent when a KeyChain * entry is added, modified or removed. */ @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) public static final String ACTION_KEYCHAIN_CHANGED = "android.security.action.KEYCHAIN_CHANGED"; /** * Broadcast Action: Indicates the contents of the trusted certificate store has changed. Sent * when one the following occurs: * * */ @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) public static final String ACTION_TRUST_STORE_CHANGED = "android.security.action.TRUST_STORE_CHANGED"; /** * Broadcast Action: Indicates that the access permissions for a private key have changed. * */ @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) public static final String ACTION_KEY_ACCESS_CHANGED = "android.security.action.KEY_ACCESS_CHANGED"; /** * Used as a String extra field in {@link #ACTION_KEY_ACCESS_CHANGED} to supply the alias of * the key. */ public static final String EXTRA_KEY_ALIAS = "android.security.extra.KEY_ALIAS"; /** * Used as a boolean extra field in {@link #ACTION_KEY_ACCESS_CHANGED} to supply if the key is * accessible to the application. */ public static final String EXTRA_KEY_ACCESSIBLE = "android.security.extra.KEY_ACCESSIBLE"; /** * Indicates that a call to {@link #generateKeyPair} was successful. * @hide */ public static final int KEY_GEN_SUCCESS = 0; /** * An alias was missing from the key specifications when calling {@link #generateKeyPair}. * @hide */ public static final int KEY_GEN_MISSING_ALIAS = 1; /** * A key attestation challenge was provided to {@link #generateKeyPair}, but it shouldn't * have been provided. * @hide */ public static final int KEY_GEN_SUPERFLUOUS_ATTESTATION_CHALLENGE = 2; /** * Algorithm not supported by {@link #generateKeyPair} * @hide */ public static final int KEY_GEN_NO_SUCH_ALGORITHM = 3; /** * Invalid algorithm parameters when calling {@link #generateKeyPair} * @hide */ public static final int KEY_GEN_INVALID_ALGORITHM_PARAMETERS = 4; /** * Keystore is not available when calling {@link #generateKeyPair} * @hide */ public static final int KEY_GEN_NO_KEYSTORE_PROVIDER = 5; /** * StrongBox unavailable when calling {@link #generateKeyPair} * @hide */ public static final int KEY_GEN_STRONGBOX_UNAVAILABLE = 6; /** * General failure while calling {@link #generateKeyPair} * @hide */ public static final int KEY_GEN_FAILURE = 7; /** * Successful call to {@link #attestKey} * @hide */ public static final int KEY_ATTESTATION_SUCCESS = 0; /** * Attestation challenge missing when calling {@link #attestKey} * @hide */ public static final int KEY_ATTESTATION_MISSING_CHALLENGE = 1; /** * The caller requested Device ID attestation when calling {@link #attestKey}, but has no * permissions to get device identifiers. * @hide */ public static final int KEY_ATTESTATION_CANNOT_COLLECT_DATA = 2; /** * The underlying hardware does not support Device ID attestation or cannot attest to the * identifiers that are stored on the device. This indicates permanent inability * to get attestation records on the device. * @hide */ public static final int KEY_ATTESTATION_CANNOT_ATTEST_IDS = 3; /** * General failure when calling {@link #attestKey} * @hide */ public static final int KEY_ATTESTATION_FAILURE = 4; /** * Used by DPC or delegated app in * {@link android.app.admin.DeviceAdminReceiver#onChoosePrivateKeyAlias} or * {@link android.app.admin.DelegatedAdminReceiver#onChoosePrivateKeyAlias} to identify that * the requesting app is not granted access to any key, and nor will the user be able to grant * access manually. */ public static final String KEY_ALIAS_SELECTION_DENIED = "android:alias-selection-denied"; /** * Returns an {@code Intent} that can be used for credential * installation. The intent may be used without any extras, in * which case the user will be able to install credentials from * their own source. * *

Alternatively, {@link #EXTRA_CERTIFICATE} or {@link * #EXTRA_PKCS12} maybe used to specify the bytes of an X.509 * certificate or a PKCS#12 key store for installation. These * extras may be combined with {@link #EXTRA_NAME} to provide a * default alias name for credentials being installed. * *

When used with {@link Activity#startActivityForResult}, * {@link Activity#RESULT_OK} will be returned if a credential was * successfully installed, otherwise {@link * Activity#RESULT_CANCELED} will be returned. * *

Starting from {@link android.os.Build.VERSION_CODES#R}, the intent returned by this * method cannot be used for installing CA certificates. Since CA certificates can only be * installed via Settings, the app should provide the user with a file containing the * CA certificate. One way to do this would be to use the {@link android.provider.MediaStore} * API to write the certificate to the {@link android.provider.MediaStore.Downloads} * collection. */ @NonNull public static Intent createInstallIntent() { Intent intent = new Intent(ACTION_INSTALL); intent.setClassName(CERT_INSTALLER_PACKAGE, "com.android.certinstaller.CertInstallerMain"); return intent; } /** * Returns an {@code Intent} that should be used by an app to request to manage the user's * credentials. This is limited to unmanaged devices. The authentication policy must be * provided to be able to make this request successfully. * *

This intent should be started using {@link Activity#startActivityForResult(Intent, int)} * to verify whether the request was successful and whether the user accepted or denied the * request. If the user successfully receives and accepts the request, the result code will be * {@link Activity#RESULT_OK}, otherwise the result code will be * {@link Activity#RESULT_CANCELED}. * *

{@link KeyChain#isCredentialManagementApp(Context)} should be used to determine whether * an app is already the credential management app. * * @param policy The authentication policy determines which alias for a private key and * certificate pair should be used for authentication. */ @NonNull public static Intent createManageCredentialsIntent(@NonNull AppUriAuthenticationPolicy policy) { Intent intent = new Intent(ACTION_MANAGE_CREDENTIALS); intent.setComponent(ComponentName.createRelative(SETTINGS_PACKAGE, ".security.RequestManageCredentials")); intent.putExtra(EXTRA_AUTHENTICATION_POLICY, policy); return intent; } /** * Launches an {@code Activity} for the user to select the alias * for a private key and certificate pair for authentication. The * selected alias or null will be returned via the * KeyChainAliasCallback callback. * *

A device policy controller (as a device or profile owner) can * intercept the request before the activity is shown, to pick a * specific private key alias by implementing * {@link android.app.admin.DeviceAdminReceiver#onChoosePrivateKeyAlias * onChoosePrivateKeyAlias}. * *

{@code keyTypes} and {@code issuers} may be used to * narrow down suggested choices to the user. If either {@code keyTypes} * or {@code issuers} is specified and non-empty, and there are no * matching certificates in the KeyChain, then the certificate * selection prompt would be suppressed entirely. * *

{@code host} and {@code port} may be used to give the user * more context about the server requesting the credentials. * *

{@code alias} allows the caller to preselect an existing * alias which will still be subject to user confirmation. * * @param activity The {@link Activity} context to use for * launching the new sub-Activity to prompt the user to select * a private key; used only to call startActivity(); must not * be null. * @param response Callback to invoke when the request completes; * must not be null. * @param keyTypes The acceptable types of asymmetric keys such as * "RSA", "EC" or null. * @param issuers The acceptable certificate issuers for the * certificate matching the private key, or null. * @param host The host name of the server requesting the * certificate, or null if unavailable. * @param port The port number of the server requesting the * certificate, or -1 if unavailable. * @param alias The alias to preselect if available, or null if * unavailable. */ public static void choosePrivateKeyAlias(@NonNull Activity activity, @NonNull KeyChainAliasCallback response, @Nullable @KeyProperties.KeyAlgorithmEnum String[] keyTypes, @Nullable Principal[] issuers, @Nullable String host, int port, @Nullable String alias) { Uri uri = null; if (host != null) { uri = new Uri.Builder() .authority(host + (port != -1 ? ":" + port : "")) .build(); } choosePrivateKeyAlias(activity, response, keyTypes, issuers, uri, alias); } /** * Launches an {@code Activity} for the user to select the alias * for a private key and certificate pair for authentication. The * selected alias or null will be returned via the * KeyChainAliasCallback callback. * *

A device policy controller (as a device or profile owner) can * intercept the request before the activity is shown, to pick a * specific private key alias by implementing * {@link android.app.admin.DeviceAdminReceiver#onChoosePrivateKeyAlias * onChoosePrivateKeyAlias}. * *

{@code keyTypes} and {@code issuers} may be used to * narrow down suggested choices to the user. If either {@code keyTypes} * or {@code issuers} is specified and non-empty, and there are no * matching certificates in the KeyChain, then the certificate * selection prompt would be suppressed entirely. * *

{@code uri} may be used to give the user more context about * the server requesting the credentials. * *

{@code alias} allows the caller to preselect an existing * alias which will still be subject to user confirmation. * * @param activity The {@link Activity} context to use for * launching the new sub-Activity to prompt the user to select * a private key; used only to call startActivity(); must not * be null. * @param response Callback to invoke when the request completes; * must not be null. * @param keyTypes The acceptable types of asymmetric keys such as * "RSA", "EC" or null. * @param issuers The acceptable certificate issuers for the * certificate matching the private key, or null. * @param uri The full URI the server is requesting the certificate * for, or null if unavailable. * @param alias The alias to preselect if available, or null if * unavailable. * @throws IllegalArgumentException if the specified issuers are not * of type {@code X500Principal}. */ public static void choosePrivateKeyAlias(@NonNull Activity activity, @NonNull KeyChainAliasCallback response, @Nullable @KeyProperties.KeyAlgorithmEnum String[] keyTypes, @Nullable Principal[] issuers, @Nullable Uri uri, @Nullable String alias) { /* * Specifying keyTypes excludes certificates with different key types * from the list of certificates presented to the user. * In practice today, most servers would require RSA or EC * certificates. * * Specifying issuers narrows down the list by filtering out * certificates with issuers which are not matching the provided ones. * This has been reported to Chrome several times (crbug.com/731769). * There's no concrete description on what to do when the client has no * certificates that match the provided issuers. * To be conservative, Android will not present the user with any * certificates to choose from. * If the list of issuers is empty then the client may send any * certificate, see: * https://tools.ietf.org/html/rfc5246#section-7.4.4 */ if (activity == null) { throw new NullPointerException("activity == null"); } if (response == null) { throw new NullPointerException("response == null"); } Intent intent = new Intent(ACTION_CHOOSER); intent.setPackage(KEYCHAIN_PACKAGE); intent.putExtra(EXTRA_RESPONSE, new AliasResponse(response)); intent.putExtra(EXTRA_URI, uri); intent.putExtra(EXTRA_ALIAS, alias); intent.putExtra(EXTRA_KEY_TYPES, keyTypes); ArrayList issuersList = new ArrayList(); if (issuers != null) { for (Principal issuer: issuers) { // In a TLS client context (like Chrome), issuers would only // be specified as X500Principals. No other use cases for // specifying principals have been brought up. Under these // circumstances, only allow issuers specified as // X500Principals. if (!(issuer instanceof X500Principal)) { throw new IllegalArgumentException(String.format( "Issuer %s is of type %s, not X500Principal", issuer.toString(), issuer.getClass())); } // Pass the DER-encoded issuer as that's the most accurate // representation and what is sent over the wire. issuersList.add(((X500Principal) issuer).getEncoded()); } } intent.putExtra(EXTRA_ISSUERS, (Serializable) issuersList); // the PendingIntent is used to get calling package name intent.putExtra(EXTRA_SENDER, PendingIntent.getActivity(activity, 0, new Intent(), PendingIntent.FLAG_IMMUTABLE)); activity.startActivity(intent); } /** * Check whether the caller is the credential management app {@code CredentialManagementApp}. * The credential management app has the ability to manage the user's KeyChain credentials * on unmanaged devices. * *

{@link KeyChain#createManageCredentialsIntent} should be used by an app to request to * become the credential management app. The user must approve this request before the app can * manage the user's credentials. There can only be one credential management on the device. * * @return {@code true} if the caller is the credential management app. */ @WorkerThread public static boolean isCredentialManagementApp(@NonNull Context context) { boolean isCredentialManagementApp = false; try (KeyChainConnection keyChainConnection = KeyChain.bind(context)) { isCredentialManagementApp = keyChainConnection.getService() .isCredentialManagementApp(context.getPackageName()); } catch (RemoteException e) { e.rethrowAsRuntimeException(); } catch (InterruptedException e) { throw new RuntimeException("Interrupted while checking whether the caller is the " + "credential management app.", e); } catch (SecurityException e) { isCredentialManagementApp = false; } return isCredentialManagementApp; } /** * Called by the credential management app to get the authentication policy * {@link AppUriAuthenticationPolicy}. * * @return the credential management app's authentication policy. * @throws SecurityException if the caller is not the credential management app. */ @WorkerThread @NonNull public static AppUriAuthenticationPolicy getCredentialManagementAppPolicy( @NonNull Context context) throws SecurityException { AppUriAuthenticationPolicy policy = null; try (KeyChainConnection keyChainConnection = KeyChain.bind(context)) { policy = keyChainConnection.getService().getCredentialManagementAppPolicy(); } catch (RemoteException e) { e.rethrowAsRuntimeException(); } catch (InterruptedException e) { throw new RuntimeException( "Interrupted while getting credential management app policy.", e); } return policy; } /** * Set a credential management app. The credential management app has the ability to manage * the user's KeyChain credentials on unmanaged devices. * *

There can only be one credential management on the device. If another app requests to * become the credential management app, then the existing credential management app will * no longer be able to manage credentials. * * @param packageName The package name of the credential management app * @param authenticationPolicy The authentication policy of the credential management app. This * policy determines which alias for a private key and certificate * pair should be used for authentication. * @return {@code true} if the credential management app was successfully added. * @hide */ @TestApi @WorkerThread @RequiresPermission(Manifest.permission.MANAGE_CREDENTIAL_MANAGEMENT_APP) public static boolean setCredentialManagementApp(@NonNull Context context, @NonNull String packageName, @NonNull AppUriAuthenticationPolicy authenticationPolicy) { try (KeyChainConnection keyChainConnection = KeyChain.bind(context)) { keyChainConnection.getService() .setCredentialManagementApp(packageName, authenticationPolicy); return true; } catch (RemoteException | InterruptedException e) { Log.w(LOG, "Set credential management app failed", e); Thread.currentThread().interrupt(); return false; } } /** * Called by the credential management app {@code CredentialManagementApp} to unregister as * the credential management app and stop managing the user's credentials. * *

All credentials previously installed by the credential management app will be removed * from the user's device. * *

An app holding {@code MANAGE_CREDENTIAL_MANAGEMENT_APP} permission can also call this * method to remove the current credential management app, even if it's not the current * credential management app itself. * * @return {@code true} if the credential management app was successfully removed. */ @WorkerThread @RequiresPermission(value = Manifest.permission.MANAGE_CREDENTIAL_MANAGEMENT_APP, conditional = true) public static boolean removeCredentialManagementApp(@NonNull Context context) { try (KeyChainConnection keyChainConnection = KeyChain.bind(context)) { keyChainConnection.getService().removeCredentialManagementApp(); return true; } catch (RemoteException | InterruptedException e) { Log.w(LOG, "Remove credential management app failed", e); Thread.currentThread().interrupt(); return false; } } private static class AliasResponse extends IKeyChainAliasCallback.Stub { private final KeyChainAliasCallback keyChainAliasResponse; private AliasResponse(KeyChainAliasCallback keyChainAliasResponse) { this.keyChainAliasResponse = keyChainAliasResponse; } @Override public void alias(String alias) { keyChainAliasResponse.alias(alias); } } /** * Returns the {@code PrivateKey} for the requested alias, or null if the alias does not exist * or the caller has no permission to access it (see note on exceptions below). * *

This method may block while waiting for a connection to another process, and must never * be called from the main thread. *

As {@link Activity} and {@link Service} contexts are short-lived and can be destroyed * at any time from the main thread, it is safer to rely on a long-lived context such as one * returned from {@link Context#getApplicationContext()}. * *

If the caller provides a valid alias to which it was not granted access, then the * caller must invoke {@link #choosePrivateKeyAlias} again to get another valid alias * or a grant to access the same alias. *

On Android versions prior to Q, when a key associated with the specified alias is * unavailable, the method will throw a {@code KeyChainException} rather than return null. * If the exception's cause (as obtained by calling {@code KeyChainException.getCause()}) * is a throwable of type {@code IllegalStateException} then the caller lacks a grant * to access the key and certificates associated with this alias. * * @param alias The alias of the desired private key, typically returned via * {@link KeyChainAliasCallback#alias}. * @throws KeyChainException if the alias was valid but there was some problem accessing it. * @throws IllegalStateException if called from the main thread. */ @Nullable @WorkerThread public static PrivateKey getPrivateKey(@NonNull Context context, @NonNull String alias) throws KeyChainException, InterruptedException { KeyPair keyPair = getKeyPair(context, alias); if (keyPair != null) { return keyPair.getPrivate(); } return null; } /** * This prefix is used to disambiguate grant aliase strings from normal key alias strings. * Technically, a key alias string can use the same prefix. However, a collision does not * lead to privilege escalation, because grants are access controlled in the Keystore daemon. * @hide */ public static final String GRANT_ALIAS_PREFIX = "ks2_keychain_grant_id:"; private static KeyDescriptor getGrantDescriptor(String keyid) { KeyDescriptor result = new KeyDescriptor(); result.domain = Domain.GRANT; result.blob = null; result.alias = null; try { result.nspace = Long.parseUnsignedLong( keyid.substring(GRANT_ALIAS_PREFIX.length()), 16 /* radix */); } catch (NumberFormatException e) { return null; } return result; } /** @hide */ public static String getGrantString(KeyDescriptor key) { return String.format(GRANT_ALIAS_PREFIX + "%016X", key.nspace); } /** @hide */ @Nullable @WorkerThread public static KeyPair getKeyPair(@NonNull Context context, @NonNull String alias) throws KeyChainException, InterruptedException { if (alias == null) { throw new NullPointerException("alias == null"); } if (context == null) { throw new NullPointerException("context == null"); } final String keyId; try (KeyChainConnection keyChainConnection = bind(context.getApplicationContext())) { keyId = keyChainConnection.getService().requestPrivateKey(alias); } catch (RemoteException e) { throw new KeyChainException(e); } catch (RuntimeException e) { // only certain RuntimeExceptions can be propagated across the IKeyChainService call throw new KeyChainException(e); } if (keyId == null) { return null; } try { return android.security.keystore2.AndroidKeyStoreProvider .loadAndroidKeyStoreKeyPairFromKeystore( KeyStore2.getInstance(), getGrantDescriptor(keyId)); } catch (UnrecoverableKeyException | KeyPermanentlyInvalidatedException e) { throw new KeyChainException(e); } } /** * Returns the {@code X509Certificate} chain for the requested alias, or null if the alias * does not exist or the caller has no permission to access it (see note on exceptions * in {@link #getPrivateKey}). * *

* Note: If a certificate chain was explicitly specified when the alias was * installed, this method will return that chain. If only the client certificate was specified * at the installation time, this method will try to build a certificate chain using all * available trust anchors (preinstalled and user-added). * *

This method may block while waiting for a connection to another process, and must never * be called from the main thread. *

As {@link Activity} and {@link Service} contexts are short-lived and can be destroyed * at any time from the main thread, it is safer to rely on a long-lived context such as one * returned from {@link Context#getApplicationContext()}. *

In case the caller specifies an alias for which it lacks a grant, it must call * {@link #choosePrivateKeyAlias} again. See {@link #getPrivateKey} for more details on * coping with this scenario. * * @param alias The alias of the desired certificate chain, typically * returned via {@link KeyChainAliasCallback#alias}. * @throws KeyChainException if the alias was valid but there was some problem accessing it. * @throws IllegalStateException if called from the main thread. */ @Nullable @WorkerThread public static X509Certificate[] getCertificateChain(@NonNull Context context, @NonNull String alias) throws KeyChainException, InterruptedException { if (alias == null) { throw new NullPointerException("alias == null"); } final byte[] certificateBytes; final byte[] certChainBytes; try (KeyChainConnection keyChainConnection = bind(context.getApplicationContext())) { IKeyChainService keyChainService = keyChainConnection.getService(); certificateBytes = keyChainService.getCertificate(alias); if (certificateBytes == null) { return null; } certChainBytes = keyChainService.getCaCertificates(alias); } catch (RemoteException e) { throw new KeyChainException(e); } catch (RuntimeException e) { // only certain RuntimeExceptions can be propagated across the IKeyChainService call throw new KeyChainException(e); } try { X509Certificate leafCert = toCertificate(certificateBytes); // If the keypair is installed with a certificate chain by either // DevicePolicyManager.installKeyPair or CertInstaller, return that chain. if (certChainBytes != null && certChainBytes.length != 0) { Collection chain = toCertificates(certChainBytes); ArrayList fullChain = new ArrayList<>(chain.size() + 1); fullChain.add(leafCert); fullChain.addAll(chain); return fullChain.toArray(new X509Certificate[fullChain.size()]); } else { // If there isn't a certificate chain, either due to a pre-existing keypair // installed before N, or no chain is explicitly installed under the new logic, // fall back to old behavior of constructing the chain from trusted credentials. // // This logic exists to maintain old behaviour for already installed keypair, at // the cost of potentially returning extra certificate chain for new clients who // explicitly installed only the client certificate without a chain. The latter // case is actually no different from pre-N behaviour of getCertificateChain(), // in that sense this change introduces no regression. Besides the returned chain // is still valid so the consumer of the chain should have no problem verifying it. TrustedCertificateStore store = new TrustedCertificateStore(); List chain = store.getCertificateChain(leafCert); return chain.toArray(new X509Certificate[chain.size()]); } } catch (CertificateException | RuntimeException e) { throw new KeyChainException(e); } } /** * Returns {@code true} if the current device's {@code KeyChain} supports a * specific {@code PrivateKey} type indicated by {@code algorithm} (e.g., * "RSA"). */ public static boolean isKeyAlgorithmSupported( @NonNull @KeyProperties.KeyAlgorithmEnum String algorithm) { final String algUpper = algorithm.toUpperCase(Locale.US); return KeyProperties.KEY_ALGORITHM_EC.equals(algUpper) || KeyProperties.KEY_ALGORITHM_RSA.equals(algUpper); } /** * Returns {@code true} if the current device's {@code KeyChain} binds any * {@code PrivateKey} of the given {@code algorithm} to the device once * imported or generated. This can be used to tell if there is special * hardware support that can be used to bind keys to the device in a way * that makes it non-exportable. * * @deprecated Whether the key is bound to the secure hardware is known only * once the key has been imported. To find out, use: * 

{@code
     * PrivateKey key = ...; // private key from KeyChain
     *
     * KeyFactory keyFactory =
     *     KeyFactory.getInstance(key.getAlgorithm(), "AndroidKeyStore");
     * KeyInfo keyInfo = keyFactory.getKeySpec(key, KeyInfo.class);
     * if (keyInfo.isInsideSecureHardware()) {
     *     // The key is bound to the secure hardware of this Android
     * }}
*/ @Deprecated public static boolean isBoundKeyAlgorithm( @NonNull @KeyProperties.KeyAlgorithmEnum String algorithm) { // All supported algorithms are hardware backed. Individual keys may not be. return true; } /** @hide */ @NonNull public static X509Certificate toCertificate(@NonNull byte[] bytes) { if (bytes == null) { throw new IllegalArgumentException("bytes == null"); } try { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes)); return (X509Certificate) cert; } catch (CertificateException e) { throw new AssertionError(e); } } /** @hide */ @NonNull public static Collection toCertificates(@NonNull byte[] bytes) { if (bytes == null) { throw new IllegalArgumentException("bytes == null"); } try { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); return (Collection) certFactory.generateCertificates( new ByteArrayInputStream(bytes)); } catch (CertificateException e) { throw new AssertionError(e); } } /** * @hide for reuse by CertInstaller and Settings. * @see KeyChain#bind */ public static class KeyChainConnection implements Closeable { private final Context mContext; private final ServiceConnection mServiceConnection; private final IKeyChainService mService; protected KeyChainConnection(Context context, ServiceConnection serviceConnection, IKeyChainService service) { this.mContext = context; this.mServiceConnection = serviceConnection; this.mService = service; } @Override public void close() { mContext.unbindService(mServiceConnection); } /** returns the service binder. */ public IKeyChainService getService() { return mService; } } /** * Bind to KeyChainService in the current user. * Caller should call unbindService on the result when finished. * *@throws InterruptedException if interrupted during binding. *@throws AssertionError if unable to bind to KeyChainService. * @hide for reuse by CertInstaller and Settings. */ @WorkerThread public static KeyChainConnection bind(@NonNull Context context) throws InterruptedException { return bindAsUser(context, Process.myUserHandle()); } /** * Bind to KeyChainService in the target user. * Caller should call unbindService on the result when finished. * * @throws InterruptedException if interrupted during binding. * @throws AssertionError if unable to bind to KeyChainService. * @hide */ @WorkerThread public static KeyChainConnection bindAsUser(@NonNull Context context, UserHandle user) throws InterruptedException { return bindAsUser(context, null, user); } /** * Returns a persistable grant string that allows WiFi stack to access the key using Keystore * SSL engine. * * @return grant string or null if key is not granted or doesn't exist. * * The key should be granted to Process.WIFI_UID. * @hide */ @SystemApi @Nullable @WorkerThread public static String getWifiKeyGrantAsUser( @NonNull Context context, @NonNull UserHandle user, @NonNull String alias) { try (KeyChainConnection keyChainConnection = bindAsUser(context.getApplicationContext(), user)) { return keyChainConnection.getService().getWifiKeyGrantAsUser(alias); } catch (RemoteException | RuntimeException e) { Log.i(LOG, "Couldn't get grant for wifi", e); return null; } catch (InterruptedException e) { Thread.currentThread().interrupt(); Log.i(LOG, "Interrupted while getting grant for wifi", e); return null; } } /** * Returns whether the key is granted to WiFi stack. * @hide */ @SystemApi @WorkerThread public static boolean hasWifiKeyGrantAsUser( @NonNull Context context, @NonNull UserHandle user, @NonNull String alias) { try (KeyChainConnection keyChainConnection = bindAsUser(context.getApplicationContext(), user)) { return keyChainConnection.getService().hasGrant(Process.WIFI_UID, alias); } catch (RemoteException | RuntimeException e) { Log.i(LOG, "Couldn't query grant for wifi", e); return false; } catch (InterruptedException e) { Thread.currentThread().interrupt(); Log.i(LOG, "Interrupted while querying grant for wifi", e); return false; } } /** * Bind to KeyChainService in the target user. * Caller should call unbindService on the result when finished. * * @throws InterruptedException if interrupted during binding. * @throws AssertionError if unable to bind to KeyChainService. * @hide */ public static KeyChainConnection bindAsUser(@NonNull Context context, @Nullable Handler handler, UserHandle user) throws InterruptedException { if (context == null) { throw new NullPointerException("context == null"); } if (handler == null) { ensureNotOnMainThread(context); } if (!UserManager.get(context).isUserUnlocked(user)) { throw new IllegalStateException("User must be unlocked"); } final CountDownLatch countDownLatch = new CountDownLatch(1); final AtomicReference keyChainService = new AtomicReference<>(); ServiceConnection keyChainServiceConnection = new ServiceConnection() { volatile boolean mConnectedAtLeastOnce = false; @Override public void onServiceConnected(ComponentName name, IBinder service) { if (!mConnectedAtLeastOnce) { mConnectedAtLeastOnce = true; keyChainService.set( IKeyChainService.Stub.asInterface(Binder.allowBlocking(service))); countDownLatch.countDown(); } } @Override public void onBindingDied(ComponentName name) { if (!mConnectedAtLeastOnce) { mConnectedAtLeastOnce = true; countDownLatch.countDown(); } } @Override public void onServiceDisconnected(ComponentName name) {} }; Intent intent = new Intent(IKeyChainService.class.getName()); ComponentName comp = intent.resolveSystemService(context.getPackageManager(), 0); if (comp == null) { throw new AssertionError("could not resolve KeyChainService"); } intent.setComponent(comp); final boolean bindSucceed; if (handler != null) { bindSucceed = context.bindServiceAsUser( intent, keyChainServiceConnection, Context.BIND_AUTO_CREATE, handler, user); } else { bindSucceed = context.bindServiceAsUser( intent, keyChainServiceConnection, Context.BIND_AUTO_CREATE, user); } if (!bindSucceed) { context.unbindService(keyChainServiceConnection); throw new AssertionError("could not bind to KeyChainService"); } countDownLatch.await(); IKeyChainService service = keyChainService.get(); if (service != null) { return new KeyChainConnection(context, keyChainServiceConnection, service); } else { context.unbindService(keyChainServiceConnection); throw new AssertionError("KeyChainService died while binding"); } } private static void ensureNotOnMainThread(@NonNull Context context) { Looper looper = Looper.myLooper(); if (looper != null && looper == context.getMainLooper()) { throw new IllegalStateException( "calling this from your main thread can lead to deadlock"); } } }