Vault example documents provider.

Example provider that encrypts both metadata and contents of documents stored inside. It shows advanced usage of new storage access APIs and hardware-backed key chain. Change-Id: I2cdf4e949be8471c3d8b4f45ec0681c9248ea09c
2013-10-31 11:25:31 -07:00
parent 4e5bae3461
commit 93de411538
12 changed files with 1588 additions and 0 deletions
--- a/samples/Vault/src/com/example/android/vault/SecretKeyWrapper.java
+++ b/samples/Vault/src/com/example/android/vault/SecretKeyWrapper.java
@@ -0,0 +1,114 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.android.vault;
+
+import android.content.Context;
+import android.security.KeyPairGeneratorSpec;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.GeneralSecurityException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.KeyStore;
+import java.util.Calendar;
+import java.util.GregorianCalendar;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.security.auth.x500.X500Principal;
+
+/**
+ * Wraps {@link SecretKey} instances using a public/private key pair stored in
+ * the platform {@link KeyStore}. This allows us to protect symmetric keys with
+ * hardware-backed crypto, if provided by the device.
+ * <p>
+ * See <a href="http://en.wikipedia.org/wiki/Key_Wrap">key wrapping</a> for more
+ * details.
+ * <p>
+ * Not inherently thread safe.
+ */
+public class SecretKeyWrapper {
+    private final Cipher mCipher;
+    private final KeyPair mPair;
+
+    /**
+     * Create a wrapper using the public/private key pair with the given alias.
+     * If no pair with that alias exists, it will be generated.
+     */
+    public SecretKeyWrapper(Context context, String alias)
+            throws GeneralSecurityException, IOException {
+        mCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+
+        final KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
+        keyStore.load(null);
+
+        if (!keyStore.containsAlias(alias)) {
+            generateKeyPair(context, alias);
+        }
+
+        // Even if we just generated the key, always read it back to ensure we
+        // can read it successfully.
+        final KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(
+                alias, null);
+        mPair = new KeyPair(entry.getCertificate().getPublicKey(), entry.getPrivateKey());
+    }
+
+    private static void generateKeyPair(Context context, String alias)
+            throws GeneralSecurityException {
+        final Calendar start = new GregorianCalendar();
+        final Calendar end = new GregorianCalendar();
+        end.add(Calendar.YEAR, 100);
+
+        final KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(context)
+                .setAlias(alias)
+                .setSubject(new X500Principal("CN=" + alias))
+                .setSerialNumber(BigInteger.ONE)
+                .setStartDate(start.getTime())
+                .setEndDate(end.getTime())
+                .build();
+
+        final KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
+        gen.initialize(spec);
+        gen.generateKeyPair();
+    }
+
+    /**
+     * Wrap a {@link SecretKey} using the public key assigned to this wrapper.
+     * Use {@link #unwrap(byte[])} to later recover the original
+     * {@link SecretKey}.
+     *
+     * @return a wrapped version of the given {@link SecretKey} that can be
+     *         safely stored on untrusted storage.
+     */
+    public byte[] wrap(SecretKey key) throws GeneralSecurityException {
+        mCipher.init(Cipher.WRAP_MODE, mPair.getPublic());
+        return mCipher.wrap(key);
+    }
+
+    /**
+     * Unwrap a {@link SecretKey} using the private key assigned to this
+     * wrapper.
+     *
+     * @param blob a wrapped {@link SecretKey} as previously returned by
+     *            {@link #wrap(SecretKey)}.
+     */
+    public SecretKey unwrap(byte[] blob) throws GeneralSecurityException {
+        mCipher.init(Cipher.UNWRAP_MODE, mPair.getPrivate());
+        return (SecretKey) mCipher.unwrap(blob, "AES", Cipher.SECRET_KEY);
+    }
+}