diff options
Diffstat (limited to 'keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java')
| -rw-r--r-- | keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java b/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java index d174cbf..ea5d91b 100644 --- a/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java +++ b/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java @@ -38,6 +38,7 @@ import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.Date; import java.util.Enumeration; +import java.util.List; import javax.crypto.spec.SecretKeySpec; import javax.security.auth.x500.X500Principal; @@ -53,6 +54,9 @@ public class KeyStoreUtil { public static final int KM_VERSION_KEYMASTER_4_1 = 41; public static final int KM_VERSION_KEYMINT_1 = 100; + private static final List kmSupportedDigests = List.of("md5","sha-1","sha-224","sha-384", + "sha-256","sha-512"); + public static KeyStore saveKeysToKeystore(String alias, PublicKey pubKey, PrivateKey privKey, KeyProtection keyProtection) throws Exception { KeyPair keyPair = new KeyPair(pubKey, privKey); @@ -100,13 +104,26 @@ public class KeyStoreUtil { TestUtils.assumeStrongBox(); } - public static boolean isStrongBoxSupportDigest(String digest) { - return digest.equalsIgnoreCase("sha-1") - || digest.equalsIgnoreCase("sha-256"); + public static boolean isSupportedDigest(String digest, boolean isStrongBox) { + if (isStrongBox) { + return digest.equalsIgnoreCase("sha-256"); + } + return kmSupportedDigests.contains(digest.toLowerCase()); + } + + public static boolean isSupportedMgfDigest(String digest, boolean isStrongBox) { + if (isStrongBox) { + return digest.equalsIgnoreCase("sha-1") + || digest.equalsIgnoreCase("sha-256"); + } + return kmSupportedDigests.contains(digest.toLowerCase()); } - public static boolean isStrongBoxSupportKeySize(int keySize) { - return keySize == 2048; + public static boolean isSupportedRsaKeySize(int keySize, boolean isStrongBox) { + if (isStrongBox) { + return keySize == 2048; + } + return keySize == 2048 || keySize == 3072 || keySize == 4096; } public static X509Certificate createCertificate( |