public abstract class KeymasterUtils extends Object
Modifier and Type | Method and Description |
---|---|
static void |
addMinMacLengthAuthorizationIfNecessary(KeymasterArguments args,
int keymasterAlgorithm,
int[] keymasterBlockModes,
int[] keymasterDigests)
Adds
KM_TAG_MIN_MAC_LENGTH tag, if necessary, to the keymaster arguments for
generating or importing a key. |
static void |
addUserAuthArgs(KeymasterArguments args,
boolean userAuthenticationRequired,
int userAuthenticationValidityDurationSeconds,
boolean userAuthenticationValidWhileOnBody,
boolean invalidatedByBiometricEnrollment)
Adds keymaster arguments to express the key's authorization policy supported by user
authentication.
|
static int |
getDigestOutputSizeBits(int keymasterDigest) |
static boolean |
isKeymasterBlockModeIndCpaCompatibleWithSymmetricCrypto(int keymasterBlockMode) |
static boolean |
isKeymasterPaddingSchemeIndCpaCompatibleWithAsymmetricCrypto(int keymasterPadding) |
public static int getDigestOutputSizeBits(int keymasterDigest)
public static boolean isKeymasterBlockModeIndCpaCompatibleWithSymmetricCrypto(int keymasterBlockMode)
public static boolean isKeymasterPaddingSchemeIndCpaCompatibleWithAsymmetricCrypto(int keymasterPadding)
public static void addUserAuthArgs(KeymasterArguments args, boolean userAuthenticationRequired, int userAuthenticationValidityDurationSeconds, boolean userAuthenticationValidWhileOnBody, boolean invalidatedByBiometricEnrollment)
userAuthenticationRequired
- whether user authentication is required to authorize the
use of the key.userAuthenticationValidityDurationSeconds
- duration of time (seconds) for which user
authentication is valid as authorization for using the key or -1
if every
use of the key needs authorization.IllegalStateException
- if user authentication is required but the system is in a wrong
state (e.g., secure lock screen not set up) for generating or importing keys that
require user authentication.public static void addMinMacLengthAuthorizationIfNecessary(KeymasterArguments args, int keymasterAlgorithm, int[] keymasterBlockModes, int[] keymasterDigests)
KM_TAG_MIN_MAC_LENGTH
tag, if necessary, to the keymaster arguments for
generating or importing a key. This tag may only be needed for symmetric keys (e.g., HMAC,
AES-GCM).