/**
* Adds a cryptographic file (User certificate, a CA certificate or PKCS#12 keychain) through the
* system's CertInstaller activity.
*
* @param context: current application context.
* @param file_type: cryptographic file type. E.g. CertificateMimeType.X509_USER_CERT
* @param data: certificate/keychain data bytes.
* @return true on success, false on failure.
* <p>Note that failure only indicates that the function couldn't launch the CertInstaller
* activity, not that the certificate/keychain was properly installed to the keystore.
*/
@CalledByNative
public static boolean storeCertificate(Context context, int cert_type, byte[] data) {
try {
Intent intent = KeyChain.createInstallIntent();
intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
switch (cert_type) {
case CertificateMimeType.X509_USER_CERT:
case CertificateMimeType.X509_CA_CERT:
intent.putExtra(KeyChain.EXTRA_CERTIFICATE, data);
break;
case CertificateMimeType.PKCS12_ARCHIVE:
intent.putExtra(KeyChain.EXTRA_PKCS12, data);
break;
default:
Log.w(TAG, "invalid certificate type: " + cert_type);
return false;
}
context.startActivity(intent);
return true;
} catch (ActivityNotFoundException e) {
Log.w(TAG, "could not store crypto file: " + e);
}
return false;
}
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
Intent intent = KeyChain.createInstallIntent();
byte[] p12;
try {
p12 = getkeystoreData();
intent.putExtra(KeyChain.EXTRA_PKCS12, p12);
startActivity(intent);
Log.i(TAG, "done");
} catch (IOException e) {
Log.i(TAG, e.getMessage());
}
}
/**
* Stores the key pair through the CertInstaller activity.
*
* @param context: current application context.
* @param public_key: The public key bytes as DER-encoded SubjectPublicKeyInfo (X.509)
* @param private_key: The private key as DER-encoded PrivateKeyInfo (PKCS#8).
* @return: true on success, false on failure.
* <p>Note that failure means that the function could not launch the CertInstaller activity.
* Whether the keys are valid or properly installed will be indicated by the CertInstaller UI
* itself.
*/
@CalledByNative
public static boolean storeKeyPair(Context context, byte[] public_key, byte[] private_key) {
// TODO(digit): Use KeyChain official extra values to pass the public and private
// keys when they're available. The "KEY" and "PKEY" hard-coded constants were taken
// from the platform sources, since there are no official KeyChain.EXTRA_XXX definitions
// for them. b/5859651
try {
Intent intent = KeyChain.createInstallIntent();
intent.putExtra("PKEY", private_key);
intent.putExtra("KEY", public_key);
intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
context.startActivity(intent);
return true;
} catch (ActivityNotFoundException e) {
Log.w(TAG, "could not store key pair: " + e);
}
return false;
}