Fix RSA key attestation

app/src/main/java/io/github/vvb2060/keyattestation/home/HomeViewModel.kt

@@ -41,7 +41,7 @@ class HomeViewModel(
         }
     }
 
-    private val attestationRepository = AttestationRepository(KeyStoreKeyType.ECDSA)
+    private val attestationRepository = AttestationRepository()
     private val attestationData = MutableLiveData<Resource<BaseData>>()
 
     var secretMode = sp.getBoolean("secret_mode", true)

app/src/main/java/io/github/vvb2060/keyattestation/keystore/AndroidKeyStore.java

@@ -37,6 +37,7 @@
 import java.security.spec.ECGenParameterSpec;
 import java.util.Arrays;
 import java.util.Date;
+import java.util.HashMap;
 import java.util.Objects;
 
 import javax.security.auth.x500.X500Principal;
@@ -47,27 +48,19 @@
 
 public class AndroidKeyStore extends IAndroidKeyStore.Stub {
     private final KeyStore keyStore;
-    private final KeyPairGenerator keyPairGenerator;
+    private final HashMap<Byte,KeyPairGenerator> keyPairGenerators = new HashMap<>();
     private int clientUid = -1;
 
-    public AndroidKeyStore(byte keyStoreKeyType) throws Exception {
+    public AndroidKeyStore() throws Exception {
         if (Os.geteuid() < Process.FIRST_APPLICATION_UID) {
             fixEnv();
             var pm = ActivityThread.currentApplication().getPackageManager();
             clientUid = pm.getApplicationInfo(BuildConfig.APPLICATION_ID, 0).uid;
         }
         keyStore = KeyStore.getInstance("AndroidKeyStore");
         keyStore.load(null);
-        keyPairGenerator = switch (keyStoreKeyType){
-            case KeyStoreKeyType.ECDSA ->
-                KeyPairGenerator.getInstance(
-                        KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore");
-            case KeyStoreKeyType.RSA ->
-                KeyPairGenerator.getInstance(
-                        KeyProperties.KEY_ALGORITHM_RSA, "AndroidKeyStore");
-            default ->
-                throw new IllegalStateException("Unimplemented KeyStore type: " + keyStoreKeyType);
-        };
+        keyPairGenerators.put(KeyStoreKeyType.ECDSA, KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore"));
+        keyPairGenerators.put(KeyStoreKeyType.RSA, KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, "AndroidKeyStore"));
     }
 
     private static void fixEnv() throws Exception {
@@ -279,6 +272,8 @@ public byte[] generateKeyPair(String alias,
         var params = (KeyGenParameterSpec) genParameter(alias, attestKeyAlias, useStrongBox,
                 includeProps, uniqueIdIncluded, keyStoreKeyType, flagsToArray(idFlags));
         try {
+            var keyPairGenerator = keyPairGenerators.get(keyStoreKeyType);
+            assert keyPairGenerator != null;
             keyPairGenerator.initialize(params);
             keyPairGenerator.generateKeyPair();
             if (useSak) {

app/src/main/java/io/github/vvb2060/keyattestation/repository/AttestationRepository.java

@@ -41,8 +41,8 @@ public class AttestationRepository {
     private final List<X509Certificate> currentCerts;
     private IAndroidKeyStore keyStore;
 
-    public AttestationRepository(byte keyStoreKeyType) throws Exception {
-        localKeyStore = new AndroidKeyStore(keyStoreKeyType);
+    public AttestationRepository() throws Exception {
+        localKeyStore = new AndroidKeyStore();
         factory = CertificateFactory.getInstance("X.509");
         currentCerts = new ArrayList<>();
         keyStore = localKeyStore;