Merge "Unhide getKey() and importKey() and the whole class of RecoveryController. Added @RequiresPermission(android.permission.RECOVER_KEYSTORE) on all public APIs of RecoveryController." into pi-dev

2018-03-16 22:27:37 +00:00
parent 6344ffd4c9 c1742e5137
commit 3b0450d4a9
4 changed files with 24 additions and 9 deletions
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -4327,11 +4327,14 @@ package android.security.keystore.recovery {
    method public deprecated java.util.List<java.lang.String> getAliases(java.lang.String) throws android.security.keystore.recovery.InternalRecoveryServiceException;
    method public java.util.List<java.lang.String> getAliases() throws android.security.keystore.recovery.InternalRecoveryServiceException;
    method public static android.security.keystore.recovery.RecoveryController getInstance(android.content.Context);
+    method public java.security.Key getKey(java.lang.String) throws android.security.keystore.recovery.InternalRecoveryServiceException, java.security.UnrecoverableKeyException;
+    method public android.security.keystore.recovery.KeyChainSnapshot getKeyChainSnapshot() throws android.security.keystore.recovery.InternalRecoveryServiceException;
    method public int[] getPendingRecoverySecretTypes() throws android.security.keystore.recovery.InternalRecoveryServiceException;
    method public deprecated android.security.keystore.recovery.KeyChainSnapshot getRecoveryData() throws android.security.keystore.recovery.InternalRecoveryServiceException;
    method public int[] getRecoverySecretTypes() throws android.security.keystore.recovery.InternalRecoveryServiceException;
    method public deprecated int getRecoveryStatus(java.lang.String, java.lang.String) throws android.security.keystore.recovery.InternalRecoveryServiceException;
    method public int getRecoveryStatus(java.lang.String) throws android.security.keystore.recovery.InternalRecoveryServiceException;
+    method public java.security.Key importKey(java.lang.String, byte[]) throws android.security.keystore.recovery.InternalRecoveryServiceException, android.security.keystore.recovery.LockScreenRequiredException;
    method public deprecated void initRecoveryService(java.lang.String, byte[]) throws java.security.cert.CertificateException, android.security.keystore.recovery.InternalRecoveryServiceException;
    method public void initRecoveryService(java.lang.String, byte[], byte[]) throws java.security.cert.CertificateException, android.security.keystore.recovery.InternalRecoveryServiceException;
    method public void recoverySecretAvailable(android.security.keystore.recovery.KeyChainProtectionParams) throws android.security.keystore.recovery.InternalRecoveryServiceException;
--- a/core/java/android/security/keystore/recovery/KeyChainProtectionParams.java
+++ b/core/java/android/security/keystore/recovery/KeyChainProtectionParams.java
@@ -215,8 +215,8 @@ public final class KeyChainProtectionParams implements Parcelable {

        /**
         * Creates a new {@link KeyChainProtectionParams} instance.
-         * The instance will include default values, if {@link setSecret}
-         * or {@link setUserSecretType} were not called.
+         * The instance will include default values, if {@link #setSecret}
+         * or {@link #setUserSecretType} were not called.
         *
         * @return new instance
         * @throws NullPointerException if some required fields were not set.
--- a/core/java/android/security/keystore/recovery/KeyDerivationParams.java
+++ b/core/java/android/security/keystore/recovery/KeyDerivationParams.java
@@ -30,7 +30,7 @@ import java.lang.annotation.RetentionPolicy;

 /**
 * Collection of parameters which define a key derivation function.
- * Currently only supports salted SHA-256
+ * Currently only supports salted SHA-256.
 *
 * @hide
 */
--- a/core/java/android/security/keystore/recovery/RecoveryController.java
+++ b/core/java/android/security/keystore/recovery/RecoveryController.java
@@ -33,6 +33,7 @@ import com.android.internal.widget.ILockSettings;

 import java.security.Key;
 import java.security.UnrecoverableKeyException;
+import java.security.cert.CertPath;
 import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.List;
@@ -156,6 +157,7 @@ public class RecoveryController {
    /**
     * Gets a new instance of the class.
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public static RecoveryController getInstance(Context context) {
        ILockSettings lockSettings =
                ILockSettings.Stub.asInterface(ServiceManager.getService("lock_settings"));
@@ -245,8 +247,6 @@ public class RecoveryController {
     * @return Data necessary to recover keystore or {@code null} if snapshot is not available.
     * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
     *     service.
-     *
-     * @hide
     */
    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public @Nullable KeyChainSnapshot getKeyChainSnapshot()
@@ -288,7 +288,7 @@ public class RecoveryController {
    /**
     * Server parameters used to generate new recovery key blobs. This value will be included in
     * {@code KeyChainSnapshot.getEncryptedRecoveryKeyBlob()}. The same value must be included
-     * in vaultParams {@link #startRecoverySession}
+     * in vaultParams {@link RecoverySession#start(CertPath, byte[], byte[], List)}.
     *
     * @param serverParams included in recovery key blob.
     * @see #getRecoveryData
@@ -310,6 +310,7 @@ public class RecoveryController {
     * @deprecated Use {@link #getAliases()}.
     */
    @Deprecated
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public List<String> getAliases(@Nullable String packageName)
            throws InternalRecoveryServiceException {
        return getAliases();
@@ -318,6 +319,7 @@ public class RecoveryController {
    /**
     * Returns a list of aliases of keys belonging to the application.
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public List<String> getAliases() throws InternalRecoveryServiceException {
        try {
            Map<String, Integer> allStatuses = mBinder.getRecoveryStatus();
@@ -367,6 +369,7 @@ public class RecoveryController {
     * @deprecated Use {@link #getRecoveryStatus(String)}.
     */
    @Deprecated
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public int getRecoveryStatus(String packageName, String alias)
            throws InternalRecoveryServiceException {
        return getRecoveryStatus(alias);
@@ -385,6 +388,7 @@ public class RecoveryController {
     * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
     *     service.
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public int getRecoveryStatus(String alias) throws InternalRecoveryServiceException {
        try {
            Map<String, Integer> allStatuses = mBinder.getRecoveryStatus();
@@ -410,6 +414,7 @@ public class RecoveryController {
     * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
     *     service.
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public void setRecoverySecretTypes(
            @NonNull @KeyChainProtectionParams.UserSecretType int[] secretTypes)
            throws InternalRecoveryServiceException {
@@ -431,6 +436,7 @@ public class RecoveryController {
     * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
     *     service.
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public @NonNull @KeyChainProtectionParams.UserSecretType int[] getRecoverySecretTypes()
            throws InternalRecoveryServiceException {
        try {
@@ -452,6 +458,7 @@ public class RecoveryController {
     *     service.
     */
    @NonNull
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public @KeyChainProtectionParams.UserSecretType int[] getPendingRecoverySecretTypes()
            throws InternalRecoveryServiceException {
        try {
@@ -474,6 +481,7 @@ public class RecoveryController {
     * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
     *     service.
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public void recoverySecretAvailable(@NonNull KeyChainProtectionParams recoverySecret)
            throws InternalRecoveryServiceException {
        try {
@@ -498,6 +506,7 @@ public class RecoveryController {
     *     to generate recoverable keys, as the snapshots are encrypted using a key derived from the
     *     lock screen.
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public byte[] generateAndStoreKey(@NonNull String alias, byte[] account)
            throws InternalRecoveryServiceException, LockScreenRequiredException {
        try {
@@ -512,11 +521,11 @@ public class RecoveryController {
        }
    }

-    // TODO: Unhide the following APIs, generateKey(), importKey(), and getKey()
    /**
     * @deprecated Use {@link #generateKey(String)}.
     */
    @Deprecated
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public Key generateKey(@NonNull String alias, byte[] account)
            throws InternalRecoveryServiceException, LockScreenRequiredException {
        return generateKey(alias);
@@ -530,6 +539,7 @@ public class RecoveryController {
     * @throws LockScreenRequiredException if the user does not have a lock screen set. A lock
     *     screen is required to generate recoverable keys.
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public Key generateKey(@NonNull String alias) throws InternalRecoveryServiceException,
            LockScreenRequiredException {
        try {
@@ -562,8 +572,8 @@ public class RecoveryController {
     * @throws LockScreenRequiredException if the user does not have a lock screen set. A lock
     *     screen is required to generate recoverable keys.
     *
-     * @hide
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public Key importKey(@NonNull String alias, byte[] keyBytes)
            throws InternalRecoveryServiceException, LockScreenRequiredException {
        try {
@@ -595,8 +605,8 @@ public class RecoveryController {
     * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
     *     service.
     * @throws UnrecoverableKeyException if key is permanently invalidated or not found.
-     * @hide
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public @Nullable Key getKey(@NonNull String alias)
            throws InternalRecoveryServiceException, UnrecoverableKeyException {
        try {
@@ -622,6 +632,7 @@ public class RecoveryController {
     * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
     *     service.
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public void removeKey(@NonNull String alias) throws InternalRecoveryServiceException {
        try {
            mBinder.removeKey(alias);
@@ -637,6 +648,7 @@ public class RecoveryController {
     *
     * <p>A recovery session is required to restore keys from a remote store.
     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
    public RecoverySession createRecoverySession() {
        return RecoverySession.newInstance(this);
    }