Merge "Remove implementation of deprecated RecoveryController methods." into pi-dev
This commit is contained in:
TreeHugger Robot
committed by
Android (Google) Code Review
Android (Google) Code Review
commit
5291268754
@@ -71,7 +71,6 @@ public final class KeyChainSnapshot implements Parcelable {
|
||||
private int mMaxAttempts = DEFAULT_MAX_ATTEMPTS;
|
||||
private long mCounterId = DEFAULT_COUNTER_ID;
|
||||
private byte[] mServerParams;
|
||||
private byte[] mPublicKey; // The raw public key bytes used
|
||||
private RecoveryCertPath mCertPath; // The cert path including necessary intermediate certs
|
||||
private List<KeyChainProtectionParams> mKeyChainProtectionParams;
|
||||
private List<WrappedApplicationKey> mEntryRecoveryData;
|
||||
@@ -123,7 +122,7 @@ public final class KeyChainSnapshot implements Parcelable {
|
||||
*/
|
||||
@Deprecated
|
||||
public @NonNull byte[] getTrustedHardwarePublicKey() {
|
||||
return mPublicKey;
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -228,12 +227,11 @@ public final class KeyChainSnapshot implements Parcelable {
|
||||
*
|
||||
* @param publicKey The public key
|
||||
* @return This builder.
|
||||
* @deprecated Use {@link #setTrustedHardwareCertPath} instead.
|
||||
* @removed Use {@link #setTrustedHardwareCertPath} instead.
|
||||
*/
|
||||
@Deprecated
|
||||
public Builder setTrustedHardwarePublicKey(byte[] publicKey) {
|
||||
mInstance.mPublicKey = publicKey;
|
||||
return this;
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -313,7 +311,6 @@ public final class KeyChainSnapshot implements Parcelable {
|
||||
out.writeInt(mMaxAttempts);
|
||||
out.writeLong(mCounterId);
|
||||
out.writeByteArray(mServerParams);
|
||||
out.writeByteArray(mPublicKey);
|
||||
out.writeTypedObject(mCertPath, /* no flags */ 0);
|
||||
}
|
||||
|
||||
@@ -328,7 +325,6 @@ public final class KeyChainSnapshot implements Parcelable {
|
||||
mMaxAttempts = in.readInt();
|
||||
mCounterId = in.readLong();
|
||||
mServerParams = in.createByteArray();
|
||||
mPublicKey = in.createByteArray();
|
||||
mCertPath = in.readTypedObject(RecoveryCertPath.CREATOR);
|
||||
}
|
||||
|
||||
|
||||
@@ -309,17 +309,7 @@ public class RecoveryController {
|
||||
public void initRecoveryService(
|
||||
@NonNull String rootCertificateAlias, @NonNull byte[] signedPublicKeyList)
|
||||
throws CertificateException, InternalRecoveryServiceException {
|
||||
try {
|
||||
mBinder.initRecoveryService(rootCertificateAlias, signedPublicKeyList);
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
} catch (ServiceSpecificException e) {
|
||||
if (e.errorCode == ERROR_BAD_CERTIFICATE_FORMAT
|
||||
|| e.errorCode == ERROR_INVALID_CERTIFICATE) {
|
||||
throw new CertificateException("Invalid certificate for recovery service", e);
|
||||
}
|
||||
throw wrapUnexpectedServiceSpecificException(e);
|
||||
}
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -379,7 +369,7 @@ public class RecoveryController {
|
||||
@Deprecated
|
||||
@RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
|
||||
public @Nullable KeyChainSnapshot getRecoveryData() throws InternalRecoveryServiceException {
|
||||
return getKeyChainSnapshot();
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -457,7 +447,7 @@ public class RecoveryController {
|
||||
@RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
|
||||
public List<String> getAliases(@Nullable String packageName)
|
||||
throws InternalRecoveryServiceException {
|
||||
return getAliases();
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -484,7 +474,7 @@ public class RecoveryController {
|
||||
public void setRecoveryStatus(
|
||||
@NonNull String packageName, String alias, int status)
|
||||
throws NameNotFoundException, InternalRecoveryServiceException {
|
||||
setRecoveryStatus(alias, status);
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -518,7 +508,7 @@ public class RecoveryController {
|
||||
@RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
|
||||
public int getRecoveryStatus(String packageName, String alias)
|
||||
throws InternalRecoveryServiceException {
|
||||
return getRecoveryStatus(alias);
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -623,7 +613,7 @@ public class RecoveryController {
|
||||
@RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
|
||||
public Key generateKey(@NonNull String alias, byte[] account)
|
||||
throws InternalRecoveryServiceException, LockScreenRequiredException {
|
||||
return generateKey(alias);
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -89,24 +89,7 @@ public class RecoverySession implements AutoCloseable {
|
||||
@NonNull byte[] vaultChallenge,
|
||||
@NonNull List<KeyChainProtectionParams> secrets)
|
||||
throws CertificateException, InternalRecoveryServiceException {
|
||||
try {
|
||||
byte[] recoveryClaim =
|
||||
mRecoveryController.getBinder().startRecoverySession(
|
||||
mSessionId,
|
||||
verifierPublicKey,
|
||||
vaultParams,
|
||||
vaultChallenge,
|
||||
secrets);
|
||||
return recoveryClaim;
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
} catch (ServiceSpecificException e) {
|
||||
if (e.errorCode == RecoveryController.ERROR_BAD_CERTIFICATE_FORMAT
|
||||
|| e.errorCode == RecoveryController.ERROR_INVALID_CERTIFICATE) {
|
||||
throw new CertificateException("Invalid certificate for recovery session", e);
|
||||
}
|
||||
throw mRecoveryController.wrapUnexpectedServiceSpecificException(e);
|
||||
}
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -121,28 +104,7 @@ public class RecoverySession implements AutoCloseable {
|
||||
@NonNull byte[] vaultChallenge,
|
||||
@NonNull List<KeyChainProtectionParams> secrets)
|
||||
throws CertificateException, InternalRecoveryServiceException {
|
||||
// Wrap the CertPath in a Parcelable so it can be passed via Binder calls.
|
||||
RecoveryCertPath recoveryCertPath =
|
||||
RecoveryCertPath.createRecoveryCertPath(verifierCertPath);
|
||||
try {
|
||||
byte[] recoveryClaim =
|
||||
mRecoveryController.getBinder().startRecoverySessionWithCertPath(
|
||||
mSessionId,
|
||||
/*rootCertificateAlias=*/ "", // Use the default root cert
|
||||
recoveryCertPath,
|
||||
vaultParams,
|
||||
vaultChallenge,
|
||||
secrets);
|
||||
return recoveryClaim;
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
} catch (ServiceSpecificException e) {
|
||||
if (e.errorCode == RecoveryController.ERROR_BAD_CERTIFICATE_FORMAT
|
||||
|| e.errorCode == RecoveryController.ERROR_INVALID_CERTIFICATE) {
|
||||
throw new CertificateException("Invalid certificate for recovery session", e);
|
||||
}
|
||||
throw mRecoveryController.wrapUnexpectedServiceSpecificException(e);
|
||||
}
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -210,20 +172,7 @@ public class RecoverySession implements AutoCloseable {
|
||||
@NonNull List<WrappedApplicationKey> applicationKeys)
|
||||
throws SessionExpiredException, DecryptionFailedException,
|
||||
InternalRecoveryServiceException {
|
||||
try {
|
||||
return (Map<String, byte[]>) mRecoveryController.getBinder().recoverKeys(
|
||||
mSessionId, recoveryKeyBlob, applicationKeys);
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
} catch (ServiceSpecificException e) {
|
||||
if (e.errorCode == RecoveryController.ERROR_DECRYPTION_FAILED) {
|
||||
throw new DecryptionFailedException(e.getMessage());
|
||||
}
|
||||
if (e.errorCode == RecoveryController.ERROR_SESSION_EXPIRED) {
|
||||
throw new SessionExpiredException(e.getMessage());
|
||||
}
|
||||
throw mRecoveryController.wrapUnexpectedServiceSpecificException(e);
|
||||
}
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -80,7 +80,7 @@ public final class WrappedApplicationKey implements Parcelable {
|
||||
*/
|
||||
@Deprecated
|
||||
public Builder setAccount(@NonNull byte[] account) {
|
||||
return this;
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -139,7 +139,7 @@ public final class WrappedApplicationKey implements Parcelable {
|
||||
*/
|
||||
@Deprecated
|
||||
public @NonNull byte[] getAccount() {
|
||||
return new byte[0];
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
public static final Parcelable.Creator<WrappedApplicationKey> CREATOR =
|
||||
|
||||
@@ -57,7 +57,6 @@ interface ILockSettings {
|
||||
// Keystore RecoveryController methods.
|
||||
// {@code ServiceSpecificException} may be thrown to signal an error, which caller can
|
||||
// convert to {@code RecoveryManagerException}.
|
||||
void initRecoveryService(in String rootCertificateAlias, in byte[] signedPublicKeyList);
|
||||
void initRecoveryServiceWithSigFile(in String rootCertificateAlias,
|
||||
in byte[] recoveryServiceCertFile, in byte[] recoveryServiceSigFile);
|
||||
KeyChainSnapshot getKeyChainSnapshot();
|
||||
@@ -71,14 +70,9 @@ interface ILockSettings {
|
||||
Map getRecoveryStatus();
|
||||
void setRecoverySecretTypes(in int[] secretTypes);
|
||||
int[] getRecoverySecretTypes();
|
||||
byte[] startRecoverySession(in String sessionId,
|
||||
in byte[] verifierPublicKey, in byte[] vaultParams, in byte[] vaultChallenge,
|
||||
in List<KeyChainProtectionParams> secrets);
|
||||
byte[] startRecoverySessionWithCertPath(in String sessionId, in String rootCertificateAlias,
|
||||
in RecoveryCertPath verifierCertPath, in byte[] vaultParams, in byte[] vaultChallenge,
|
||||
in List<KeyChainProtectionParams> secrets);
|
||||
Map/*<String, byte[]>*/ recoverKeys(in String sessionId, in byte[] recoveryKeyBlob,
|
||||
in List<WrappedApplicationKey> applicationKeys);
|
||||
Map/*<String, String>*/ recoverKeyChainSnapshot(
|
||||
in String sessionId,
|
||||
in byte[] recoveryKeyBlob,
|
||||
|
||||
@@ -1979,13 +1979,6 @@ public class LockSettingsService extends ILockSettings.Stub {
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void initRecoveryService(@NonNull String rootCertificateAlias,
|
||||
@NonNull byte[] signedPublicKeyList) throws RemoteException {
|
||||
mRecoverableKeyStoreManager.initRecoveryService(rootCertificateAlias,
|
||||
signedPublicKeyList);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void initRecoveryServiceWithSigFile(@NonNull String rootCertificateAlias,
|
||||
@NonNull byte[] recoveryServiceCertFile, @NonNull byte[] recoveryServiceSigFile)
|
||||
@@ -2032,15 +2025,6 @@ public class LockSettingsService extends ILockSettings.Stub {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public byte[] startRecoverySession(@NonNull String sessionId,
|
||||
@NonNull byte[] verifierPublicKey, @NonNull byte[] vaultParams,
|
||||
@NonNull byte[] vaultChallenge, @NonNull List<KeyChainProtectionParams> secrets)
|
||||
throws RemoteException {
|
||||
return mRecoverableKeyStoreManager.startRecoverySession(sessionId, verifierPublicKey,
|
||||
vaultParams, vaultChallenge, secrets);
|
||||
}
|
||||
|
||||
@Override
|
||||
public @NonNull byte[] startRecoverySessionWithCertPath(@NonNull String sessionId,
|
||||
@NonNull String rootCertificateAlias, @NonNull RecoveryCertPath verifierCertPath,
|
||||
@@ -2052,11 +2036,6 @@ public class LockSettingsService extends ILockSettings.Stub {
|
||||
secrets);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void closeSession(@NonNull String sessionId) throws RemoteException {
|
||||
mRecoverableKeyStoreManager.closeSession(sessionId);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Map<String, String> recoverKeyChainSnapshot(
|
||||
@NonNull String sessionId,
|
||||
@@ -2067,10 +2046,8 @@ public class LockSettingsService extends ILockSettings.Stub {
|
||||
}
|
||||
|
||||
@Override
|
||||
public @NonNull Map<String, byte[]> recoverKeys(@NonNull String sessionId,
|
||||
@NonNull byte[] recoveryKeyBlob, @NonNull List<WrappedApplicationKey> applicationKeys)
|
||||
throws RemoteException {
|
||||
return mRecoverableKeyStoreManager.recoverKeys(sessionId, recoveryKeyBlob, applicationKeys);
|
||||
public void closeSession(@NonNull String sessionId) throws RemoteException {
|
||||
mRecoverableKeyStoreManager.closeSession(sessionId);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -167,9 +167,10 @@ public class RecoverableKeyStoreManager {
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated Use {@link #initRecoveryServiceWithSigFile(String, byte[], byte[])} instead.
|
||||
* Used by {@link #initRecoveryServiceWithSigFile(String, byte[], byte[])}.
|
||||
*/
|
||||
public void initRecoveryService(
|
||||
@VisibleForTesting
|
||||
void initRecoveryService(
|
||||
@NonNull String rootCertificateAlias, @NonNull byte[] recoveryServiceCertFile)
|
||||
throws RemoteException {
|
||||
checkRecoverKeyStorePermission();
|
||||
@@ -444,7 +445,8 @@ public class RecoverableKeyStoreManager {
|
||||
*
|
||||
* @hide
|
||||
*/
|
||||
public @NonNull byte[] startRecoverySession(
|
||||
@VisibleForTesting
|
||||
@NonNull byte[] startRecoverySession(
|
||||
@NonNull String sessionId,
|
||||
@NonNull byte[] verifierPublicKey,
|
||||
@NonNull byte[] vaultParams,
|
||||
@@ -550,45 +552,6 @@ public class RecoverableKeyStoreManager {
|
||||
sessionId, verifierPublicKey, vaultParams, vaultChallenge, secrets);
|
||||
}
|
||||
|
||||
/**
|
||||
* Invoked by a recovery agent after a successful recovery claim is sent to the remote vault
|
||||
* service.
|
||||
*
|
||||
* @param sessionId The session ID used to generate the claim. See
|
||||
* {@link #startRecoverySession(String, byte[], byte[], byte[], List)}.
|
||||
* @param encryptedRecoveryKey The encrypted recovery key blob returned by the remote vault
|
||||
* service.
|
||||
* @param applicationKeys The encrypted key blobs returned by the remote vault service. These
|
||||
* were wrapped with the recovery key.
|
||||
* @return Map from alias to raw key material.
|
||||
* @throws RemoteException if an error occurred recovering the keys.
|
||||
*/
|
||||
public @NonNull Map<String, byte[]> recoverKeys(
|
||||
@NonNull String sessionId,
|
||||
@NonNull byte[] encryptedRecoveryKey,
|
||||
@NonNull List<WrappedApplicationKey> applicationKeys)
|
||||
throws RemoteException {
|
||||
checkRecoverKeyStorePermission();
|
||||
Preconditions.checkNotNull(sessionId, "invalid session");
|
||||
Preconditions.checkNotNull(encryptedRecoveryKey, "encryptedRecoveryKey is null");
|
||||
Preconditions.checkNotNull(applicationKeys, "encryptedRecoveryKey is null");
|
||||
int uid = Binder.getCallingUid();
|
||||
RecoverySessionStorage.Entry sessionEntry = mRecoverySessionStorage.get(uid, sessionId);
|
||||
if (sessionEntry == null) {
|
||||
throw new ServiceSpecificException(ERROR_SESSION_EXPIRED,
|
||||
String.format(Locale.US,
|
||||
"Application uid=%d does not have pending session '%s'", uid, sessionId));
|
||||
}
|
||||
|
||||
try {
|
||||
byte[] recoveryKey = decryptRecoveryKey(sessionEntry, encryptedRecoveryKey);
|
||||
return recoverApplicationKeys(recoveryKey, applicationKeys);
|
||||
} finally {
|
||||
sessionEntry.destroy();
|
||||
mRecoverySessionStorage.remove(uid);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Invoked by a recovery agent after a successful recovery claim is sent to the remote vault
|
||||
* service.
|
||||
|
||||
@@ -164,9 +164,9 @@ public class KeyChainSnapshotSerializerTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void serialize_doesNotThrowForNullPublicKey() throws Exception {
|
||||
public void serialize_doesNotThrowForTestSnapshot() throws Exception {
|
||||
KeyChainSnapshotSerializer.serialize(
|
||||
createTestKeyChainSnapshotNoPublicKey(), new ByteArrayOutputStream());
|
||||
createTestKeyChainSnapshot(), new ByteArrayOutputStream());
|
||||
}
|
||||
|
||||
private static List<WrappedApplicationKey> roundTripKeys() throws Exception {
|
||||
@@ -198,19 +198,6 @@ public class KeyChainSnapshotSerializerTest {
|
||||
.build();
|
||||
}
|
||||
|
||||
private static KeyChainSnapshot createTestKeyChainSnapshotNoPublicKey() throws Exception {
|
||||
return new KeyChainSnapshot.Builder()
|
||||
.setCounterId(COUNTER_ID)
|
||||
.setSnapshotVersion(SNAPSHOT_VERSION)
|
||||
.setServerParams(SERVER_PARAMS)
|
||||
.setMaxAttempts(MAX_ATTEMPTS)
|
||||
.setEncryptedRecoveryKeyBlob(KEY_BLOB)
|
||||
.setKeyChainProtectionParams(createKeyChainProtectionParamsList())
|
||||
.setWrappedApplicationKeys(createKeys())
|
||||
.setTrustedHardwareCertPath(CERT_PATH)
|
||||
.build();
|
||||
}
|
||||
|
||||
private static List<WrappedApplicationKey> createKeys() {
|
||||
ArrayList<WrappedApplicationKey> keyList = new ArrayList<>();
|
||||
keyList.add(createKey(TEST_KEY_1_ALIAS, TEST_KEY_1_BYTES));
|
||||
|
||||
Reference in New Issue
Block a user