Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Keystore 2.0: Remove hidden API from RecoverableKeystore" am: 5de808c5e2 am: 8b7ca71fd7 am: 2a38d13272

Browse Source 
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1624871

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I11523cbe76bba7f92ab1c4929eea502bf8e5a61b
This commit is contained in:
Janis Danisevskis
2021-03-11 17:37:47 +00:00
committed by Automerger Merge Worker
parent 43b70deccb 2a38d13272
commit d3035fe485
4 changed files with 13 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformDecryptionKey.java
View File

@@ -16,7 +16,7 @@
package com.android.server.locksettings.recoverablekeystore;
import android.security.keystore.AndroidKeyStoreSecretKey;
import javax.crypto.SecretKey;
/**
* Used to unwrap recoverable keys before syncing them with remote storage.
@@ -30,7 +30,7 @@ import android.security.keystore.AndroidKeyStoreSecretKey;
public class PlatformDecryptionKey {
private final int mGenerationId;
private final AndroidKeyStoreSecretKey mKey;
private final SecretKey mKey;
/**
* A new instance.
@@ -40,7 +40,7 @@ public class PlatformDecryptionKey {
*
* @hide
*/
public PlatformDecryptionKey(int generationId, AndroidKeyStoreSecretKey key) {
public PlatformDecryptionKey(int generationId, SecretKey key) {
mGenerationId = generationId;
mKey = key;
}
@@ -59,7 +59,7 @@ public class PlatformDecryptionKey {
*
* @hide
*/
public AndroidKeyStoreSecretKey getKey() {
public SecretKey getKey() {
return mKey;
}
}

8
services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformEncryptionKey.java
View File

@@ -16,7 +16,7 @@
package com.android.server.locksettings.recoverablekeystore;
import android.security.keystore.AndroidKeyStoreSecretKey;
import javax.crypto.SecretKey;
/**
* Private key stored in AndroidKeyStore. Used to wrap recoverable keys before writing them to disk.
@@ -33,7 +33,7 @@ import android.security.keystore.AndroidKeyStoreSecretKey;
public class PlatformEncryptionKey {
private final int mGenerationId;
private final AndroidKeyStoreSecretKey mKey;
private final SecretKey mKey;
/**
* A new instance.
@@ -41,7 +41,7 @@ public class PlatformEncryptionKey {
* @param generationId The generation ID of the key.
* @param key The secret key handle. Can be used to encrypt WITHOUT requiring screen unlock.
*/
public PlatformEncryptionKey(int generationId, AndroidKeyStoreSecretKey key) {
public PlatformEncryptionKey(int generationId, SecretKey key) {
mGenerationId = generationId;
mKey = key;
}
@@ -56,7 +56,7 @@ public class PlatformEncryptionKey {
/**
* Returns the actual key, which can only be used to encrypt.
*/
public AndroidKeyStoreSecretKey getKey() {
public SecretKey getKey() {
return mKey;
}
}

5
services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformKeyManager.java
View File

@@ -21,7 +21,6 @@ import android.content.Context;
import android.os.RemoteException;
import android.os.UserHandle;
import android.security.GateKeeper;
import android.security.keystore.AndroidKeyStoreSecretKey;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.security.keystore.KeyProperties;
import android.security.keystore.KeyProtection;
@@ -237,7 +236,7 @@ public class PlatformKeyManager {
if (!isKeyLoaded(userId, generationId)) {
throw new UnrecoverableKeyException("KeyStore doesn't contain key " + alias);
}
AndroidKeyStoreSecretKey key = (AndroidKeyStoreSecretKey) mKeyStore.getKey(
SecretKey key = (SecretKey) mKeyStore.getKey(
alias, /*password=*/ null);
return new PlatformEncryptionKey(generationId, key);
}
@@ -289,7 +288,7 @@ public class PlatformKeyManager {
if (!isKeyLoaded(userId, generationId)) {
throw new UnrecoverableKeyException("KeyStore doesn't contain key " + alias);
}
AndroidKeyStoreSecretKey key = (AndroidKeyStoreSecretKey) mKeyStore.getKey(
SecretKey key = (SecretKey) mKeyStore.getKey(
alias, /*password=*/ null);
return new PlatformDecryptionKey(generationId, key);
}

6
services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/PlatformKeyManagerTest.java
View File

@@ -32,7 +32,6 @@ import android.app.KeyguardManager;
import android.content.Context;
import android.os.RemoteException;
import android.security.GateKeeper;
import android.security.keystore.AndroidKeyStoreSecretKey;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyProperties;
import android.security.keystore.KeyProtection;
@@ -59,6 +58,7 @@ import java.security.UnrecoverableKeyException;
import java.util.List;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
@SmallTest
@RunWith(AndroidJUnit4.class)
@@ -575,7 +575,7 @@ public class PlatformKeyManagerTest {
return (KeyProtection) mProtectionParameterCaptor.getValue();
}
private AndroidKeyStoreSecretKey generateAndroidKeyStoreKey() throws Exception {
private SecretKey generateAndroidKeyStoreKey() throws Exception {
KeyGenerator keyGenerator = KeyGenerator.getInstance(
KEY_ALGORITHM,
ANDROID_KEY_STORE_PROVIDER);
@@ -584,7 +584,7 @@ public class PlatformKeyManagerTest {
.setBlockModes(KeyProperties.BLOCK_MODE_GCM)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
.build());
return (AndroidKeyStoreSecretKey) keyGenerator.generateKey();
return keyGenerator.generateKey();
}
class PlatformKeyManagerTestable extends PlatformKeyManager {