diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncTask.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncTask.java index 567eaaa5d1596..1faa9f7b27e10 100644 --- a/services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncTask.java +++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncTask.java @@ -349,7 +349,6 @@ public class KeySyncTask implements Runnable { .setSnapshotVersion(getSnapshotVersion(recoveryAgentUid, recreateCurrentVersion)) .setMaxAttempts(TRUSTED_HARDWARE_MAX_ATTEMPTS) .setCounterId(counterId) - .setTrustedHardwarePublicKey(SecureBox.encodePublicKey(publicKey)) .setServerParams(vaultHandle) .setKeyChainProtectionParams(metadataList) .setWrappedApplicationKeys(createApplicationKeyEntries(encryptedApplicationKeys)) diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotDeserializer.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotDeserializer.java index f789155cee525..b486834235dc8 100644 --- a/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotDeserializer.java +++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotDeserializer.java @@ -132,8 +132,7 @@ public class KeyChainSnapshotDeserializer { break; case TAG_BACKEND_PUBLIC_KEY: - builder.setTrustedHardwarePublicKey( - readBlobTag(parser, TAG_BACKEND_PUBLIC_KEY)); + // Unused break; case TAG_KEY_CHAIN_PROTECTION_PARAMS_LIST: diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSchema.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSchema.java index ff30ecd7d3a73..0f2c2fc6c9590 100644 --- a/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSchema.java +++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSchema.java @@ -35,7 +35,7 @@ class KeyChainSnapshotSchema { static final String TAG_RECOVERY_KEY_MATERIAL = "recoveryKeyMaterial"; static final String TAG_SERVER_PARAMS = "serverParams"; static final String TAG_TRUSTED_HARDWARE_CERT_PATH = "thmCertPath"; - static final String TAG_BACKEND_PUBLIC_KEY = "backendPublicKey"; + static final String TAG_BACKEND_PUBLIC_KEY = "backendPublicKey"; // Deprecated. static final String TAG_KEY_CHAIN_PROTECTION_PARAMS_LIST = "keyChainProtectionParamsList"; diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSerializer.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSerializer.java index 17a16bf5906b2..235df698a674d 100644 --- a/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSerializer.java +++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSerializer.java @@ -162,10 +162,6 @@ public class KeyChainSnapshotSerializer { writePropertyTag(xmlSerializer, TAG_SERVER_PARAMS, keyChainSnapshot.getServerParams()); writePropertyTag(xmlSerializer, TAG_TRUSTED_HARDWARE_CERT_PATH, keyChainSnapshot.getTrustedHardwareCertPath()); - if (keyChainSnapshot.getTrustedHardwarePublicKey() != null) { - writePropertyTag(xmlSerializer, TAG_BACKEND_PUBLIC_KEY, - keyChainSnapshot.getTrustedHardwarePublicKey()); - } } private static void writePropertyTag( diff --git a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSerializerTest.java b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSerializerTest.java index 2f4da86bf38f5..07c6203718688 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSerializerTest.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/serialization/KeyChainSnapshotSerializerTest.java @@ -45,7 +45,6 @@ public class KeyChainSnapshotSerializerTest { private static final int MAX_ATTEMPTS = 21; private static final byte[] SERVER_PARAMS = new byte[] { 8, 2, 4 }; private static final byte[] KEY_BLOB = new byte[] { 124, 53, 53, 53 }; - private static final byte[] PUBLIC_KEY_BLOB = new byte[] { 6, 6, 6, 6, 6, 6, 7 }; private static final CertPath CERT_PATH = TestData.CERT_PATH_1; private static final int SECRET_TYPE = KeyChainProtectionParams.TYPE_LOCKSCREEN; private static final int LOCK_SCREEN_UI = KeyChainProtectionParams.UI_FORMAT_PASSWORD; @@ -93,11 +92,6 @@ public class KeyChainSnapshotSerializerTest { assertThat(roundTrip().getTrustedHardwareCertPath()).isEqualTo(CERT_PATH); } - @Test - public void roundTrip_persistsBackendPublicKey() throws Exception { - assertThat(roundTrip().getTrustedHardwarePublicKey()).isEqualTo(PUBLIC_KEY_BLOB); - } - @Test public void roundTrip_persistsParamsList() throws Exception { assertThat(roundTrip().getKeyChainProtectionParams()).hasSize(1); @@ -201,7 +195,6 @@ public class KeyChainSnapshotSerializerTest { .setKeyChainProtectionParams(createKeyChainProtectionParamsList()) .setWrappedApplicationKeys(createKeys()) .setTrustedHardwareCertPath(CERT_PATH) - .setTrustedHardwarePublicKey(PUBLIC_KEY_BLOB) .build(); }