Merge "Add getSupplementaryAttestationInfo" into aosp-main-future

    method @NonNull public java.util.List<java.security.cert.X509Certificate> getGrantedCertificateChainFromId(long) throws android.security.keystore.KeyPermanentlyInvalidatedException, java.security.UnrecoverableKeyException;

    method @NonNull public java.security.Key getGrantedKeyFromId(long) throws android.security.keystore.KeyPermanentlyInvalidatedException, java.security.UnrecoverableKeyException;

    method @NonNull public java.security.KeyPair getGrantedKeyPairFromId(long) throws android.security.keystore.KeyPermanentlyInvalidatedException, java.security.UnrecoverableKeyException;

    method @FlaggedApi("android.security.keystore2.attest_modules") @NonNull public byte[] getSupplementaryAttestationInfo(int) throws android.security.KeyStoreException;

    method public long grantKeyAccess(@NonNull String, int) throws android.security.KeyStoreException, java.security.UnrecoverableKeyException;

    method public void revokeKeyAccess(@NonNull String, int) throws android.security.KeyStoreException, java.security.UnrecoverableKeyException;

    field public static final int MODULE_HASH = -1879047468; // 0x900002d4

  }

  public class SecureKeyImportUnavailableException extends java.security.ProviderException {

        "**/*.java",

        "**/*.aidl",

    ],

    exclude_srcs: select(release_flag("RELEASE_ATTEST_MODULES"), {

        true: [

            "android/security/KeyStore2HalCurrent.java",

        ],

        default: [

            "android/security/KeyStore2HalLatest.java",

        ],

    }),

    visibility: ["//frameworks/base"],

}

        R execute(IKeystoreService service) throws RemoteException;

    }

    private <R> R handleRemoteExceptionWithRetry(@NonNull CheckedRemoteRequest<R> request)

    <R> R handleRemoteExceptionWithRetry(@NonNull CheckedRemoteRequest<R> request)

            throws KeyStoreException {

        IKeystoreService service = getService(false /* retryLookup */);

        boolean firstTry = true;

        }

    }

    /**

     * Returns tag-specific info required to interpret a tag's attested value.

     * @see IKeystoreService#getSupplementaryAttestationInfo(Tag) for more details.

     * @param tag

     * @return

     * @throws KeyStoreException

     * @hide

     */

    public byte[] getSupplementaryAttestationInfo(int tag) throws KeyStoreException {

        return KeyStore2HalVersion.getSupplementaryAttestationInfoHelper(tag, this);

    }

    static KeyStoreException getKeyStoreException(int errorCode, String serviceErrorMessage) {

        if (errorCode > 0) {

            // KeyStore layer error

/*

 * Copyright (C) 2024 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.security;

/**

 * @hide This class is necessary to allow the version of the AIDL interface for Keystore and

* KeyMint used in KeyStore2.java to differ by BUILD flag `RELEASE_ATTEST_MODULES`. When

* `RELEASE_ATTEST_MODULES` is not set, this file is included, and the current HALs for Keystore

* (V4) and KeyMint (V3) are used.

*/

class KeyStore2HalVersion {

    public static byte[] getSupplementaryAttestationInfoHelper(int tag, KeyStore2 ks)

            throws KeyStoreException {

        return new byte[0];

    }

}

/*

 * Copyright (C) 2024 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.security;

/**

 * @hide This class is necessary to allow the version of the AIDL interface for Keystore and

* KeyMint used in KeyStore2.java to differ by BUILD flag `RELEASE_ATTEST_MODULES`. When

* `RELEASE_ATTEST_MODULES` is set, this file is included, and the latest HALs for Keystore (V5)

* and KeyMint (V4) are used.

*/

class KeyStore2HalVersion {

    public static byte[] getSupplementaryAttestationInfoHelper(int tag, KeyStore2 ks)

            throws KeyStoreException {

        return ks.handleRemoteExceptionWithRetry(

            (service) -> service.getSupplementaryAttestationInfo(tag));

    }

}