Loading core/java/android/security/keystore/recovery/RecoveryController.java +7 −3 Original line number Diff line number Diff line Loading @@ -29,6 +29,7 @@ import android.os.ServiceManager; import android.os.ServiceSpecificException; import android.security.KeyStore; import android.security.keystore.AndroidKeyStoreProvider; import android.security.keystore.KeyPermanentlyInvalidatedException; import com.android.internal.widget.ILockSettings; Loading Loading @@ -635,7 +636,7 @@ public class RecoveryController { return getKeyFromGrant(grantAlias); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } catch (UnrecoverableKeyException e) { } catch (KeyPermanentlyInvalidatedException | UnrecoverableKeyException e) { throw new InternalRecoveryServiceException("Failed to get key from keystore", e); } catch (ServiceSpecificException e) { if (e.errorCode == ERROR_INSECURE_USER) { Loading Loading @@ -666,7 +667,7 @@ public class RecoveryController { return getKeyFromGrant(grantAlias); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } catch (UnrecoverableKeyException e) { } catch (KeyPermanentlyInvalidatedException | UnrecoverableKeyException e) { throw new InternalRecoveryServiceException("Failed to get key from keystore", e); } catch (ServiceSpecificException e) { if (e.errorCode == ERROR_INSECURE_USER) { Loading Loading @@ -696,6 +697,8 @@ public class RecoveryController { return getKeyFromGrant(grantAlias); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } catch (KeyPermanentlyInvalidatedException | UnrecoverableKeyException e) { throw new UnrecoverableKeyException("Failed to get key from keystore"); } catch (ServiceSpecificException e) { throw wrapUnexpectedServiceSpecificException(e); } Loading @@ -704,7 +707,8 @@ public class RecoveryController { /** * Returns the key with the given {@code grantAlias}. */ @NonNull Key getKeyFromGrant(@NonNull String grantAlias) throws UnrecoverableKeyException { @NonNull Key getKeyFromGrant(@NonNull String grantAlias) throws UnrecoverableKeyException, KeyPermanentlyInvalidatedException { return AndroidKeyStoreProvider.loadAndroidKeyStoreKeyFromKeystore( mKeyStore, grantAlias, Loading core/java/android/security/keystore/recovery/RecoverySession.java +2 −1 Original line number Diff line number Diff line Loading @@ -22,6 +22,7 @@ import android.annotation.RequiresPermission; import android.annotation.SystemApi; import android.os.RemoteException; import android.os.ServiceSpecificException; import android.security.keystore.KeyPermanentlyInvalidatedException; import android.util.ArrayMap; import android.util.Log; Loading Loading @@ -218,7 +219,7 @@ public class RecoverySession implements AutoCloseable { Key key; try { key = mRecoveryController.getKeyFromGrant(grantAlias); } catch (UnrecoverableKeyException e) { } catch (KeyPermanentlyInvalidatedException | UnrecoverableKeyException e) { throw new InternalRecoveryServiceException( String.format( Locale.US, Loading keystore/java/android/security/KeyChain.java +2 −1 Original line number Diff line number Diff line Loading @@ -36,6 +36,7 @@ import android.os.Process; import android.os.RemoteException; import android.os.UserHandle; import android.security.keystore.AndroidKeyStoreProvider; import android.security.keystore.KeyPermanentlyInvalidatedException; import android.security.keystore.KeyProperties; import java.io.ByteArrayInputStream; Loading Loading @@ -538,7 +539,7 @@ public final class KeyChain { try { return AndroidKeyStoreProvider.loadAndroidKeyStoreKeyPairFromKeystore( KeyStore.getInstance(), keyId, KeyStore.UID_SELF); } catch (RuntimeException | UnrecoverableKeyException e) { } catch (RuntimeException | UnrecoverableKeyException | KeyPermanentlyInvalidatedException e) { throw new KeyChainException(e); } } Loading keystore/java/android/security/KeyStore.java +5 −0 Original line number Diff line number Diff line Loading @@ -97,6 +97,9 @@ public class KeyStore { */ public static final int OP_AUTH_NEEDED = 15; // Used when a user changes their pin, invalidating old auth bound keys. public static final int KEY_PERMANENTLY_INVALIDATED = 17; // Used for UID field to indicate the calling UID. public static final int UID_SELF = -1; Loading Loading @@ -1188,6 +1191,8 @@ public class KeyStore { return new KeyStoreException(errorCode, "Key blob corrupted"); case OP_AUTH_NEEDED: return new KeyStoreException(errorCode, "Operation requires authorization"); case KEY_PERMANENTLY_INVALIDATED: return new KeyStoreException(errorCode, "Key permanently invalidated"); default: return new KeyStoreException(errorCode, String.valueOf(errorCode)); } Loading keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java +1 −1 Original line number Diff line number Diff line Loading @@ -526,7 +526,7 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato + result.getPrivate().getAlgorithm() + " vs " + mJcaKeyAlgorithm); } return result; } catch (UnrecoverableKeyException e) { } catch (UnrecoverableKeyException | KeyPermanentlyInvalidatedException e) { throw new ProviderException("Failed to load generated key pair from keystore", e); } } Loading Loading
core/java/android/security/keystore/recovery/RecoveryController.java +7 −3 Original line number Diff line number Diff line Loading @@ -29,6 +29,7 @@ import android.os.ServiceManager; import android.os.ServiceSpecificException; import android.security.KeyStore; import android.security.keystore.AndroidKeyStoreProvider; import android.security.keystore.KeyPermanentlyInvalidatedException; import com.android.internal.widget.ILockSettings; Loading Loading @@ -635,7 +636,7 @@ public class RecoveryController { return getKeyFromGrant(grantAlias); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } catch (UnrecoverableKeyException e) { } catch (KeyPermanentlyInvalidatedException | UnrecoverableKeyException e) { throw new InternalRecoveryServiceException("Failed to get key from keystore", e); } catch (ServiceSpecificException e) { if (e.errorCode == ERROR_INSECURE_USER) { Loading Loading @@ -666,7 +667,7 @@ public class RecoveryController { return getKeyFromGrant(grantAlias); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } catch (UnrecoverableKeyException e) { } catch (KeyPermanentlyInvalidatedException | UnrecoverableKeyException e) { throw new InternalRecoveryServiceException("Failed to get key from keystore", e); } catch (ServiceSpecificException e) { if (e.errorCode == ERROR_INSECURE_USER) { Loading Loading @@ -696,6 +697,8 @@ public class RecoveryController { return getKeyFromGrant(grantAlias); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } catch (KeyPermanentlyInvalidatedException | UnrecoverableKeyException e) { throw new UnrecoverableKeyException("Failed to get key from keystore"); } catch (ServiceSpecificException e) { throw wrapUnexpectedServiceSpecificException(e); } Loading @@ -704,7 +707,8 @@ public class RecoveryController { /** * Returns the key with the given {@code grantAlias}. */ @NonNull Key getKeyFromGrant(@NonNull String grantAlias) throws UnrecoverableKeyException { @NonNull Key getKeyFromGrant(@NonNull String grantAlias) throws UnrecoverableKeyException, KeyPermanentlyInvalidatedException { return AndroidKeyStoreProvider.loadAndroidKeyStoreKeyFromKeystore( mKeyStore, grantAlias, Loading
core/java/android/security/keystore/recovery/RecoverySession.java +2 −1 Original line number Diff line number Diff line Loading @@ -22,6 +22,7 @@ import android.annotation.RequiresPermission; import android.annotation.SystemApi; import android.os.RemoteException; import android.os.ServiceSpecificException; import android.security.keystore.KeyPermanentlyInvalidatedException; import android.util.ArrayMap; import android.util.Log; Loading Loading @@ -218,7 +219,7 @@ public class RecoverySession implements AutoCloseable { Key key; try { key = mRecoveryController.getKeyFromGrant(grantAlias); } catch (UnrecoverableKeyException e) { } catch (KeyPermanentlyInvalidatedException | UnrecoverableKeyException e) { throw new InternalRecoveryServiceException( String.format( Locale.US, Loading
keystore/java/android/security/KeyChain.java +2 −1 Original line number Diff line number Diff line Loading @@ -36,6 +36,7 @@ import android.os.Process; import android.os.RemoteException; import android.os.UserHandle; import android.security.keystore.AndroidKeyStoreProvider; import android.security.keystore.KeyPermanentlyInvalidatedException; import android.security.keystore.KeyProperties; import java.io.ByteArrayInputStream; Loading Loading @@ -538,7 +539,7 @@ public final class KeyChain { try { return AndroidKeyStoreProvider.loadAndroidKeyStoreKeyPairFromKeystore( KeyStore.getInstance(), keyId, KeyStore.UID_SELF); } catch (RuntimeException | UnrecoverableKeyException e) { } catch (RuntimeException | UnrecoverableKeyException | KeyPermanentlyInvalidatedException e) { throw new KeyChainException(e); } } Loading
keystore/java/android/security/KeyStore.java +5 −0 Original line number Diff line number Diff line Loading @@ -97,6 +97,9 @@ public class KeyStore { */ public static final int OP_AUTH_NEEDED = 15; // Used when a user changes their pin, invalidating old auth bound keys. public static final int KEY_PERMANENTLY_INVALIDATED = 17; // Used for UID field to indicate the calling UID. public static final int UID_SELF = -1; Loading Loading @@ -1188,6 +1191,8 @@ public class KeyStore { return new KeyStoreException(errorCode, "Key blob corrupted"); case OP_AUTH_NEEDED: return new KeyStoreException(errorCode, "Operation requires authorization"); case KEY_PERMANENTLY_INVALIDATED: return new KeyStoreException(errorCode, "Key permanently invalidated"); default: return new KeyStoreException(errorCode, String.valueOf(errorCode)); } Loading
keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java +1 −1 Original line number Diff line number Diff line Loading @@ -526,7 +526,7 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato + result.getPrivate().getAlgorithm() + " vs " + mJcaKeyAlgorithm); } return result; } catch (UnrecoverableKeyException e) { } catch (UnrecoverableKeyException | KeyPermanentlyInvalidatedException e) { throw new ProviderException("Failed to load generated key pair from keystore", e); } } Loading
