Merge "Skip the parsing of the refresh interval in CertXml" (272c1236) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/locksettings/recoverablekeystore/certificate/CertXml.java

+2 −26

Original line number	Original line	Diff line number	Diff line
	@@ -20,6 +20,8 @@ import android.annotation.Nullable;

	import com.android.internal.annotations.VisibleForTesting;		import com.android.internal.annotations.VisibleForTesting;

			import org.w3c.dom.Element;

	import java.security.SecureRandom;		import java.security.SecureRandom;
	import java.security.cert.CertPath;		import java.security.cert.CertPath;
	import java.security.cert.X509Certificate;		import java.security.cert.X509Certificate;
	@@ -28,8 +30,6 @@ import java.util.Collections;
	import java.util.Date;		import java.util.Date;
	import java.util.List;		import java.util.List;

	import org.w3c.dom.Element;

	/**		/**
	* Parses and holds the XML file containing the list of THM public-key certificates and related		* Parses and holds the XML file containing the list of THM public-key certificates and related
	* metadata.		* metadata.
	@@ -38,24 +38,20 @@ public final class CertXml {

	private static final String METADATA_NODE_TAG = "metadata";		private static final String METADATA_NODE_TAG = "metadata";
	private static final String METADATA_SERIAL_NODE_TAG = "serial";		private static final String METADATA_SERIAL_NODE_TAG = "serial";
	private static final String METADATA_REFRESH_INTERVAL_NODE_TAG = "refresh-interval";
	private static final String ENDPOINT_CERT_LIST_TAG = "endpoints";		private static final String ENDPOINT_CERT_LIST_TAG = "endpoints";
	private static final String ENDPOINT_CERT_ITEM_TAG = "cert";		private static final String ENDPOINT_CERT_ITEM_TAG = "cert";
	private static final String INTERMEDIATE_CERT_LIST_TAG = "intermediates";		private static final String INTERMEDIATE_CERT_LIST_TAG = "intermediates";
	private static final String INTERMEDIATE_CERT_ITEM_TAG = "cert";		private static final String INTERMEDIATE_CERT_ITEM_TAG = "cert";

	private final long serial;		private final long serial;
	private final long refreshInterval;
	private final List<X509Certificate> intermediateCerts;		private final List<X509Certificate> intermediateCerts;
	private final List<X509Certificate> endpointCerts;		private final List<X509Certificate> endpointCerts;

	private CertXml(		private CertXml(
	long serial,		long serial,
	long refreshInterval,
	List<X509Certificate> intermediateCerts,		List<X509Certificate> intermediateCerts,
	List<X509Certificate> endpointCerts) {		List<X509Certificate> endpointCerts) {
	this.serial = serial;		this.serial = serial;
	this.refreshInterval = refreshInterval;
	this.intermediateCerts = intermediateCerts;		this.intermediateCerts = intermediateCerts;
	this.endpointCerts = endpointCerts;		this.endpointCerts = endpointCerts;
	}		}
	@@ -65,15 +61,6 @@ public final class CertXml {
	return serial;		return serial;
	}		}

	/**
	* Gets the refresh interval in the XML file containing public-key certificates. The refresh
	* interval denotes the number of seconds that the client should follow to contact the server to
	* refresh the XML file.
	*/
	public long getRefreshInterval() {
	return refreshInterval;
	}

	@VisibleForTesting		@VisibleForTesting
	List<X509Certificate> getAllIntermediateCerts() {		List<X509Certificate> getAllIntermediateCerts() {
	return intermediateCerts;		return intermediateCerts;
	@@ -121,7 +108,6 @@ public final class CertXml {
	Element rootNode = CertUtils.getXmlRootNode(bytes);		Element rootNode = CertUtils.getXmlRootNode(bytes);
	return new CertXml(		return new CertXml(
	parseSerial(rootNode),		parseSerial(rootNode),
	parseRefreshInterval(rootNode),
	parseIntermediateCerts(rootNode),		parseIntermediateCerts(rootNode),
	parseEndpointCerts(rootNode));		parseEndpointCerts(rootNode));
	}		}
	@@ -136,16 +122,6 @@ public final class CertXml {
	return Long.parseLong(contents.get(0));		return Long.parseLong(contents.get(0));
	}		}

	private static long parseRefreshInterval(Element rootNode) throws CertParsingException {
	List<String> contents =
	CertUtils.getXmlNodeContents(
	CertUtils.MUST_EXIST_EXACTLY_ONE,
	rootNode,
	METADATA_NODE_TAG,
	METADATA_REFRESH_INTERVAL_NODE_TAG);
	return Long.parseLong(contents.get(0));
	}

	private static List<X509Certificate> parseIntermediateCerts(Element rootNode)		private static List<X509Certificate> parseIntermediateCerts(Element rootNode)
	throws CertParsingException {		throws CertParsingException {
	List<String> contents =		List<String> contents =

services/tests/servicestests/assets/KeyStoreRecoveryControllerTest/xml/invalid-cert-file-two-refresh-intervals.xml

deleted100644 → 0

+0 −46

Original line number	Original line	Diff line number	Diff line
	<?xml version="1.0" encoding="UTF-8"?>
	<certificates>
	<metadata>
	<serial>
	1000
	</serial>
	<creation-time>
	1515697631
	</creation-time>
	<refresh-interval>
	2592000
	</refresh-interval>
	<refresh-interval>
	2592000
	</refresh-interval>
	<previous>
	<serial>
	0
	</serial>
	<hash>
	47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=
	</hash>
	</previous>
	</metadata>
	<endpoints>
	<cert>
	MIIDCDCB8aADAgECAgYBYOlweDswDQYJKoZIhvcNAQELBQAwLTErMCkGA1UEAwwi
	R29vZ2xlIENyeXB0QXV0aFZhdWx0IEludGVybWVkaWF0ZTAeFw0xODAxMTEwODE1
	NTBaFw0yMDAxMTIwODE1NTBaMCkxJzAlBgNVBAMTHkdvb2dsZSBDcnlwdEF1dGhW
	YXVsdCBJbnN0YW5jZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLgAERiYHfBu
	tJT+htocB40BtDr2jdxh0EZJlQ8QhpMkZuA/0t/zeSAdkVWw5b16izJ9JVOi/KVl
	4b0hRH54UvowDQYJKoZIhvcNAQELBQADggIBABZALhC9j3hpZ0AgN0tsqAP2Ix21
	tNOcvo/aFJuSFanOM4DZbycZEYAo5rorvuFu7eXETBKDGnI5xreNAoQsaj/dyCHu
	HKIn5P7yCmKvG2sV2TQ5go+0xV2x8BhTrtUWLeHvUbM3fXipa3NrordbA8MgzXwr
	GR1Y1FuMOn5n4kiuHJ2sQTbDdzSQSK5VpH+6rjARlfOCyLUX0u8UKRRH81qhIQWb
	UFMp9q1CVfiLP2O3CdDdpZXCysdflIb62TWnma+I8jqMryyxrMVs9kpfa8zkX9qe
	33Vxp+QaQTqQ07/7KYVw869MeFn+bXeHnjUhqGY6S8M71vrTMG3M5p8Sq9LmV8Y5
	7YB5uqKap2Inf0FOuJS7h7nVVzU/kOFkepaQVHyScwTPuuXNgpQg8XZnN/AWfRwJ
	hf5zE6vXXTHMzQA1mY2eEhxGfpryv7LH8pvfcyTakdBlw8aMJjKdre8xLLGZeVCa
	79plkfYD0rMrxtRHCGyTKGzUcx/B9kYJK5qBgJiDJLKF3XwGbAs/F8CyEPihjvj4
	M2EoeyhmHWKLYsps6+uTksJ+PxZU14M7672K2y8BdulyfkZIhili118XnRykKkMf
	JLQJKMqZx5O0B9bF8yQdcGKEGEwMQt5ENdH8HeiwLm4QS3VzFXYetgUPCM5lPDIp
	BuwwuQxvQDF4pmQd
	</cert>
	</endpoints>
	</certificates>

services/tests/servicestests/assets/KeyStoreRecoveryControllerTest/xml/invalid-cert-file-no-refresh-interval.xml→services/tests/servicestests/assets/KeyStoreRecoveryControllerTest/xml/valid-cert-file-no-refresh-interval.xml

+0 −0

File moved.

View file

services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/certificate/CertXmlTest.java

+7 −26

Original line number	Original line	Diff line number	Diff line
	@@ -47,7 +47,6 @@ public final class CertXmlTest {
	public void parse_succeeds() throws Exception {		public void parse_succeeds() throws Exception {
	CertXml certXml = CertXml.parse(certXmlBytes);		CertXml certXml = CertXml.parse(certXmlBytes);
	assertThat(certXml.getSerial()).isEqualTo(1000L);		assertThat(certXml.getSerial()).isEqualTo(1000L);
	assertThat(certXml.getRefreshInterval()).isEqualTo(2592000L);
	}		}

	@Test		@Test
	@@ -75,27 +74,22 @@ public final class CertXmlTest {
	}		}

	@Test		@Test
	public void parse_throwsIfNoEndpointCert() throws Exception {		public void parse_doesNotThrowIfNoRefreshInterval() throws Exception {
	CertParsingException expected =
	expectThrows(
	CertParsingException.class,
	() ->
	CertXml.parse(		CertXml.parse(
	TestData.readTestFile(		TestData.readTestFile(
	"xml/invalid-cert-file-no-endpoint-cert.xml")));		"xml/valid-cert-file-no-refresh-interval.xml"));
	assertThat(expected.getMessage()).contains("at least one");
	}		}

	@Test		@Test
	public void parse_throwsIfNoRefreshInterval() throws Exception {		public void parse_throwsIfNoEndpointCert() throws Exception {
	CertParsingException expected =		CertParsingException expected =
	expectThrows(		expectThrows(
	CertParsingException.class,		CertParsingException.class,
	() ->		() ->
	CertXml.parse(		CertXml.parse(
	TestData.readTestFile(		TestData.readTestFile(
	"xml/invalid-cert-file-no-refresh-interval.xml")));		"xml/invalid-cert-file-no-endpoint-cert.xml")));
	assertThat(expected.getMessage()).contains("exactly one");		assertThat(expected.getMessage()).contains("at least one");
	}		}

	@Test		@Test
	@@ -110,19 +104,6 @@ public final class CertXmlTest {
	assertThat(expected.getMessage()).contains("exactly one");		assertThat(expected.getMessage()).contains("exactly one");
	}		}

	@Test
	public void parse_throwsIfTwoRefreshIntervals() throws Exception {
	CertParsingException expected =
	expectThrows(
	CertParsingException.class,
	() ->
	CertXml.parse(
	TestData.readTestFile(
	"xml/invalid-cert-file-two-refresh-intervals"
	+ ".xml")));
	assertThat(expected.getMessage()).contains("exactly one");
	}

	@Test		@Test
	public void parse_throwsIfTwoSerials() throws Exception {		public void parse_throwsIfTwoSerials() throws Exception {
	CertParsingException expected =		CertParsingException expected =