Merge "Unhide RecoverySession#recoverKeyChainSnapshot() method" into pi-dev

  public class RecoverySession implements java.lang.AutoCloseable {

    method public void close();

    method public java.util.Map<java.lang.String, byte[]> recoverKeys(byte[], java.util.List<android.security.keystore.recovery.WrappedApplicationKey>) throws android.security.keystore.recovery.DecryptionFailedException, android.security.keystore.recovery.InternalRecoveryServiceException, android.security.keystore.recovery.SessionExpiredException;

    method public java.util.Map<java.lang.String, java.security.Key> recoverKeyChainSnapshot(byte[], java.util.List<android.security.keystore.recovery.WrappedApplicationKey>) throws android.security.keystore.recovery.DecryptionFailedException, android.security.keystore.recovery.InternalRecoveryServiceException, android.security.keystore.recovery.SessionExpiredException;

    method public deprecated java.util.Map<java.lang.String, byte[]> recoverKeys(byte[], java.util.List<android.security.keystore.recovery.WrappedApplicationKey>) throws android.security.keystore.recovery.DecryptionFailedException, android.security.keystore.recovery.InternalRecoveryServiceException, android.security.keystore.recovery.SessionExpiredException;

    method public deprecated byte[] start(byte[], byte[], byte[], java.util.List<android.security.keystore.recovery.KeyChainProtectionParams>) throws java.security.cert.CertificateException, android.security.keystore.recovery.InternalRecoveryServiceException;

    method public deprecated byte[] start(java.security.cert.CertPath, byte[], byte[], java.util.List<android.security.keystore.recovery.KeyChainProtectionParams>) throws java.security.cert.CertificateException, android.security.keystore.recovery.InternalRecoveryServiceException;

    method public byte[] start(java.lang.String, java.security.cert.CertPath, byte[], byte[], java.util.List<android.security.keystore.recovery.KeyChainProtectionParams>) throws java.security.cert.CertificateException, android.security.keystore.recovery.InternalRecoveryServiceException;

    }

    /**

     * Imports keys.

     *

     * @param recoveryKeyBlob Recovery blob encrypted by symmetric key generated for this session.

     * @param applicationKeys Application keys. Key material can be decrypted using recoveryKeyBlob

     *     and session. KeyStore only uses package names from the application info in {@link

     *     WrappedApplicationKey}. Caller is responsibility to perform certificates check.

     * @return Map from alias to raw key material.

     * @throws SessionExpiredException if {@code session} has since been closed.

     * @throws DecryptionFailedException if unable to decrypt the snapshot.

     * @throws InternalRecoveryServiceException if an error occurs internal to the recovery service.

     * @deprecated Use {@link #recoverKeyChainSnapshot(byte[], List)} instead.

     */

    @Deprecated

    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)

    public Map<String, byte[]> recoverKeys(

            @NonNull byte[] recoveryKeyBlob,

     * @throws SessionExpiredException if {@code session} has since been closed.

     * @throws DecryptionFailedException if unable to decrypt the snapshot.

     * @throws InternalRecoveryServiceException if an error occurs internal to the recovery service.

     *

     * @hide

     */

    @RequiresPermission(Manifest.permission.RECOVER_KEYSTORE)

    public Map<String, Key> recoverKeyChainSnapshot(