Loading core/java/android/security/keystore/recovery/TrustedRootCertificates.java +1 −1 Original line number Diff line number Diff line Loading @@ -40,7 +40,7 @@ public final class TrustedRootCertificates { /** * Certificate used for client-side end-to-end encryption tests. * When recovery controller is initialized with the certificate, recovery snapshots will only * contain application keys started with {@link INSECURE_KEY_ALIAS}. * contain application keys started with {@link #INSECURE_KEY_ALIAS_PREFIX}. * Recovery snapshot will only be created if device is unlocked with password started with * {@link #INSECURE_PASSWORD_PREFIX}. * Loading services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncTask.java +3 −5 Original line number Diff line number Diff line Loading @@ -19,12 +19,10 @@ package com.android.server.locksettings.recoverablekeystore; import static android.security.keystore.recovery.KeyChainProtectionParams.TYPE_LOCKSCREEN; import android.annotation.Nullable; import android.annotation.NonNull; import android.content.Context; import android.security.keystore.recovery.KeyChainProtectionParams; import android.security.keystore.recovery.KeyChainSnapshot; import android.security.keystore.recovery.KeyDerivationParams; import android.security.keystore.recovery.TrustedRootCertificates; import android.security.keystore.recovery.WrappedApplicationKey; import android.util.Log; Loading Loading @@ -218,10 +216,10 @@ public class KeySyncTask implements Runnable { return; } if (mTestOnlyInsecureCertificateHelper.isTestOnlyCertificate(rootCertAlias)) { if (mTestOnlyInsecureCertificateHelper.isTestOnlyCertificateAlias(rootCertAlias)) { Log.w(TAG, "Insecure root certificate is used by recovery agent " + recoveryAgentUid); if (mTestOnlyInsecureCertificateHelper.doesCredentailSupportInsecureMode( if (mTestOnlyInsecureCertificateHelper.doesCredentialSupportInsecureMode( mCredentialType, mCredential)) { Log.w(TAG, "Whitelisted credential is used to generate snapshot by " + "recovery agent "+ recoveryAgentUid); Loading Loading @@ -252,7 +250,7 @@ public class KeySyncTask implements Runnable { } // Only include insecure key material for test if (mTestOnlyInsecureCertificateHelper.isTestOnlyCertificate(rootCertAlias)) { if (mTestOnlyInsecureCertificateHelper.isTestOnlyCertificateAlias(rootCertAlias)) { rawKeys = mTestOnlyInsecureCertificateHelper.keepOnlyWhitelistedInsecureKeys(rawKeys); } SecretKey recoveryKey; Loading services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java +5 −1 Original line number Diff line number Diff line Loading @@ -174,9 +174,13 @@ public class RecoverableKeyStoreManager { checkRecoverKeyStorePermission(); int userId = UserHandle.getCallingUserId(); int uid = Binder.getCallingUid(); rootCertificateAlias = mTestCertHelper.getDefaultCertificateAliasIfEmpty(rootCertificateAlias); if (!mTestCertHelper.isValidRootCertificateAlias(rootCertificateAlias)) { throw new ServiceSpecificException( ERROR_INVALID_CERTIFICATE, "Invalid root certificate alias"); } // Always set active alias to the argument of the last call to initRecoveryService method, // even if cert file is incorrect. String activeRootAlias = mDatabase.getActiveRootOfTrust(userId, uid); Loading services/core/java/com/android/server/locksettings/recoverablekeystore/TestOnlyInsecureCertificateHelper.java +8 −3 Original line number Diff line number Diff line Loading @@ -51,7 +51,7 @@ public class TestOnlyInsecureCertificateHelper { public @NonNull X509Certificate getRootCertificate(String rootCertificateAlias) throws RemoteException { rootCertificateAlias = getDefaultCertificateAliasIfEmpty(rootCertificateAlias); if (isTestOnlyCertificate(rootCertificateAlias)) { if (isTestOnlyCertificateAlias(rootCertificateAlias)) { return TrustedRootCertificates.getTestOnlyInsecureCertificate(); } Loading @@ -74,12 +74,17 @@ public class TestOnlyInsecureCertificateHelper { return rootCertificateAlias; } public boolean isTestOnlyCertificate(String rootCertificateAlias) { public boolean isTestOnlyCertificateAlias(String rootCertificateAlias) { return TrustedRootCertificates.TEST_ONLY_INSECURE_CERTIFICATE_ALIAS .equals(rootCertificateAlias); } public boolean doesCredentailSupportInsecureMode(int credentialType, String credential) { public boolean isValidRootCertificateAlias(String rootCertificateAlias) { return TrustedRootCertificates.getRootCertificates().containsKey(rootCertificateAlias) || isTestOnlyCertificateAlias(rootCertificateAlias); } public boolean doesCredentialSupportInsecureMode(int credentialType, String credential) { return (credentialType == LockPatternUtils.CREDENTIAL_TYPE_PASSWORD) && (credential != null) && credential.startsWith(TrustedRootCertificates.INSECURE_PASSWORD_PREFIX); Loading services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncTaskTest.java +8 −8 Original line number Diff line number Diff line Loading @@ -301,8 +301,8 @@ public class KeySyncTaskTest { TEST_USER_ID, TEST_RECOVERY_AGENT_UID, TEST_ROOT_CERT_ALIAS, TestData.CERT_PATH_1); // Enter test mode with whitelisted credentials when(mTestOnlyInsecureCertificateHelper.isTestOnlyCertificate(any())).thenReturn(true); when(mTestOnlyInsecureCertificateHelper.doesCredentailSupportInsecureMode(anyInt(), any())) when(mTestOnlyInsecureCertificateHelper.isTestOnlyCertificateAlias(any())).thenReturn(true); when(mTestOnlyInsecureCertificateHelper.doesCredentialSupportInsecureMode(anyInt(), any())) .thenReturn(true); mKeySyncTask.run(); Loading @@ -311,7 +311,7 @@ public class KeySyncTaskTest { // run whitelist checks verify(mTestOnlyInsecureCertificateHelper) .doesCredentailSupportInsecureMode(anyInt(), any()); .doesCredentialSupportInsecureMode(anyInt(), any()); verify(mTestOnlyInsecureCertificateHelper) .keepOnlyWhitelistedInsecureKeys(any()); Loading @@ -331,8 +331,8 @@ public class KeySyncTaskTest { TEST_USER_ID, TEST_RECOVERY_AGENT_UID, TEST_ROOT_CERT_ALIAS, TestData.CERT_PATH_1); // Enter test mode with non whitelisted credentials when(mTestOnlyInsecureCertificateHelper.isTestOnlyCertificate(any())).thenReturn(true); when(mTestOnlyInsecureCertificateHelper.doesCredentailSupportInsecureMode(anyInt(), any())) when(mTestOnlyInsecureCertificateHelper.isTestOnlyCertificateAlias(any())).thenReturn(true); when(mTestOnlyInsecureCertificateHelper.doesCredentialSupportInsecureMode(anyInt(), any())) .thenReturn(false); mKeySyncTask.run(); Loading @@ -340,7 +340,7 @@ public class KeySyncTaskTest { verify(mTestOnlyInsecureCertificateHelper) .getDefaultCertificateAliasIfEmpty(eq(TEST_ROOT_CERT_ALIAS)); verify(mTestOnlyInsecureCertificateHelper) .doesCredentailSupportInsecureMode(anyInt(), any()); .doesCredentialSupportInsecureMode(anyInt(), any()); } @Test Loading @@ -358,11 +358,11 @@ public class KeySyncTaskTest { verify(mTestOnlyInsecureCertificateHelper) .getDefaultCertificateAliasIfEmpty(eq(TEST_ROOT_CERT_ALIAS)); verify(mTestOnlyInsecureCertificateHelper, atLeast(1)) .isTestOnlyCertificate(eq(TEST_ROOT_CERT_ALIAS)); .isTestOnlyCertificateAlias(eq(TEST_ROOT_CERT_ALIAS)); // no whitelists check verify(mTestOnlyInsecureCertificateHelper, never()) .doesCredentailSupportInsecureMode(anyInt(), any()); .doesCredentialSupportInsecureMode(anyInt(), any()); verify(mTestOnlyInsecureCertificateHelper, never()) .keepOnlyWhitelistedInsecureKeys(any()); } Loading Loading
core/java/android/security/keystore/recovery/TrustedRootCertificates.java +1 −1 Original line number Diff line number Diff line Loading @@ -40,7 +40,7 @@ public final class TrustedRootCertificates { /** * Certificate used for client-side end-to-end encryption tests. * When recovery controller is initialized with the certificate, recovery snapshots will only * contain application keys started with {@link INSECURE_KEY_ALIAS}. * contain application keys started with {@link #INSECURE_KEY_ALIAS_PREFIX}. * Recovery snapshot will only be created if device is unlocked with password started with * {@link #INSECURE_PASSWORD_PREFIX}. * Loading
services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncTask.java +3 −5 Original line number Diff line number Diff line Loading @@ -19,12 +19,10 @@ package com.android.server.locksettings.recoverablekeystore; import static android.security.keystore.recovery.KeyChainProtectionParams.TYPE_LOCKSCREEN; import android.annotation.Nullable; import android.annotation.NonNull; import android.content.Context; import android.security.keystore.recovery.KeyChainProtectionParams; import android.security.keystore.recovery.KeyChainSnapshot; import android.security.keystore.recovery.KeyDerivationParams; import android.security.keystore.recovery.TrustedRootCertificates; import android.security.keystore.recovery.WrappedApplicationKey; import android.util.Log; Loading Loading @@ -218,10 +216,10 @@ public class KeySyncTask implements Runnable { return; } if (mTestOnlyInsecureCertificateHelper.isTestOnlyCertificate(rootCertAlias)) { if (mTestOnlyInsecureCertificateHelper.isTestOnlyCertificateAlias(rootCertAlias)) { Log.w(TAG, "Insecure root certificate is used by recovery agent " + recoveryAgentUid); if (mTestOnlyInsecureCertificateHelper.doesCredentailSupportInsecureMode( if (mTestOnlyInsecureCertificateHelper.doesCredentialSupportInsecureMode( mCredentialType, mCredential)) { Log.w(TAG, "Whitelisted credential is used to generate snapshot by " + "recovery agent "+ recoveryAgentUid); Loading Loading @@ -252,7 +250,7 @@ public class KeySyncTask implements Runnable { } // Only include insecure key material for test if (mTestOnlyInsecureCertificateHelper.isTestOnlyCertificate(rootCertAlias)) { if (mTestOnlyInsecureCertificateHelper.isTestOnlyCertificateAlias(rootCertAlias)) { rawKeys = mTestOnlyInsecureCertificateHelper.keepOnlyWhitelistedInsecureKeys(rawKeys); } SecretKey recoveryKey; Loading
services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java +5 −1 Original line number Diff line number Diff line Loading @@ -174,9 +174,13 @@ public class RecoverableKeyStoreManager { checkRecoverKeyStorePermission(); int userId = UserHandle.getCallingUserId(); int uid = Binder.getCallingUid(); rootCertificateAlias = mTestCertHelper.getDefaultCertificateAliasIfEmpty(rootCertificateAlias); if (!mTestCertHelper.isValidRootCertificateAlias(rootCertificateAlias)) { throw new ServiceSpecificException( ERROR_INVALID_CERTIFICATE, "Invalid root certificate alias"); } // Always set active alias to the argument of the last call to initRecoveryService method, // even if cert file is incorrect. String activeRootAlias = mDatabase.getActiveRootOfTrust(userId, uid); Loading
services/core/java/com/android/server/locksettings/recoverablekeystore/TestOnlyInsecureCertificateHelper.java +8 −3 Original line number Diff line number Diff line Loading @@ -51,7 +51,7 @@ public class TestOnlyInsecureCertificateHelper { public @NonNull X509Certificate getRootCertificate(String rootCertificateAlias) throws RemoteException { rootCertificateAlias = getDefaultCertificateAliasIfEmpty(rootCertificateAlias); if (isTestOnlyCertificate(rootCertificateAlias)) { if (isTestOnlyCertificateAlias(rootCertificateAlias)) { return TrustedRootCertificates.getTestOnlyInsecureCertificate(); } Loading @@ -74,12 +74,17 @@ public class TestOnlyInsecureCertificateHelper { return rootCertificateAlias; } public boolean isTestOnlyCertificate(String rootCertificateAlias) { public boolean isTestOnlyCertificateAlias(String rootCertificateAlias) { return TrustedRootCertificates.TEST_ONLY_INSECURE_CERTIFICATE_ALIAS .equals(rootCertificateAlias); } public boolean doesCredentailSupportInsecureMode(int credentialType, String credential) { public boolean isValidRootCertificateAlias(String rootCertificateAlias) { return TrustedRootCertificates.getRootCertificates().containsKey(rootCertificateAlias) || isTestOnlyCertificateAlias(rootCertificateAlias); } public boolean doesCredentialSupportInsecureMode(int credentialType, String credential) { return (credentialType == LockPatternUtils.CREDENTIAL_TYPE_PASSWORD) && (credential != null) && credential.startsWith(TrustedRootCertificates.INSECURE_PASSWORD_PREFIX); Loading
services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncTaskTest.java +8 −8 Original line number Diff line number Diff line Loading @@ -301,8 +301,8 @@ public class KeySyncTaskTest { TEST_USER_ID, TEST_RECOVERY_AGENT_UID, TEST_ROOT_CERT_ALIAS, TestData.CERT_PATH_1); // Enter test mode with whitelisted credentials when(mTestOnlyInsecureCertificateHelper.isTestOnlyCertificate(any())).thenReturn(true); when(mTestOnlyInsecureCertificateHelper.doesCredentailSupportInsecureMode(anyInt(), any())) when(mTestOnlyInsecureCertificateHelper.isTestOnlyCertificateAlias(any())).thenReturn(true); when(mTestOnlyInsecureCertificateHelper.doesCredentialSupportInsecureMode(anyInt(), any())) .thenReturn(true); mKeySyncTask.run(); Loading @@ -311,7 +311,7 @@ public class KeySyncTaskTest { // run whitelist checks verify(mTestOnlyInsecureCertificateHelper) .doesCredentailSupportInsecureMode(anyInt(), any()); .doesCredentialSupportInsecureMode(anyInt(), any()); verify(mTestOnlyInsecureCertificateHelper) .keepOnlyWhitelistedInsecureKeys(any()); Loading @@ -331,8 +331,8 @@ public class KeySyncTaskTest { TEST_USER_ID, TEST_RECOVERY_AGENT_UID, TEST_ROOT_CERT_ALIAS, TestData.CERT_PATH_1); // Enter test mode with non whitelisted credentials when(mTestOnlyInsecureCertificateHelper.isTestOnlyCertificate(any())).thenReturn(true); when(mTestOnlyInsecureCertificateHelper.doesCredentailSupportInsecureMode(anyInt(), any())) when(mTestOnlyInsecureCertificateHelper.isTestOnlyCertificateAlias(any())).thenReturn(true); when(mTestOnlyInsecureCertificateHelper.doesCredentialSupportInsecureMode(anyInt(), any())) .thenReturn(false); mKeySyncTask.run(); Loading @@ -340,7 +340,7 @@ public class KeySyncTaskTest { verify(mTestOnlyInsecureCertificateHelper) .getDefaultCertificateAliasIfEmpty(eq(TEST_ROOT_CERT_ALIAS)); verify(mTestOnlyInsecureCertificateHelper) .doesCredentailSupportInsecureMode(anyInt(), any()); .doesCredentialSupportInsecureMode(anyInt(), any()); } @Test Loading @@ -358,11 +358,11 @@ public class KeySyncTaskTest { verify(mTestOnlyInsecureCertificateHelper) .getDefaultCertificateAliasIfEmpty(eq(TEST_ROOT_CERT_ALIAS)); verify(mTestOnlyInsecureCertificateHelper, atLeast(1)) .isTestOnlyCertificate(eq(TEST_ROOT_CERT_ALIAS)); .isTestOnlyCertificateAlias(eq(TEST_ROOT_CERT_ALIAS)); // no whitelists check verify(mTestOnlyInsecureCertificateHelper, never()) .doesCredentailSupportInsecureMode(anyInt(), any()); .doesCredentialSupportInsecureMode(anyInt(), any()); verify(mTestOnlyInsecureCertificateHelper, never()) .keepOnlyWhitelistedInsecureKeys(any()); } Loading
