Add API to remove recoverable keys (5daccec8) · Commits · e / os / android_frameworks_base

core/java/com/android/internal/widget/ILockSettings.aidl

+1 −0

Original line number	Diff line number	Diff line
		@@ -66,6 +66,7 @@ interface ILockSettings {
		void initRecoveryService(in String rootCertificateAlias, in byte[] signedPublicKeyList);
		KeyStoreRecoveryData getRecoveryData(in byte[] account);
		byte[] generateAndStoreKey(String alias);
		void removeKey(String alias);
		void setSnapshotCreatedPendingIntent(in PendingIntent intent);
		Map getRecoverySnapshotVersions();
		void setServerParameters(long serverParameters);

+5 −0

Original line number	Diff line number	Diff line
		@@ -2030,6 +2030,11 @@ public class LockSettingsService extends ILockSettings.Stub {
		sessionId, recoveryKeyBlob, applicationKeys);
		}

		@Override
		public void removeKey(@NonNull String alias) throws RemoteException {
		mRecoverableKeyStoreManager.removeKey(alias);
		}

		@Override
		public byte[] generateAndStoreKey(@NonNull String alias) throws RemoteException {
		return mRecoverableKeyStoreManager.generateAndStoreKey(alias);

+4 −1

Original line number	Diff line number	Diff line
		@@ -411,7 +411,6 @@ public class RecoverableKeyStoreManager {
		int uid = Binder.getCallingUid();
		int userId = UserHandle.getCallingUserId();


		PlatformEncryptionKey encryptionKey;
		try {
		encryptionKey = mPlatformKeyManager.getEncryptKey(userId);
		@@ -433,6 +432,10 @@ public class RecoverableKeyStoreManager {
		}
		}

		public void removeKey(@NonNull String alias) throws RemoteException {
		mDatabase.removeKey(Binder.getCallingUid(), alias);
		}

		private byte[] decryptRecoveryKey(
		RecoverySessionStorage.Entry sessionEntry, byte[] encryptedClaimResponse)
		throws RemoteException, ServiceSpecificException {

+13 −0

Original line number	Diff line number	Diff line
		@@ -146,6 +146,19 @@ public class RecoverableKeyStoreDb {
		}
		}

		/**
		* Removes key with {@code alias} for app with {@code uid}.
		*
		* @return {@code true} if deleted a row.
		*/
		public boolean removeKey(int uid, String alias) {
		SQLiteDatabase db = mKeyStoreDbHelper.getWritableDatabase();
		String selection = KeysEntry.COLUMN_NAME_UID + " = ? AND " +
		KeysEntry.COLUMN_NAME_ALIAS + " = ?";
		String[] selectionArgs = { Integer.toString(uid), alias };
		return db.delete(KeysEntry.TABLE_NAME, selection, selectionArgs) > 0;
		}

		/**
		* Returns all statuses for keys {@code uid} and {@code platformKeyGenerationId}.
		*

+10 −0

Original line number	Diff line number	Diff line
		@@ -192,6 +192,16 @@ public class RecoverableKeyStoreManagerTest {
		.hasLength(RECOVERABLE_KEY_SIZE_BYTES);
		}

		@Test
		public void removeKey_removesAKey() throws Exception {
		int uid = Binder.getCallingUid();
		mRecoverableKeyStoreManager.generateAndStoreKey(TEST_ALIAS);

		mRecoverableKeyStoreManager.removeKey(TEST_ALIAS);

		assertThat(mRecoverableKeyStoreDb.getKey(uid, TEST_ALIAS)).isNull();
		}

		@Test
		public void startRecoverySession_checksPermissionFirst() throws Exception {
		mRecoverableKeyStoreManager.startRecoverySession(