Merge "Keystore 2.0: Remove Keystore 1.0 SPI with all remaining references"... (66ead4fb) · Commits · e / os / android_frameworks_base

Android.bp

+0 −1

Original line number	Diff line number	Diff line
		@@ -112,7 +112,6 @@ filegroup {
		":gsiservice_aidl",
		":incidentcompanion_aidl",
		":installd_aidl",
		":keystore_aidl",
		":libaudioclient_aidl",
		":libbinder_aidl",
		":libbluetooth-binder-aidl",

config/hiddenapi-unsupported.txt

+0 −1

Original line number	Diff line number	Diff line
		@@ -209,7 +209,6 @@ Landroid/os/storage/IObbActionListener$Stub;-><init>()V
		Landroid/os/storage/IStorageManager$Stub$Proxy;-><init>(Landroid/os/IBinder;)V
		Landroid/os/storage/IStorageManager$Stub;->asInterface(Landroid/os/IBinder;)Landroid/os/storage/IStorageManager;
		Landroid/security/IKeyChainService$Stub;->asInterface(Landroid/os/IBinder;)Landroid/security/IKeyChainService;
		Landroid/security/keystore/IKeystoreService$Stub;->asInterface(Landroid/os/IBinder;)Landroid/security/keystore/IKeystoreService;
		Landroid/service/dreams/IDreamManager$Stub;->asInterface(Landroid/os/IBinder;)Landroid/service/dreams/IDreamManager;
		Landroid/service/notification/INotificationListener$Stub;-><init>()V
		Landroid/service/persistentdata/IPersistentDataBlockService$Stub;->asInterface(Landroid/os/IBinder;)Landroid/service/persistentdata/IPersistentDataBlockService;

core/java/android/security/ConfirmationPrompt.java

+31 −149

Original line number	Diff line number	Diff line
		@@ -21,7 +21,6 @@ import android.content.ContentResolver;
		import android.content.Context;
		import android.provider.Settings;
		import android.provider.Settings.SettingNotFoundException;
		import android.security.keystore.AndroidKeyStoreProvider;
		import android.text.TextUtils;
		import android.util.Log;

		@@ -105,32 +104,6 @@ public class ConfirmationPrompt {

		private void doCallback(int responseCode, byte[] dataThatWasConfirmed,
		ConfirmationCallback callback) {
		switch (responseCode) {
		case KeyStore.CONFIRMATIONUI_OK:
		callback.onConfirmed(dataThatWasConfirmed);
		break;

		case KeyStore.CONFIRMATIONUI_CANCELED:
		callback.onDismissed();
		break;

		case KeyStore.CONFIRMATIONUI_ABORTED:
		callback.onCanceled();
		break;

		case KeyStore.CONFIRMATIONUI_SYSTEM_ERROR:
		callback.onError(new Exception("System error returned by ConfirmationUI."));
		break;

		default:
		callback.onError(new Exception("Unexpected responseCode=" + responseCode
		+ " from onConfirmtionPromptCompleted() callback."));
		break;
		}
		}

		private void doCallback2(int responseCode, byte[] dataThatWasConfirmed,
		ConfirmationCallback callback) {
		switch (responseCode) {
		case AndroidProtectedConfirmation.ERROR_OK:
		callback.onConfirmed(dataThatWasConfirmed);
		@@ -155,31 +128,6 @@ public class ConfirmationPrompt {
		}
		}

		private final android.os.IBinder mCallbackBinder =
		new android.security.IConfirmationPromptCallback.Stub() {
		@Override
		public void onConfirmationPromptCompleted(
		int responseCode, final byte[] dataThatWasConfirmed)
		throws android.os.RemoteException {
		if (mCallback != null) {
		ConfirmationCallback callback = mCallback;
		Executor executor = mExecutor;
		mCallback = null;
		mExecutor = null;
		if (executor == null) {
		doCallback(responseCode, dataThatWasConfirmed, callback);
		} else {
		executor.execute(new Runnable() {
		@Override
		public void run() {
		doCallback(responseCode, dataThatWasConfirmed, callback);
		}
		});
		}
		}
		}
		};

		private final android.security.apc.IConfirmationCallback mConfirmationCallback =
		new android.security.apc.IConfirmationCallback.Stub() {
		@Override
		@@ -191,11 +139,11 @@ public class ConfirmationPrompt {
		mCallback = null;
		mExecutor = null;
		if (executor == null) {
		doCallback2(result, dataThatWasConfirmed, callback);
		doCallback(result, dataThatWasConfirmed, callback);
		} else {
		executor.execute(new Runnable() {
		@Override public void run() {
		doCallback2(result, dataThatWasConfirmed, callback);
		doCallback(result, dataThatWasConfirmed, callback);
		}
		});
		}
		@@ -266,29 +214,7 @@ public class ConfirmationPrompt {
		mExtraData = extraData;
		}

		private static final int UI_OPTION_ACCESSIBILITY_INVERTED_FLAG = 1 << 0;
		private static final int UI_OPTION_ACCESSIBILITY_MAGNIFIED_FLAG = 1 << 1;

		private int getUiOptionsAsFlags() {
		if (AndroidKeyStoreProvider.isKeystore2Enabled()) {
		return getUiOptionsAsFlags2();
		}
		int uiOptionsAsFlags = 0;
		ContentResolver contentResolver = mContext.getContentResolver();
		int inversionEnabled = Settings.Secure.getInt(contentResolver,
		Settings.Secure.ACCESSIBILITY_DISPLAY_INVERSION_ENABLED, 0);
		if (inversionEnabled == 1) {
		uiOptionsAsFlags \|= UI_OPTION_ACCESSIBILITY_INVERTED_FLAG;
		}
		float fontScale = Settings.System.getFloat(contentResolver,
		Settings.System.FONT_SCALE, (float) 1.0);
		if (fontScale > 1.0) {
		uiOptionsAsFlags \|= UI_OPTION_ACCESSIBILITY_MAGNIFIED_FLAG;
		}
		return uiOptionsAsFlags;
		}

		private int getUiOptionsAsFlags2() {
		int uiOptionsAsFlags = 0;
		ContentResolver contentResolver = mContext.getContentResolver();
		int inversionEnabled = Settings.Secure.getInt(contentResolver,
		@@ -349,8 +275,7 @@ public class ConfirmationPrompt {
		mExecutor = executor;

		String locale = Locale.getDefault().toLanguageTag();
		if (AndroidKeyStoreProvider.isKeystore2Enabled()) {
		int uiOptionsAsFlags = getUiOptionsAsFlags2();
		int uiOptionsAsFlags = getUiOptionsAsFlags();
		int responseCode = getService().presentConfirmationPrompt(
		mConfirmationCallback, mPromptText.toString(), mExtraData, locale,
		uiOptionsAsFlags);
		@@ -371,31 +296,6 @@ public class ConfirmationPrompt {
		+ " from presentConfirmationPrompt() call.");
		throw new IllegalArgumentException();
		}
		} else {
		int uiOptionsAsFlags = getUiOptionsAsFlags();
		int responseCode = mKeyStore.presentConfirmationPrompt(
		mCallbackBinder, mPromptText.toString(), mExtraData, locale, uiOptionsAsFlags);
		switch (responseCode) {
		case KeyStore.CONFIRMATIONUI_OK:
		return;

		case KeyStore.CONFIRMATIONUI_OPERATION_PENDING:
		throw new ConfirmationAlreadyPresentingException();

		case KeyStore.CONFIRMATIONUI_UNIMPLEMENTED:
		throw new ConfirmationNotAvailableException();

		case KeyStore.CONFIRMATIONUI_UIERROR:
		throw new IllegalArgumentException();

		default:
		// Unexpected error code.
		Log.w(TAG,
		"Unexpected responseCode=" + responseCode
		+ " from presentConfirmationPrompt() call.");
		throw new IllegalArgumentException();
		}
		}
		}

		/**
		@@ -408,7 +308,6 @@ public class ConfirmationPrompt {
		* @throws IllegalStateException if no prompt is currently being presented.
		*/
		public void cancelPrompt() {
		if (AndroidKeyStoreProvider.isKeystore2Enabled()) {
		int responseCode =
		getService().cancelConfirmationPrompt(mConfirmationCallback);
		if (responseCode == AndroidProtectedConfirmation.ERROR_OK) {
		@@ -422,20 +321,6 @@ public class ConfirmationPrompt {
		+ " from cancelConfirmationPrompt() call.");
		throw new IllegalStateException();
		}
		} else {
		int responseCode = mKeyStore.cancelConfirmationPrompt(mCallbackBinder);
		if (responseCode == KeyStore.CONFIRMATIONUI_OK) {
		return;
		} else if (responseCode == KeyStore.CONFIRMATIONUI_OPERATION_PENDING) {
		throw new IllegalStateException();
		} else {
		// Unexpected error code.
		Log.w(TAG,
		"Unexpected responseCode=" + responseCode
		+ " from cancelConfirmationPrompt() call.");
		throw new IllegalStateException();
		}
		}
		}

		/**
		@@ -448,9 +333,6 @@ public class ConfirmationPrompt {
		if (isAccessibilityServiceRunning(context)) {
		return false;
		}
		if (AndroidKeyStoreProvider.isKeystore2Enabled()) {
		return new AndroidProtectedConfirmation().isConfirmationPromptSupported();
		}
		return KeyStore.getInstance().isConfirmationPromptSupported();
		}
		}

keystore/java/android/security/keystore/AndroidKeyStoreSecretKey.java→core/java/android/security/keymaster/KeymasterCertificateChain.aidl

+3 −15

Original line number	Diff line number	Diff line
		/*
		* Copyright (C) 2015 The Android Open Source Project
		* Copyright (C) 2021 The Android Open Source Project
		*
		* Licensed under the Apache License, Version 2.0 (the "License");
		* you may not use this file except in compliance with the License.
		@@ -14,18 +14,6 @@
		* limitations under the License.
		*/

		package android.security.keystore;
		package android.security.keymaster;

		import javax.crypto.SecretKey;

		/**
		* {@link SecretKey} backed by Android Keystore.
		*
		* @hide
		*/
		public class AndroidKeyStoreSecretKey extends AndroidKeyStoreKey implements SecretKey {

		public AndroidKeyStoreSecretKey(String alias, int uid, String algorithm) {
		super(alias, uid, algorithm);
		}
		}
		parcelable KeymasterCertificateChain;

core/java/android/security/keystore/recovery/RecoveryController.java

+4 −12

Original line number	Diff line number	Diff line
		@@ -712,19 +712,11 @@ public class RecoveryController {
		*/
		@NonNull Key getKeyFromGrant(@NonNull String grantAlias)
		throws UnrecoverableKeyException, KeyPermanentlyInvalidatedException {
		if (grantAlias.startsWith(APPLICATION_KEY_GRANT_PREFIX)) {
		return AndroidKeyStoreProvider
		.loadAndroidKeyStoreSecretKeyFromKeystore(
		KeyStore2.getInstance(),
		getGrantDescriptor(grantAlias));
		}
		// TODO(b/171305545): remove KeyStore1 logic.
		return android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStoreKeyFromKeystore(
		mKeyStore,
		grantAlias,
		KeyStore.UID_SELF);

		}

		private static final String APPLICATION_KEY_GRANT_PREFIX = "recoverable_key:";