Loading packages/BackupEncryption/src/com/android/server/backup/encryption/keys/RestoreKeyFetcher.java 0 → 100644 +71 −0 Original line number Diff line number Diff line /* * Copyright (C) 2019 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.server.backup.encryption.keys; import android.security.keystore.recovery.InternalRecoveryServiceException; import com.android.server.backup.encryption.keys.RecoverableKeyStoreSecondaryKeyManager.RecoverableKeyStoreSecondaryKeyManagerProvider; import com.android.server.backup.encryption.protos.nano.WrappedKeyProto; import java.security.InvalidAlgorithmParameterException; import java.security.KeyException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.util.Optional; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; /** Fetches the secondary key and uses it to unwrap the tertiary key during restore. */ public class RestoreKeyFetcher { /** * Retrieves the secondary key with the given alias and uses it to unwrap the given wrapped * tertiary key. * * @param secondaryKeyManagerProvider Provider which creates {@link * RecoverableKeyStoreSecondaryKeyManager} * @param secondaryKeyAlias Alias of the secondary key used to wrap the tertiary key * @param wrappedTertiaryKey Tertiary key wrapped with the secondary key above * @return The unwrapped tertiary key */ public static SecretKey unwrapTertiaryKey( RecoverableKeyStoreSecondaryKeyManagerProvider secondaryKeyManagerProvider, String secondaryKeyAlias, WrappedKeyProto.WrappedKey wrappedTertiaryKey) throws KeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchPaddingException { Optional<RecoverableKeyStoreSecondaryKey> secondaryKey = getSecondaryKey(secondaryKeyManagerProvider, secondaryKeyAlias); if (!secondaryKey.isPresent()) { throw new KeyException("No key:" + secondaryKeyAlias); } return KeyWrapUtils.unwrap(secondaryKey.get().getSecretKey(), wrappedTertiaryKey); } private static Optional<RecoverableKeyStoreSecondaryKey> getSecondaryKey( RecoverableKeyStoreSecondaryKeyManagerProvider secondaryKeyManagerProvider, String secondaryKeyAlias) throws KeyException { try { return secondaryKeyManagerProvider.get().get(secondaryKeyAlias); } catch (InternalRecoveryServiceException | UnrecoverableKeyException e) { throw new KeyException("Could not retrieve key:" + secondaryKeyAlias, e); } } } packages/BackupEncryption/test/robolectric/Android.bp +1 −0 Original line number Diff line number Diff line Loading @@ -23,6 +23,7 @@ android_robolectric_test { "backup-encryption-protos", "platform-test-annotations", "testng", "truth-prebuilt", ], instrumentation_for: "BackupEncryption", } Loading packages/BackupEncryption/test/robolectric/src/com/android/server/backup/encryption/keys/RestoreKeyFetcherTest.java 0 → 100644 +127 −0 Original line number Diff line number Diff line /* * Copyright (C) 2019 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.server.backup.encryption.keys; import static com.google.common.truth.Truth.assertThat; import static org.mockito.Mockito.when; import static org.testng.Assert.assertThrows; import android.platform.test.annotations.Presubmit; import com.android.server.backup.encryption.protos.nano.WrappedKeyProto; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; import org.mockito.MockitoAnnotations; import org.robolectric.RobolectricTestRunner; import java.security.InvalidKeyException; import java.security.KeyException; import java.security.SecureRandom; import java.util.Optional; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; /** Test the restore key fetcher */ @RunWith(RobolectricTestRunner.class) @Presubmit public class RestoreKeyFetcherTest { private static final String KEY_GENERATOR_ALGORITHM = "AES"; private static final String TEST_SECONDARY_KEY_ALIAS = "test_2ndary_key"; private static final byte[] TEST_SECONDARY_KEY_BYTES = new byte[256 / Byte.SIZE]; @Mock private RecoverableKeyStoreSecondaryKeyManager mSecondaryKeyManager; /** Initialise the mocks **/ @Before public void setUp() { MockitoAnnotations.initMocks(this); } /** Ensure the unwrap method works as expected */ @Test public void unwrapTertiaryKey_returnsUnwrappedKey() throws Exception { RecoverableKeyStoreSecondaryKey secondaryKey = createSecondaryKey(); SecretKey tertiaryKey = createTertiaryKey(); WrappedKeyProto.WrappedKey wrappedTertiaryKey = KeyWrapUtils.wrap(secondaryKey.getSecretKey(), tertiaryKey); when(mSecondaryKeyManager.get(TEST_SECONDARY_KEY_ALIAS)) .thenReturn(Optional.of(secondaryKey)); SecretKey actualTertiaryKey = RestoreKeyFetcher.unwrapTertiaryKey( () -> mSecondaryKeyManager, TEST_SECONDARY_KEY_ALIAS, wrappedTertiaryKey); assertThat(actualTertiaryKey).isEqualTo(tertiaryKey); } /** Ensure that missing secondary keys are detected and an appropriate exception is thrown */ @Test public void unwrapTertiaryKey_missingSecondaryKey_throwsSpecificException() throws Exception { WrappedKeyProto.WrappedKey wrappedTertiaryKey = KeyWrapUtils.wrap(createSecondaryKey().getSecretKey(), createTertiaryKey()); when(mSecondaryKeyManager.get(TEST_SECONDARY_KEY_ALIAS)).thenReturn(Optional.empty()); assertThrows( KeyException.class, () -> RestoreKeyFetcher.unwrapTertiaryKey( () -> mSecondaryKeyManager, TEST_SECONDARY_KEY_ALIAS, wrappedTertiaryKey)); } /** Ensure that invalid secondary keys are detected and an appropriate exception is thrown */ @Test public void unwrapTertiaryKey_badSecondaryKey_throws() throws Exception { RecoverableKeyStoreSecondaryKey badSecondaryKey = new RecoverableKeyStoreSecondaryKey( TEST_SECONDARY_KEY_ALIAS, new SecretKeySpec(new byte[] {0, 1}, KEY_GENERATOR_ALGORITHM)); WrappedKeyProto.WrappedKey wrappedTertiaryKey = KeyWrapUtils.wrap(createSecondaryKey().getSecretKey(), createTertiaryKey()); when(mSecondaryKeyManager.get(TEST_SECONDARY_KEY_ALIAS)) .thenReturn(Optional.of(badSecondaryKey)); assertThrows( InvalidKeyException.class, () -> RestoreKeyFetcher.unwrapTertiaryKey( () -> mSecondaryKeyManager, TEST_SECONDARY_KEY_ALIAS, wrappedTertiaryKey)); } private static RecoverableKeyStoreSecondaryKey createSecondaryKey() { return new RecoverableKeyStoreSecondaryKey( TEST_SECONDARY_KEY_ALIAS, new SecretKeySpec(TEST_SECONDARY_KEY_BYTES, KEY_GENERATOR_ALGORITHM)); } private static SecretKey createTertiaryKey() { return new TertiaryKeyGenerator(new SecureRandom(new byte[] {0})).generate(); } } Loading
packages/BackupEncryption/src/com/android/server/backup/encryption/keys/RestoreKeyFetcher.java 0 → 100644 +71 −0 Original line number Diff line number Diff line /* * Copyright (C) 2019 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.server.backup.encryption.keys; import android.security.keystore.recovery.InternalRecoveryServiceException; import com.android.server.backup.encryption.keys.RecoverableKeyStoreSecondaryKeyManager.RecoverableKeyStoreSecondaryKeyManagerProvider; import com.android.server.backup.encryption.protos.nano.WrappedKeyProto; import java.security.InvalidAlgorithmParameterException; import java.security.KeyException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.util.Optional; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; /** Fetches the secondary key and uses it to unwrap the tertiary key during restore. */ public class RestoreKeyFetcher { /** * Retrieves the secondary key with the given alias and uses it to unwrap the given wrapped * tertiary key. * * @param secondaryKeyManagerProvider Provider which creates {@link * RecoverableKeyStoreSecondaryKeyManager} * @param secondaryKeyAlias Alias of the secondary key used to wrap the tertiary key * @param wrappedTertiaryKey Tertiary key wrapped with the secondary key above * @return The unwrapped tertiary key */ public static SecretKey unwrapTertiaryKey( RecoverableKeyStoreSecondaryKeyManagerProvider secondaryKeyManagerProvider, String secondaryKeyAlias, WrappedKeyProto.WrappedKey wrappedTertiaryKey) throws KeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchPaddingException { Optional<RecoverableKeyStoreSecondaryKey> secondaryKey = getSecondaryKey(secondaryKeyManagerProvider, secondaryKeyAlias); if (!secondaryKey.isPresent()) { throw new KeyException("No key:" + secondaryKeyAlias); } return KeyWrapUtils.unwrap(secondaryKey.get().getSecretKey(), wrappedTertiaryKey); } private static Optional<RecoverableKeyStoreSecondaryKey> getSecondaryKey( RecoverableKeyStoreSecondaryKeyManagerProvider secondaryKeyManagerProvider, String secondaryKeyAlias) throws KeyException { try { return secondaryKeyManagerProvider.get().get(secondaryKeyAlias); } catch (InternalRecoveryServiceException | UnrecoverableKeyException e) { throw new KeyException("Could not retrieve key:" + secondaryKeyAlias, e); } } }
packages/BackupEncryption/test/robolectric/Android.bp +1 −0 Original line number Diff line number Diff line Loading @@ -23,6 +23,7 @@ android_robolectric_test { "backup-encryption-protos", "platform-test-annotations", "testng", "truth-prebuilt", ], instrumentation_for: "BackupEncryption", } Loading
packages/BackupEncryption/test/robolectric/src/com/android/server/backup/encryption/keys/RestoreKeyFetcherTest.java 0 → 100644 +127 −0 Original line number Diff line number Diff line /* * Copyright (C) 2019 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.server.backup.encryption.keys; import static com.google.common.truth.Truth.assertThat; import static org.mockito.Mockito.when; import static org.testng.Assert.assertThrows; import android.platform.test.annotations.Presubmit; import com.android.server.backup.encryption.protos.nano.WrappedKeyProto; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; import org.mockito.MockitoAnnotations; import org.robolectric.RobolectricTestRunner; import java.security.InvalidKeyException; import java.security.KeyException; import java.security.SecureRandom; import java.util.Optional; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; /** Test the restore key fetcher */ @RunWith(RobolectricTestRunner.class) @Presubmit public class RestoreKeyFetcherTest { private static final String KEY_GENERATOR_ALGORITHM = "AES"; private static final String TEST_SECONDARY_KEY_ALIAS = "test_2ndary_key"; private static final byte[] TEST_SECONDARY_KEY_BYTES = new byte[256 / Byte.SIZE]; @Mock private RecoverableKeyStoreSecondaryKeyManager mSecondaryKeyManager; /** Initialise the mocks **/ @Before public void setUp() { MockitoAnnotations.initMocks(this); } /** Ensure the unwrap method works as expected */ @Test public void unwrapTertiaryKey_returnsUnwrappedKey() throws Exception { RecoverableKeyStoreSecondaryKey secondaryKey = createSecondaryKey(); SecretKey tertiaryKey = createTertiaryKey(); WrappedKeyProto.WrappedKey wrappedTertiaryKey = KeyWrapUtils.wrap(secondaryKey.getSecretKey(), tertiaryKey); when(mSecondaryKeyManager.get(TEST_SECONDARY_KEY_ALIAS)) .thenReturn(Optional.of(secondaryKey)); SecretKey actualTertiaryKey = RestoreKeyFetcher.unwrapTertiaryKey( () -> mSecondaryKeyManager, TEST_SECONDARY_KEY_ALIAS, wrappedTertiaryKey); assertThat(actualTertiaryKey).isEqualTo(tertiaryKey); } /** Ensure that missing secondary keys are detected and an appropriate exception is thrown */ @Test public void unwrapTertiaryKey_missingSecondaryKey_throwsSpecificException() throws Exception { WrappedKeyProto.WrappedKey wrappedTertiaryKey = KeyWrapUtils.wrap(createSecondaryKey().getSecretKey(), createTertiaryKey()); when(mSecondaryKeyManager.get(TEST_SECONDARY_KEY_ALIAS)).thenReturn(Optional.empty()); assertThrows( KeyException.class, () -> RestoreKeyFetcher.unwrapTertiaryKey( () -> mSecondaryKeyManager, TEST_SECONDARY_KEY_ALIAS, wrappedTertiaryKey)); } /** Ensure that invalid secondary keys are detected and an appropriate exception is thrown */ @Test public void unwrapTertiaryKey_badSecondaryKey_throws() throws Exception { RecoverableKeyStoreSecondaryKey badSecondaryKey = new RecoverableKeyStoreSecondaryKey( TEST_SECONDARY_KEY_ALIAS, new SecretKeySpec(new byte[] {0, 1}, KEY_GENERATOR_ALGORITHM)); WrappedKeyProto.WrappedKey wrappedTertiaryKey = KeyWrapUtils.wrap(createSecondaryKey().getSecretKey(), createTertiaryKey()); when(mSecondaryKeyManager.get(TEST_SECONDARY_KEY_ALIAS)) .thenReturn(Optional.of(badSecondaryKey)); assertThrows( InvalidKeyException.class, () -> RestoreKeyFetcher.unwrapTertiaryKey( () -> mSecondaryKeyManager, TEST_SECONDARY_KEY_ALIAS, wrappedTertiaryKey)); } private static RecoverableKeyStoreSecondaryKey createSecondaryKey() { return new RecoverableKeyStoreSecondaryKey( TEST_SECONDARY_KEY_ALIAS, new SecretKeySpec(TEST_SECONDARY_KEY_BYTES, KEY_GENERATOR_ALGORITHM)); } private static SecretKey createTertiaryKey() { return new TertiaryKeyGenerator(new SecureRandom(new byte[] {0})).generate(); } }
