Throw UnrecoverableKeyException if key is missing. (69583729) · Commits · e / os / android_frameworks_base

core/java/android/security/keystore/recovery/RecoveryController.java

+10 −0

Original line number	Diff line number	Diff line
		@@ -264,6 +264,13 @@ public class RecoveryController {
		*/
		public static final int ERROR_DOWNGRADE_CERTIFICATE = 29;

		/**
		* Requested key is not available in AndroidKeyStore.
		*
		* @hide
		*/
		public static final int ERROR_KEY_NOT_FOUND = 30;

		private final ILockSettings mBinder;
		private final KeyStore mKeyStore;

		@@ -703,6 +710,9 @@ public class RecoveryController {
		} catch (KeyPermanentlyInvalidatedException \| UnrecoverableKeyException e) {
		throw new UnrecoverableKeyException(e.getMessage());
		} catch (ServiceSpecificException e) {
		if (e.errorCode == ERROR_KEY_NOT_FOUND) {
		throw new UnrecoverableKeyException(e.getMessage());
		}
		throw wrapUnexpectedServiceSpecificException(e);
		}
		}

+6 −0

Original line number	Diff line number	Diff line
		@@ -16,6 +16,7 @@

		package com.android.server.locksettings.recoverablekeystore.storage;

		import static android.security.keystore.recovery.RecoveryController.ERROR_KEY_NOT_FOUND;
		import static android.security.keystore.recovery.RecoveryController.ERROR_SERVICE_INTERNAL_ERROR;

		import android.annotation.Nullable;
		@@ -135,6 +136,11 @@ public class ApplicationKeyStorage {
		try {
		key = KeyStore2.getInstance().grant(key, uid, grantAccessVector);
		} catch (android.security.KeyStoreException e) {
		if (e.getNumericErrorCode()
		== android.security.KeyStoreException.ERROR_KEY_DOES_NOT_EXIST) {
		Log.e(TAG, "Failed to get grant for KeyStore key - key not found", e);
		throw new ServiceSpecificException(ERROR_KEY_NOT_FOUND, e.getMessage());
		}
		Log.e(TAG, "Failed to get grant for KeyStore key.", e);
		throw new ServiceSpecificException(ERROR_SERVICE_INTERNAL_ERROR, e.getMessage());
		}