Skip the parsing of the refresh interval in CertXml (8f24d7d7) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/locksettings/recoverablekeystore/certificate/CertXml.java

+2 −26

Original line number	Diff line number	Diff line
		@@ -20,6 +20,8 @@ import android.annotation.Nullable;

		import com.android.internal.annotations.VisibleForTesting;

		import org.w3c.dom.Element;

		import java.security.SecureRandom;
		import java.security.cert.CertPath;
		import java.security.cert.X509Certificate;
		@@ -28,8 +30,6 @@ import java.util.Collections;
		import java.util.Date;
		import java.util.List;

		import org.w3c.dom.Element;

		/**
		* Parses and holds the XML file containing the list of THM public-key certificates and related
		* metadata.
		@@ -38,24 +38,20 @@ public final class CertXml {

		private static final String METADATA_NODE_TAG = "metadata";
		private static final String METADATA_SERIAL_NODE_TAG = "serial";
		private static final String METADATA_REFRESH_INTERVAL_NODE_TAG = "refresh-interval";
		private static final String ENDPOINT_CERT_LIST_TAG = "endpoints";
		private static final String ENDPOINT_CERT_ITEM_TAG = "cert";
		private static final String INTERMEDIATE_CERT_LIST_TAG = "intermediates";
		private static final String INTERMEDIATE_CERT_ITEM_TAG = "cert";

		private final long serial;
		private final long refreshInterval;
		private final List<X509Certificate> intermediateCerts;
		private final List<X509Certificate> endpointCerts;

		private CertXml(
		long serial,
		long refreshInterval,
		List<X509Certificate> intermediateCerts,
		List<X509Certificate> endpointCerts) {
		this.serial = serial;
		this.refreshInterval = refreshInterval;
		this.intermediateCerts = intermediateCerts;
		this.endpointCerts = endpointCerts;
		}
		@@ -65,15 +61,6 @@ public final class CertXml {
		return serial;
		}

		/**
		* Gets the refresh interval in the XML file containing public-key certificates. The refresh
		* interval denotes the number of seconds that the client should follow to contact the server to
		* refresh the XML file.
		*/
		public long getRefreshInterval() {
		return refreshInterval;
		}

		@VisibleForTesting
		List<X509Certificate> getAllIntermediateCerts() {
		return intermediateCerts;
		@@ -121,7 +108,6 @@ public final class CertXml {
		Element rootNode = CertUtils.getXmlRootNode(bytes);
		return new CertXml(
		parseSerial(rootNode),
		parseRefreshInterval(rootNode),
		parseIntermediateCerts(rootNode),
		parseEndpointCerts(rootNode));
		}
		@@ -136,16 +122,6 @@ public final class CertXml {
		return Long.parseLong(contents.get(0));
		}

		private static long parseRefreshInterval(Element rootNode) throws CertParsingException {
		List<String> contents =
		CertUtils.getXmlNodeContents(
		CertUtils.MUST_EXIST_EXACTLY_ONE,
		rootNode,
		METADATA_NODE_TAG,
		METADATA_REFRESH_INTERVAL_NODE_TAG);
		return Long.parseLong(contents.get(0));
		}

		private static List<X509Certificate> parseIntermediateCerts(Element rootNode)
		throws CertParsingException {
		List<String> contents =

services/tests/servicestests/assets/KeyStoreRecoveryControllerTest/xml/invalid-cert-file-two-refresh-intervals.xml

deleted100644 → 0

+0 −46

Original line number	Diff line number	Diff line
		<?xml version="1.0" encoding="UTF-8"?>
		<certificates>
		<metadata>
		<serial>
		1000
		</serial>
		<creation-time>
		1515697631
		</creation-time>
		<refresh-interval>
		2592000
		</refresh-interval>
		<refresh-interval>
		2592000
		</refresh-interval>
		<previous>
		<serial>
		0
		</serial>
		<hash>
		47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=
		</hash>
		</previous>
		</metadata>
		<endpoints>
		<cert>
		MIIDCDCB8aADAgECAgYBYOlweDswDQYJKoZIhvcNAQELBQAwLTErMCkGA1UEAwwi
		R29vZ2xlIENyeXB0QXV0aFZhdWx0IEludGVybWVkaWF0ZTAeFw0xODAxMTEwODE1
		NTBaFw0yMDAxMTIwODE1NTBaMCkxJzAlBgNVBAMTHkdvb2dsZSBDcnlwdEF1dGhW
		YXVsdCBJbnN0YW5jZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLgAERiYHfBu
		tJT+htocB40BtDr2jdxh0EZJlQ8QhpMkZuA/0t/zeSAdkVWw5b16izJ9JVOi/KVl
		4b0hRH54UvowDQYJKoZIhvcNAQELBQADggIBABZALhC9j3hpZ0AgN0tsqAP2Ix21
		tNOcvo/aFJuSFanOM4DZbycZEYAo5rorvuFu7eXETBKDGnI5xreNAoQsaj/dyCHu
		HKIn5P7yCmKvG2sV2TQ5go+0xV2x8BhTrtUWLeHvUbM3fXipa3NrordbA8MgzXwr
		GR1Y1FuMOn5n4kiuHJ2sQTbDdzSQSK5VpH+6rjARlfOCyLUX0u8UKRRH81qhIQWb
		UFMp9q1CVfiLP2O3CdDdpZXCysdflIb62TWnma+I8jqMryyxrMVs9kpfa8zkX9qe
		33Vxp+QaQTqQ07/7KYVw869MeFn+bXeHnjUhqGY6S8M71vrTMG3M5p8Sq9LmV8Y5
		7YB5uqKap2Inf0FOuJS7h7nVVzU/kOFkepaQVHyScwTPuuXNgpQg8XZnN/AWfRwJ
		hf5zE6vXXTHMzQA1mY2eEhxGfpryv7LH8pvfcyTakdBlw8aMJjKdre8xLLGZeVCa
		79plkfYD0rMrxtRHCGyTKGzUcx/B9kYJK5qBgJiDJLKF3XwGbAs/F8CyEPihjvj4
		M2EoeyhmHWKLYsps6+uTksJ+PxZU14M7672K2y8BdulyfkZIhili118XnRykKkMf
		JLQJKMqZx5O0B9bF8yQdcGKEGEwMQt5ENdH8HeiwLm4QS3VzFXYetgUPCM5lPDIp
		BuwwuQxvQDF4pmQd
		</cert>
		</endpoints>
		</certificates>

services/tests/servicestests/assets/KeyStoreRecoveryControllerTest/xml/invalid-cert-file-no-refresh-interval.xml→services/tests/servicestests/assets/KeyStoreRecoveryControllerTest/xml/valid-cert-file-no-refresh-interval.xml

+0 −0

File moved.

View file

services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/certificate/CertXmlTest.java

+7 −26

Original line number	Diff line number	Diff line
		@@ -47,7 +47,6 @@ public final class CertXmlTest {
		public void parse_succeeds() throws Exception {
		CertXml certXml = CertXml.parse(certXmlBytes);
		assertThat(certXml.getSerial()).isEqualTo(1000L);
		assertThat(certXml.getRefreshInterval()).isEqualTo(2592000L);
		}

		@Test
		@@ -75,27 +74,22 @@ public final class CertXmlTest {
		}

		@Test
		public void parse_throwsIfNoEndpointCert() throws Exception {
		CertParsingException expected =
		expectThrows(
		CertParsingException.class,
		() ->
		public void parse_doesNotThrowIfNoRefreshInterval() throws Exception {
		CertXml.parse(
		TestData.readTestFile(
		"xml/invalid-cert-file-no-endpoint-cert.xml")));
		assertThat(expected.getMessage()).contains("at least one");
		"xml/valid-cert-file-no-refresh-interval.xml"));
		}

		@Test
		public void parse_throwsIfNoRefreshInterval() throws Exception {
		public void parse_throwsIfNoEndpointCert() throws Exception {
		CertParsingException expected =
		expectThrows(
		CertParsingException.class,
		() ->
		CertXml.parse(
		TestData.readTestFile(
		"xml/invalid-cert-file-no-refresh-interval.xml")));
		assertThat(expected.getMessage()).contains("exactly one");
		"xml/invalid-cert-file-no-endpoint-cert.xml")));
		assertThat(expected.getMessage()).contains("at least one");
		}

		@Test
		@@ -110,19 +104,6 @@ public final class CertXmlTest {
		assertThat(expected.getMessage()).contains("exactly one");
		}

		@Test
		public void parse_throwsIfTwoRefreshIntervals() throws Exception {
		CertParsingException expected =
		expectThrows(
		CertParsingException.class,
		() ->
		CertXml.parse(
		TestData.readTestFile(
		"xml/invalid-cert-file-two-refresh-intervals"
		+ ".xml")));
		assertThat(expected.getMessage()).contains("exactly one");
		}

		@Test
		public void parse_throwsIfTwoSerials() throws Exception {
		CertParsingException expected =