Loading services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncTask.java +3 −1 Original line number Diff line number Diff line Loading @@ -36,6 +36,7 @@ import java.nio.ByteBuffer; import java.nio.ByteOrder; import java.nio.charset.StandardCharsets; import java.security.GeneralSecurityException; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.KeyStoreException; import java.security.MessageDigest; Loading Loading @@ -301,7 +302,8 @@ public class KeySyncTask implements Runnable { */ private Map<String, SecretKey> getKeysToSync(int recoveryAgentUid) throws InsecureUserException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, NoSuchPaddingException, BadPlatformKeyException { NoSuchAlgorithmException, NoSuchPaddingException, BadPlatformKeyException, InvalidKeyException, InvalidAlgorithmParameterException { PlatformKeyManager platformKeyManager = mPlatformKeyManagerFactory.newInstance(); PlatformDecryptionKey decryptKey = platformKeyManager.getDecryptKey(mUserId); Map<String, WrappedKey> wrappedKeys = mRecoverableKeyStoreDb.getAllKeys( Loading services/core/java/com/android/server/locksettings/recoverablekeystore/WrappedKey.java +6 −15 Original line number Diff line number Diff line Loading @@ -184,7 +184,8 @@ public class WrappedKey { public static Map<String, SecretKey> unwrapKeys( PlatformDecryptionKey platformKey, Map<String, WrappedKey> wrappedKeys) throws NoSuchAlgorithmException, NoSuchPaddingException, BadPlatformKeyException { throws NoSuchAlgorithmException, NoSuchPaddingException, BadPlatformKeyException, InvalidKeyException, InvalidAlgorithmParameterException { HashMap<String, SecretKey> unwrappedKeys = new HashMap<>(); Cipher cipher = Cipher.getInstance(KEY_WRAP_CIPHER_ALGORITHM); int platformKeyGenerationId = platformKey.getGenerationId(); Loading @@ -201,20 +202,10 @@ public class WrappedKey { platformKey.getGenerationId())); } try { cipher.init( Cipher.UNWRAP_MODE, platformKey.getKey(), new GCMParameterSpec(GCM_TAG_LENGTH_BITS, wrappedKey.getNonce())); } catch (InvalidKeyException | InvalidAlgorithmParameterException e) { Log.e(TAG, String.format( Locale.US, "Could not init Cipher to unwrap recoverable key with alias '%s'", alias), e); continue; } SecretKey key; try { key = (SecretKey) cipher.unwrap( Loading Loading
services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncTask.java +3 −1 Original line number Diff line number Diff line Loading @@ -36,6 +36,7 @@ import java.nio.ByteBuffer; import java.nio.ByteOrder; import java.nio.charset.StandardCharsets; import java.security.GeneralSecurityException; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.KeyStoreException; import java.security.MessageDigest; Loading Loading @@ -301,7 +302,8 @@ public class KeySyncTask implements Runnable { */ private Map<String, SecretKey> getKeysToSync(int recoveryAgentUid) throws InsecureUserException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, NoSuchPaddingException, BadPlatformKeyException { NoSuchAlgorithmException, NoSuchPaddingException, BadPlatformKeyException, InvalidKeyException, InvalidAlgorithmParameterException { PlatformKeyManager platformKeyManager = mPlatformKeyManagerFactory.newInstance(); PlatformDecryptionKey decryptKey = platformKeyManager.getDecryptKey(mUserId); Map<String, WrappedKey> wrappedKeys = mRecoverableKeyStoreDb.getAllKeys( Loading
services/core/java/com/android/server/locksettings/recoverablekeystore/WrappedKey.java +6 −15 Original line number Diff line number Diff line Loading @@ -184,7 +184,8 @@ public class WrappedKey { public static Map<String, SecretKey> unwrapKeys( PlatformDecryptionKey platformKey, Map<String, WrappedKey> wrappedKeys) throws NoSuchAlgorithmException, NoSuchPaddingException, BadPlatformKeyException { throws NoSuchAlgorithmException, NoSuchPaddingException, BadPlatformKeyException, InvalidKeyException, InvalidAlgorithmParameterException { HashMap<String, SecretKey> unwrappedKeys = new HashMap<>(); Cipher cipher = Cipher.getInstance(KEY_WRAP_CIPHER_ALGORITHM); int platformKeyGenerationId = platformKey.getGenerationId(); Loading @@ -201,20 +202,10 @@ public class WrappedKey { platformKey.getGenerationId())); } try { cipher.init( Cipher.UNWRAP_MODE, platformKey.getKey(), new GCMParameterSpec(GCM_TAG_LENGTH_BITS, wrappedKey.getNonce())); } catch (InvalidKeyException | InvalidAlgorithmParameterException e) { Log.e(TAG, String.format( Locale.US, "Could not init Cipher to unwrap recoverable key with alias '%s'", alias), e); continue; } SecretKey key; try { key = (SecretKey) cipher.unwrap( Loading
