Loading core/java/android/security/recoverablekeystore/KeyEntryRecoveryData.java +16 −18 Original line number Diff line number Diff line Loading @@ -22,7 +22,6 @@ import android.os.Parcelable; import com.android.internal.util.Preconditions; /** * Helper class with data necessary recover a single application key, given a recovery key. * Loading @@ -37,26 +36,25 @@ import com.android.internal.util.Preconditions; * @hide */ public final class KeyEntryRecoveryData implements Parcelable { private final byte[] mAlias; private final String mAlias; // The only supported format is AES-256 symmetric key. private final byte[] mEncryptedKeyMaterial; public KeyEntryRecoveryData(@NonNull byte[] alias, @NonNull byte[] encryptedKeyMaterial) { public KeyEntryRecoveryData(@NonNull String alias, @NonNull byte[] encryptedKeyMaterial) { mAlias = Preconditions.checkNotNull(alias); mEncryptedKeyMaterial = Preconditions.checkNotNull(encryptedKeyMaterial); } /** * Application-specific alias of the key. * * @see java.security.KeyStore.aliases */ public @NonNull byte[] getAlias() { public @NonNull String getAlias() { return mAlias; } /** * Encrypted key material encrypted by recovery key. */ /** Encrypted key material encrypted by recovery key. */ public @NonNull byte[] getEncryptedKeyMaterial() { return mEncryptedKeyMaterial; } Loading @@ -74,12 +72,12 @@ public final class KeyEntryRecoveryData implements Parcelable { @Override public void writeToParcel(Parcel out, int flags) { out.writeByteArray(mAlias); out.writeString(mAlias); out.writeByteArray(mEncryptedKeyMaterial); } protected KeyEntryRecoveryData(Parcel in) { mAlias = in.createByteArray(); mAlias = in.readString(); mEncryptedKeyMaterial = in.createByteArray(); } Loading services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncTask.java +1 −1 Original line number Diff line number Diff line Loading @@ -342,7 +342,7 @@ public class KeySyncTask implements Runnable { for (String alias : encryptedApplicationKeys.keySet()) { keyEntries.add( new KeyEntryRecoveryData( alias.getBytes(StandardCharsets.UTF_8), alias, encryptedApplicationKeys.get(alias))); } return keyEntries; Loading services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java +1 −1 Original line number Diff line number Diff line Loading @@ -466,7 +466,7 @@ public class RecoverableKeyStoreManager { @NonNull List<KeyEntryRecoveryData> applicationKeys) throws RemoteException { HashMap<String, byte[]> keyMaterialByAlias = new HashMap<>(); for (KeyEntryRecoveryData applicationKey : applicationKeys) { String alias = new String(applicationKey.getAlias(), StandardCharsets.UTF_8); String alias = applicationKey.getAlias(); byte[] encryptedKeyMaterial = applicationKey.getEncryptedKeyMaterial(); try { Loading services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncTaskTest.java +1 −1 Original line number Diff line number Diff line Loading @@ -296,7 +296,7 @@ public class KeySyncTaskTest { List<KeyEntryRecoveryData> applicationKeys = recoveryData.getApplicationKeyBlobs(); assertEquals(1, applicationKeys.size()); KeyEntryRecoveryData keyData = applicationKeys.get(0); assertArrayEquals(TEST_APP_KEY_ALIAS.getBytes(StandardCharsets.UTF_8), keyData.getAlias()); assertEquals(TEST_APP_KEY_ALIAS, keyData.getAlias()); byte[] appKey = KeySyncUtils.decryptApplicationKey( recoveryKey, keyData.getEncryptedKeyMaterial()); assertArrayEquals(applicationKey.getEncoded(), appKey); Loading services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java +3 −3 Original line number Diff line number Diff line Loading @@ -306,7 +306,7 @@ public class RecoverableKeyStoreManagerTest { TEST_SESSION_ID, /*recoveryKeyBlob=*/ randomBytes(32), /*applicationKeys=*/ ImmutableList.of( new KeyEntryRecoveryData(getUtf8Bytes("alias"), randomBytes(32)) new KeyEntryRecoveryData("alias", randomBytes(32)) )); fail("should have thrown"); } catch (ServiceSpecificException e) { Loading Loading @@ -356,7 +356,7 @@ public class RecoverableKeyStoreManagerTest { byte[] encryptedClaimResponse = encryptClaimResponse( keyClaimant, TEST_SECRET, TEST_VAULT_PARAMS, recoveryKey); KeyEntryRecoveryData badApplicationKey = new KeyEntryRecoveryData( TEST_ALIAS.getBytes(StandardCharsets.UTF_8), TEST_ALIAS, randomBytes(32)); try { Loading Loading @@ -389,7 +389,7 @@ public class RecoverableKeyStoreManagerTest { keyClaimant, TEST_SECRET, TEST_VAULT_PARAMS, recoveryKey); byte[] applicationKeyBytes = randomBytes(32); KeyEntryRecoveryData applicationKey = new KeyEntryRecoveryData( TEST_ALIAS.getBytes(StandardCharsets.UTF_8), TEST_ALIAS, encryptedApplicationKey(recoveryKey, applicationKeyBytes)); Map<String, byte[]> recoveredKeys = mRecoverableKeyStoreManager.recoverKeys( Loading Loading
core/java/android/security/recoverablekeystore/KeyEntryRecoveryData.java +16 −18 Original line number Diff line number Diff line Loading @@ -22,7 +22,6 @@ import android.os.Parcelable; import com.android.internal.util.Preconditions; /** * Helper class with data necessary recover a single application key, given a recovery key. * Loading @@ -37,26 +36,25 @@ import com.android.internal.util.Preconditions; * @hide */ public final class KeyEntryRecoveryData implements Parcelable { private final byte[] mAlias; private final String mAlias; // The only supported format is AES-256 symmetric key. private final byte[] mEncryptedKeyMaterial; public KeyEntryRecoveryData(@NonNull byte[] alias, @NonNull byte[] encryptedKeyMaterial) { public KeyEntryRecoveryData(@NonNull String alias, @NonNull byte[] encryptedKeyMaterial) { mAlias = Preconditions.checkNotNull(alias); mEncryptedKeyMaterial = Preconditions.checkNotNull(encryptedKeyMaterial); } /** * Application-specific alias of the key. * * @see java.security.KeyStore.aliases */ public @NonNull byte[] getAlias() { public @NonNull String getAlias() { return mAlias; } /** * Encrypted key material encrypted by recovery key. */ /** Encrypted key material encrypted by recovery key. */ public @NonNull byte[] getEncryptedKeyMaterial() { return mEncryptedKeyMaterial; } Loading @@ -74,12 +72,12 @@ public final class KeyEntryRecoveryData implements Parcelable { @Override public void writeToParcel(Parcel out, int flags) { out.writeByteArray(mAlias); out.writeString(mAlias); out.writeByteArray(mEncryptedKeyMaterial); } protected KeyEntryRecoveryData(Parcel in) { mAlias = in.createByteArray(); mAlias = in.readString(); mEncryptedKeyMaterial = in.createByteArray(); } Loading
services/core/java/com/android/server/locksettings/recoverablekeystore/KeySyncTask.java +1 −1 Original line number Diff line number Diff line Loading @@ -342,7 +342,7 @@ public class KeySyncTask implements Runnable { for (String alias : encryptedApplicationKeys.keySet()) { keyEntries.add( new KeyEntryRecoveryData( alias.getBytes(StandardCharsets.UTF_8), alias, encryptedApplicationKeys.get(alias))); } return keyEntries; Loading
services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java +1 −1 Original line number Diff line number Diff line Loading @@ -466,7 +466,7 @@ public class RecoverableKeyStoreManager { @NonNull List<KeyEntryRecoveryData> applicationKeys) throws RemoteException { HashMap<String, byte[]> keyMaterialByAlias = new HashMap<>(); for (KeyEntryRecoveryData applicationKey : applicationKeys) { String alias = new String(applicationKey.getAlias(), StandardCharsets.UTF_8); String alias = applicationKey.getAlias(); byte[] encryptedKeyMaterial = applicationKey.getEncryptedKeyMaterial(); try { Loading
services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncTaskTest.java +1 −1 Original line number Diff line number Diff line Loading @@ -296,7 +296,7 @@ public class KeySyncTaskTest { List<KeyEntryRecoveryData> applicationKeys = recoveryData.getApplicationKeyBlobs(); assertEquals(1, applicationKeys.size()); KeyEntryRecoveryData keyData = applicationKeys.get(0); assertArrayEquals(TEST_APP_KEY_ALIAS.getBytes(StandardCharsets.UTF_8), keyData.getAlias()); assertEquals(TEST_APP_KEY_ALIAS, keyData.getAlias()); byte[] appKey = KeySyncUtils.decryptApplicationKey( recoveryKey, keyData.getEncryptedKeyMaterial()); assertArrayEquals(applicationKey.getEncoded(), appKey); Loading
services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java +3 −3 Original line number Diff line number Diff line Loading @@ -306,7 +306,7 @@ public class RecoverableKeyStoreManagerTest { TEST_SESSION_ID, /*recoveryKeyBlob=*/ randomBytes(32), /*applicationKeys=*/ ImmutableList.of( new KeyEntryRecoveryData(getUtf8Bytes("alias"), randomBytes(32)) new KeyEntryRecoveryData("alias", randomBytes(32)) )); fail("should have thrown"); } catch (ServiceSpecificException e) { Loading Loading @@ -356,7 +356,7 @@ public class RecoverableKeyStoreManagerTest { byte[] encryptedClaimResponse = encryptClaimResponse( keyClaimant, TEST_SECRET, TEST_VAULT_PARAMS, recoveryKey); KeyEntryRecoveryData badApplicationKey = new KeyEntryRecoveryData( TEST_ALIAS.getBytes(StandardCharsets.UTF_8), TEST_ALIAS, randomBytes(32)); try { Loading Loading @@ -389,7 +389,7 @@ public class RecoverableKeyStoreManagerTest { keyClaimant, TEST_SECRET, TEST_VAULT_PARAMS, recoveryKey); byte[] applicationKeyBytes = randomBytes(32); KeyEntryRecoveryData applicationKey = new KeyEntryRecoveryData( TEST_ALIAS.getBytes(StandardCharsets.UTF_8), TEST_ALIAS, encryptedApplicationKey(recoveryKey, applicationKeyBytes)); Map<String, byte[]> recoveredKeys = mRecoverableKeyStoreManager.recoverKeys( Loading
