Loading keystore/java/android/security/KeyStore.java +2 −7 Original line number Diff line number Diff line Loading @@ -17,7 +17,6 @@ package android.security; import android.compat.annotation.UnsupportedAppUsage; import android.os.Build; import android.os.StrictMode; /** Loading @@ -30,10 +29,6 @@ import android.os.StrictMode; */ public class KeyStore { // ResponseCodes - see system/security/keystore/include/keystore/keystore.h @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) public static final int NO_ERROR = 1; // Used for UID field to indicate the calling UID. public static final int UID_SELF = -1; Loading @@ -48,8 +43,8 @@ public class KeyStore { * Add an authentication record to the keystore authorization table. * * @param authToken The packed bytes of a hw_auth_token_t to be provided to keymaster. * @return {@code KeyStore.NO_ERROR} on success, otherwise an error value corresponding to * a {@code KeymasterDefs.KM_ERROR_} value or {@code KeyStore} ResponseCode. * @return 0 on success, otherwise an error value corresponding to a * {@code KeymasterDefs.KM_ERROR_} value or {@code KeyStore} ResponseCode. */ public int addAuthToken(byte[] authToken) { StrictMode.noteDiskWrite(); Loading keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java +6 −8 Original line number Diff line number Diff line Loading @@ -359,7 +359,6 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor } catch (KeyStoreException keyStoreException) { GeneralSecurityException e = KeyStoreCryptoOperationUtils.getExceptionForCipherInit( mKey, keyStoreException); if (e != null) { if (e instanceof InvalidKeyException) { throw (InvalidKeyException) e; } else if (e instanceof InvalidAlgorithmParameterException) { Loading @@ -368,7 +367,6 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor throw new ProviderException("Unexpected exception type", e); } } } // Now we check if we got an operation challenge. This indicates that user authorization // is required. And if we got a challenge we check if the authorization can possibly Loading keystore/java/android/security/keystore2/KeyStoreCryptoOperationUtils.java +1 −7 Original line number Diff line number Diff line Loading @@ -20,7 +20,6 @@ import android.app.ActivityThread; import android.hardware.biometrics.BiometricManager; import android.hardware.security.keymint.ErrorCode; import android.security.GateKeeper; import android.security.KeyStore; import android.security.KeyStoreException; import android.security.KeyStoreOperation; import android.security.keymaster.KeymasterDefs; Loading Loading @@ -131,15 +130,10 @@ abstract class KeyStoreCryptoOperationUtils { /** * Returns the exception to be thrown by the {@code Cipher.init} method of the crypto operation * in response to {@code KeyStore.begin} operation or {@code null} if the {@code init} method * should succeed. * in response to a failed {code IKeystoreSecurityLevel#createOperation()}. */ public static GeneralSecurityException getExceptionForCipherInit( AndroidKeyStoreKey key, KeyStoreException e) { if (e.getErrorCode() == KeyStore.NO_ERROR) { return null; } // Cipher-specific cases switch (e.getErrorCode()) { case KeymasterDefs.KM_ERROR_INVALID_NONCE: Loading services/core/java/com/android/server/biometrics/sensors/AuthenticationClient.java +2 −2 Original line number Diff line number Diff line Loading @@ -256,10 +256,10 @@ public abstract class AuthenticationClient<T, O extends AuthenticateOptions> // For BP, BiometricService will add the authToken to Keystore. if (!isBiometricPrompt() && mIsStrongBiometric) { final int result = KeyStore.getInstance().addAuthToken(byteToken); if (result != KeyStore.NO_ERROR) { if (result != 0) { Slog.d(TAG, "Error adding auth token : " + result); } else { Slog.d(TAG, "addAuthToken: " + result); Slog.d(TAG, "addAuthToken succeeded"); } } else { Slog.d(TAG, "Skipping addAuthToken"); Loading Loading
keystore/java/android/security/KeyStore.java +2 −7 Original line number Diff line number Diff line Loading @@ -17,7 +17,6 @@ package android.security; import android.compat.annotation.UnsupportedAppUsage; import android.os.Build; import android.os.StrictMode; /** Loading @@ -30,10 +29,6 @@ import android.os.StrictMode; */ public class KeyStore { // ResponseCodes - see system/security/keystore/include/keystore/keystore.h @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) public static final int NO_ERROR = 1; // Used for UID field to indicate the calling UID. public static final int UID_SELF = -1; Loading @@ -48,8 +43,8 @@ public class KeyStore { * Add an authentication record to the keystore authorization table. * * @param authToken The packed bytes of a hw_auth_token_t to be provided to keymaster. * @return {@code KeyStore.NO_ERROR} on success, otherwise an error value corresponding to * a {@code KeymasterDefs.KM_ERROR_} value or {@code KeyStore} ResponseCode. * @return 0 on success, otherwise an error value corresponding to a * {@code KeymasterDefs.KM_ERROR_} value or {@code KeyStore} ResponseCode. */ public int addAuthToken(byte[] authToken) { StrictMode.noteDiskWrite(); Loading
keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java +6 −8 Original line number Diff line number Diff line Loading @@ -359,7 +359,6 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor } catch (KeyStoreException keyStoreException) { GeneralSecurityException e = KeyStoreCryptoOperationUtils.getExceptionForCipherInit( mKey, keyStoreException); if (e != null) { if (e instanceof InvalidKeyException) { throw (InvalidKeyException) e; } else if (e instanceof InvalidAlgorithmParameterException) { Loading @@ -368,7 +367,6 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor throw new ProviderException("Unexpected exception type", e); } } } // Now we check if we got an operation challenge. This indicates that user authorization // is required. And if we got a challenge we check if the authorization can possibly Loading
keystore/java/android/security/keystore2/KeyStoreCryptoOperationUtils.java +1 −7 Original line number Diff line number Diff line Loading @@ -20,7 +20,6 @@ import android.app.ActivityThread; import android.hardware.biometrics.BiometricManager; import android.hardware.security.keymint.ErrorCode; import android.security.GateKeeper; import android.security.KeyStore; import android.security.KeyStoreException; import android.security.KeyStoreOperation; import android.security.keymaster.KeymasterDefs; Loading Loading @@ -131,15 +130,10 @@ abstract class KeyStoreCryptoOperationUtils { /** * Returns the exception to be thrown by the {@code Cipher.init} method of the crypto operation * in response to {@code KeyStore.begin} operation or {@code null} if the {@code init} method * should succeed. * in response to a failed {code IKeystoreSecurityLevel#createOperation()}. */ public static GeneralSecurityException getExceptionForCipherInit( AndroidKeyStoreKey key, KeyStoreException e) { if (e.getErrorCode() == KeyStore.NO_ERROR) { return null; } // Cipher-specific cases switch (e.getErrorCode()) { case KeymasterDefs.KM_ERROR_INVALID_NONCE: Loading
services/core/java/com/android/server/biometrics/sensors/AuthenticationClient.java +2 −2 Original line number Diff line number Diff line Loading @@ -256,10 +256,10 @@ public abstract class AuthenticationClient<T, O extends AuthenticateOptions> // For BP, BiometricService will add the authToken to Keystore. if (!isBiometricPrompt() && mIsStrongBiometric) { final int result = KeyStore.getInstance().addAuthToken(byteToken); if (result != KeyStore.NO_ERROR) { if (result != 0) { Slog.d(TAG, "Error adding auth token : " + result); } else { Slog.d(TAG, "addAuthToken: " + result); Slog.d(TAG, "addAuthToken succeeded"); } } else { Slog.d(TAG, "Skipping addAuthToken"); Loading
