Merge "Fix minor documentation issues in RecoveryController"

package android.security.keystore.recovery;

/**

 * Error thrown when the recovery agent supplies an invalid X509 certificate.

 *

 * @deprecated Not used.

 * @hide

 * Deprecated

 */

public class BadCertificateFormatException extends RecoveryControllerException {

    public BadCertificateFormatException(String msg) {

import android.annotation.SystemApi;

import java.security.GeneralSecurityException;

/**

 * An error thrown when something went wrong internally in the recovery service.

 *

 * After that number of incorrect guesses, the trusted hardware no longer allows access to the

 * key chain.

 *

 * <p>For now only the recovery agent itself is able to create keys, so it is expected that the

 * recovery agent is itself the system app.

 * <p>Only the recovery agent itself is able to create keys, so it is expected that the recovery

 * agent is itself the system app.

 *

 * <p>A recovery agent requires the privileged permission

 * {@code android.Manifest.permission#RECOVER_KEYSTORE}.

import java.security.GeneralSecurityException;

/**

 * Base exception for errors thrown by {@link RecoveryController}.

 *

 * @deprecated Not used.

 * @hide

 * Deprecated

 */

public abstract class RecoveryControllerException extends GeneralSecurityException {

    RecoveryControllerException() { }

    }

    /**

     * A new session, started by {@code recoveryManager}.

     * A new session, started by the {@link RecoveryController}.

     */

    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)

    static RecoverySession newInstance(RecoveryController recoveryController) {

    }

    /**

     * Starts a recovery session and returns a blob with proof of recovery secret possession.

     * The method generates a symmetric key for a session, which trusted remote device can use to

     * return recovery key.

     *

     * @param verifierPublicKey Encoded {@code java.security.cert.X509Certificate} with Public key

     *     used to create the recovery blob on the source device.

     *     Keystore will verify the certificate using root of trust.

     * @param vaultParams Must match the parameters in the corresponding field in the recovery blob.

     *     Used to limit number of guesses.

     * @param vaultChallenge Data passed from server for this recovery session and used to prevent

     *     replay attacks

     * @param secrets Secrets provided by user, the method only uses type and secret fields.

     * @return The recovery claim. Claim provides a b binary blob with recovery claim. It is

     *     encrypted with verifierPublicKey and contains a proof of user secrets, session symmetric

     *     key and parameters necessary to identify the counter with the number of failed recovery

     *     attempts.

     * @throws CertificateException if the {@code verifierPublicKey} is in an incorrect

     *     format.

     * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery

     *     service.

     * @deprecated Use {@link #start(CertPath, byte[], byte[], List)} instead.

     * @removed

     */

     * @param vaultParams Must match the parameters in the corresponding field in the recovery blob.

     *     Used to limit number of guesses.

     * @param vaultChallenge Data passed from server for this recovery session and used to prevent

     *     replay attacks

     *     replay attacks.

     * @param secrets Secrets provided by user, the method only uses type and secret fields.

     * @return The recovery claim. Claim provides a b binary blob with recovery claim. It is

     *     encrypted with verifierPublicKey and contains a proof of user secrets, session symmetric