diff options
| author | 2024-02-17 17:15:21 +0000 | |
|---|---|---|
| committer | 2024-06-13 15:24:52 +0000 | |
| commit | 25267180ea1bdab5f49c7c596bb1a87e09a249be (patch) | |
| tree | 598fa40bead90fbe29b9fe1031d5632d8486fef0 | |
| parent | 5215c608b5bdcf45d7cf627aec2643e44249f013 (diff) | |
Add support for GET_ATTESTATION_APPLICATION_ID_FAILED error code
We add this error for AAID in cases where keystore2 returns an error for
failing to get AAID. We are explicitly failing here, but that is a
transient error we expect the client to re-try. We return this error to
indicate to the caller that we should retry this call before failing
completely. This stops attestation from happening without the calling
application's identity.
Test: atest CtsKeystoreTestCases
Test: atest keystore2_test
Bug: 291583874
Change-Id: Ieaee2ddda124fe2b23baf3c318f4eece0b718f05
| -rw-r--r-- | Android.bp | 2 | ||||
| -rw-r--r-- | keystore/java/android/security/KeyStoreException.java | 3 |
2 files changed, 4 insertions, 1 deletions
diff --git a/Android.bp b/Android.bp index 900fba03daa7..f0f11c1b300d 100644 --- a/Android.bp +++ b/Android.bp @@ -113,7 +113,7 @@ filegroup { ":android.security.legacykeystore-java-source", ":android.security.maintenance-java-source", ":android.security.metrics-java-source", - ":android.system.keystore2-V3-java-source", + ":android.system.keystore2-V4-java-source", ":android.hardware.cas-V1-java-source", ":credstore_aidl", ":dumpstate_aidl", diff --git a/keystore/java/android/security/KeyStoreException.java b/keystore/java/android/security/KeyStoreException.java index 5825facee021..eea5690dddf1 100644 --- a/keystore/java/android/security/KeyStoreException.java +++ b/keystore/java/android/security/KeyStoreException.java @@ -679,6 +679,9 @@ public class KeyStoreException extends Exception { sErrorCodeToFailureInfo.put(ResponseCode.OUT_OF_KEYS_REQUIRES_SYSTEM_UPGRADE, new PublicErrorInformation(IS_SYSTEM_ERROR | IS_TRANSIENT_ERROR, ERROR_DEVICE_REQUIRES_UPGRADE_FOR_ATTESTATION)); + sErrorCodeToFailureInfo.put(ResponseCode.GET_ATTESTATION_APPLICATION_ID_FAILED, + new PublicErrorInformation(IS_SYSTEM_ERROR | IS_TRANSIENT_ERROR, + ERROR_INTERNAL_SYSTEM_ERROR)); sErrorCodeToFailureInfo.put(ResponseCode.OUT_OF_KEYS_PENDING_INTERNET_CONNECTIVITY, new PublicErrorInformation(IS_SYSTEM_ERROR | IS_TRANSIENT_ERROR, ERROR_ATTESTATION_KEYS_UNAVAILABLE)); |