diff options
6 files changed, 3 insertions, 67 deletions
diff --git a/api/system-current.txt b/api/system-current.txt index 137c3db9dcda..fa323830bd40 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -4318,7 +4318,6 @@ package android.security.keystore.recovery { method public int getUserSecretType(); method public void writeToParcel(android.os.Parcel, int); field public static final android.os.Parcelable.Creator<android.security.keystore.recovery.KeyChainProtectionParams> CREATOR; - field public static final int TYPE_CUSTOM_PASSWORD = 101; // 0x65 field public static final int TYPE_LOCKSCREEN = 100; // 0x64 field public static final int UI_FORMAT_PASSWORD = 2; // 0x2 field public static final int UI_FORMAT_PATTERN = 3; // 0x3 @@ -4373,7 +4372,6 @@ package android.security.keystore.recovery { method public static android.security.keystore.recovery.RecoveryController getInstance(android.content.Context); method public java.security.Key getKey(java.lang.String) throws android.security.keystore.recovery.InternalRecoveryServiceException, java.security.UnrecoverableKeyException; method public android.security.keystore.recovery.KeyChainSnapshot getKeyChainSnapshot() throws android.security.keystore.recovery.InternalRecoveryServiceException; - method public int[] getPendingRecoverySecretTypes() throws android.security.keystore.recovery.InternalRecoveryServiceException; method public deprecated android.security.keystore.recovery.KeyChainSnapshot getRecoveryData() throws android.security.keystore.recovery.InternalRecoveryServiceException; method public int[] getRecoverySecretTypes() throws android.security.keystore.recovery.InternalRecoveryServiceException; method public deprecated int getRecoveryStatus(java.lang.String, java.lang.String) throws android.security.keystore.recovery.InternalRecoveryServiceException; @@ -4382,7 +4380,6 @@ package android.security.keystore.recovery { method public java.security.Key importKey(java.lang.String, byte[]) throws android.security.keystore.recovery.InternalRecoveryServiceException, android.security.keystore.recovery.LockScreenRequiredException; method public deprecated void initRecoveryService(java.lang.String, byte[]) throws java.security.cert.CertificateException, android.security.keystore.recovery.InternalRecoveryServiceException; method public void initRecoveryService(java.lang.String, byte[], byte[]) throws java.security.cert.CertificateException, android.security.keystore.recovery.InternalRecoveryServiceException; - method public void recoverySecretAvailable(android.security.keystore.recovery.KeyChainProtectionParams) throws android.security.keystore.recovery.InternalRecoveryServiceException; method public void removeKey(java.lang.String) throws android.security.keystore.recovery.InternalRecoveryServiceException; method public void setRecoverySecretTypes(int[]) throws android.security.keystore.recovery.InternalRecoveryServiceException; method public deprecated void setRecoveryStatus(java.lang.String, java.lang.String, int) throws android.security.keystore.recovery.InternalRecoveryServiceException, android.content.pm.PackageManager.NameNotFoundException; diff --git a/core/java/android/security/keystore/recovery/KeyChainProtectionParams.java b/core/java/android/security/keystore/recovery/KeyChainProtectionParams.java index 3d3b6d565577..d42424e61030 100644 --- a/core/java/android/security/keystore/recovery/KeyChainProtectionParams.java +++ b/core/java/android/security/keystore/recovery/KeyChainProtectionParams.java @@ -52,7 +52,7 @@ import java.util.Arrays; public final class KeyChainProtectionParams implements Parcelable { /** @hide */ @Retention(RetentionPolicy.SOURCE) - @IntDef(prefix = {"TYPE_"}, value = {TYPE_LOCKSCREEN, TYPE_CUSTOM_PASSWORD}) + @IntDef(prefix = {"TYPE_"}, value = {TYPE_LOCKSCREEN}) public @interface UserSecretType { } @@ -61,11 +61,6 @@ public final class KeyChainProtectionParams implements Parcelable { */ public static final int TYPE_LOCKSCREEN = 100; - /** - * Custom passphrase, unrelated to lock screen, is required to recover KeyStore. - */ - public static final int TYPE_CUSTOM_PASSWORD = 101; - /** @hide */ @Retention(RetentionPolicy.SOURCE) @IntDef(prefix = {"UI_FORMAT_"}, value = {UI_FORMAT_PIN, UI_FORMAT_PASSWORD, UI_FORMAT_PATTERN}) @@ -120,7 +115,6 @@ public final class KeyChainProtectionParams implements Parcelable { /** * @see TYPE_LOCKSCREEN - * @see TYPE_CUSTOM_PASSWORD */ public @UserSecretType int getUserSecretType() { return mUserSecretType; @@ -166,7 +160,6 @@ public final class KeyChainProtectionParams implements Parcelable { * Sets user secret type. * * @see TYPE_LOCKSCREEN - * @see TYPE_CUSTOM_PASSWORD * @param userSecretType The secret type * @return This builder. */ diff --git a/core/java/android/security/keystore/recovery/RecoveryController.java b/core/java/android/security/keystore/recovery/RecoveryController.java index 503387aa154e..604156145f1c 100644 --- a/core/java/android/security/keystore/recovery/RecoveryController.java +++ b/core/java/android/security/keystore/recovery/RecoveryController.java @@ -410,8 +410,7 @@ public class RecoveryController { * Specifies a set of secret types used for end-to-end keystore encryption. Knowing all of them * is necessary to recover data. * - * @param secretTypes {@link KeyChainProtectionParams#TYPE_LOCKSCREEN} or {@link - * KeyChainProtectionParams#TYPE_CUSTOM_PASSWORD} + * @param secretTypes {@link KeyChainProtectionParams#TYPE_LOCKSCREEN} * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery * service. */ @@ -450,51 +449,6 @@ public class RecoveryController { } /** - * Returns a list of recovery secret types, necessary to create a pending recovery snapshot. - * When user enters a secret of a pending type {@link #recoverySecretAvailable} should be - * called. - * - * @return list of recovery secret types - * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery - * service. - */ - @NonNull - @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE) - public @KeyChainProtectionParams.UserSecretType int[] getPendingRecoverySecretTypes() - throws InternalRecoveryServiceException { - try { - return mBinder.getPendingRecoverySecretTypes(); - } catch (RemoteException e) { - throw e.rethrowFromSystemServer(); - } catch (ServiceSpecificException e) { - throw wrapUnexpectedServiceSpecificException(e); - } - } - - /** - * Method notifies KeyStore that a user-generated secret is available. This method generates a - * symmetric session key which a trusted remote device can use to return a recovery key. Caller - * should use {@link KeyChainProtectionParams#clearSecret} to override the secret value in - * memory. - * - * @param recoverySecret user generated secret together with parameters necessary to regenerate - * it on a new device. - * @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery - * service. - */ - @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE) - public void recoverySecretAvailable(@NonNull KeyChainProtectionParams recoverySecret) - throws InternalRecoveryServiceException { - try { - mBinder.recoverySecretAvailable(recoverySecret); - } catch (RemoteException e) { - throw e.rethrowFromSystemServer(); - } catch (ServiceSpecificException e) { - throw wrapUnexpectedServiceSpecificException(e); - } - } - - /** * Deprecated. * Generates a AES256/GCM/NoPADDING key called {@code alias} and loads it into the recoverable * key store. Returns the raw material of the key. diff --git a/core/java/com/android/internal/widget/ILockSettings.aidl b/core/java/com/android/internal/widget/ILockSettings.aidl index bec70fd1d5a1..bff34ca23956 100644 --- a/core/java/com/android/internal/widget/ILockSettings.aidl +++ b/core/java/com/android/internal/widget/ILockSettings.aidl @@ -74,7 +74,6 @@ interface ILockSettings { void setRecoverySecretTypes(in int[] secretTypes); int[] getRecoverySecretTypes(); int[] getPendingRecoverySecretTypes(); - void recoverySecretAvailable(in KeyChainProtectionParams recoverySecret); byte[] startRecoverySession(in String sessionId, in byte[] verifierPublicKey, in byte[] vaultParams, in byte[] vaultChallenge, in List<KeyChainProtectionParams> secrets); diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java index a87a11330ab6..b5eb8bf3e2a7 100644 --- a/services/core/java/com/android/server/locksettings/LockSettingsService.java +++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java @@ -2033,13 +2033,7 @@ public class LockSettingsService extends ILockSettings.Stub { public int[] getPendingRecoverySecretTypes() throws RemoteException { throw new SecurityException("Not implemented"); } - - @Override - public void recoverySecretAvailable(@NonNull KeyChainProtectionParams recoverySecret) - throws RemoteException { - mRecoverableKeyStoreManager.recoverySecretAvailable(recoverySecret); - } - + @Override public byte[] startRecoverySession(@NonNull String sessionId, @NonNull byte[] verifierPublicKey, @NonNull byte[] vaultParams, diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/storage/RecoverableKeyStoreDbContract.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/storage/RecoverableKeyStoreDbContract.java index bda2ed39f09e..2c3d3ab5be4d 100644 --- a/services/core/java/com/android/server/locksettings/recoverablekeystore/storage/RecoverableKeyStoreDbContract.java +++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/storage/RecoverableKeyStoreDbContract.java @@ -160,7 +160,6 @@ class RecoverableKeyStoreDbContract { /** * Type of secret used to generate recovery key. One of * {@link android.security.keystore.recovery.KeyChainProtectionParams#TYPE_LOCKSCREEN} or - * {@link android.security.keystore.recovery.KeyChainProtectionParams#TYPE_CUSTOM_PASSWORD}. */ static final String COLUMN_NAME_SECRET_TYPE = "secret_type"; |